您的位置: 首页  >  技术问答  >  Mysql PDO转换验证

Mysql PDO转换验证

分类: 技术问答 2022-03-19 10:49:01

Mysql PDO转换验证

问题描述:

I am completely new to PDO and I am trying to convert my register page, I am able to get the info in the database but I fell I am making it more complicated then it needs to be. DO I need the 2 sets of POST in each function?

also my echo validation errors conflicts with the EXCEPTION in the create function.

I have a register function and I call it by using the following on my register page 

<?php validate_register();?>

This is my validate register code

/* Validate register */

function validate_register(){

    $errors = [];

    $min = 3;
    $max = 20;

    if(isset($_POST['signupBtn'])){      

        $email = $_POST['email'];
        $username = $_POST['username'];
        $birthdate = $_POST['birthdate'];
        $password = $_POST['password'];

        if (empty($email)) {
            $errors[] = "Email Address Required.";
        }

        if (empty($username)) {
            $errors[] = "Userame Required.";
        }

        if (empty($birthdate)) {
            $errors[] = "Date of Birth Required.";
        }

        if (empty($password)) {
            $errors[] = "Password Required.";
        }

        if (! empty($errors)) {

            echo validation_errors($errors[0]);

        } else {

            if (create_user($email, $username, $birthdate, $password)) {

                set_message('Please check your email for account Information.');

                redirect ("index.php");
            }
        }
    }
}

and if the validation passes it creates user

/* create user  */

function create_user($email, $username, $birthdate, $password){

    $email = $_POST['email'];
    $username = $_POST['username'];
    $birthdate = $_POST['birthdate'];
    $password = $_POST['password'];

    $hashed_password = password_hash($password, PASSWORD_DEFAULT);


    try {

        $sqlInsert = "INSERT INTO users (email, username, birthdate, password)
                  VALUES(:email, :username, :birthdate, :password)";

        $stmt = $db->prepare($sqlInsert);
        $stmt->execute(array(':email' =>$email, ':username' => $username, ':birthdate' => $birthdate, ':password' => $hashed_password));

        if ($stmt->rowCount() == 1) {

            return true;
        }


    }catch (PDOException $e){

        $result = $e->getMessage();
    }
}

You don't have to reassign the $_POST again in create_user since you are passing them into the function from the validate_register function:

validate_register()

function validate_register(){
    $errors = [];
    $min = 3;
    $max = 20;

    if(isset($_POST['signupBtn'])){      
        # Just setting here is fine like you have
        $email = $_POST['email'];
        $username = $_POST['username'];
        $birthdate = $_POST['birthdate'];
        $password = $_POST['password'];

    ...etc.

create_user()

function create_user($email, $username, $birthdate, $password){
    ################################################################
    # As noted, remove this section because you have set them in the 
    # parameters and passed them from the previous function. As long
    # as they are in the same order when you pass them, you're good
    ################################################################

    $hashed_password = password_hash($password, PASSWORD_DEFAULT);

    try {

        $sqlInsert = "INSERT INTO users (email, username, birthdate, password)
                  VALUES(:email, :username, :birthdate, :password)";

        $stmt = $db->prepare($sqlInsert);
        $stmt->execute(array(':email' =>$email, ':username' => $username, ':birthdate' => $birthdate, ':password' => $hashed_password));

        if ($stmt->rowCount() == 1) {
            return true;
        }
    }catch (PDOException $e){

        $result = $e->getMessage();
    }
}

相关推荐