function register_user()
{
global $db;
try {
$user = $_POST['user'];
$name = $_POST['name'];
$email = $_POST['email'];
$hashPass = $_POST['pass'];
$confirmationPass = $_POST['confPass'];
if ($confirmationPass != $hashPass) {
$msg = "Passwords don't match";
return $msg;
} else {
if (!check_user_name($user)) {
$msg = "Only letters and numbers allowed for UserName";
return $msg;
} else {
if (!check_name($name)) {
$msg = "Only letters and white space allowed for Name";
return $msg;
} else {
if (!check_email_exists($email)) {
$msg = "E-mail already used";
return $msg;
} else {
if (!check_user($user)) {
$msg = "Username already taken, please choose another";
return $msg;
} else {
$pass = md5($hashPass);
$ins = $db->prepare('INSERT INTO User (user,name,email,password) Values (?, ?, ?, ?)');
$ins->execute(array($user, $name, $email, $pass));
return send_email($email, $name);
}
}
}
}
}
} catch (PDOException $e) {
echo $e->getMessage();
}
}
3. 对于get方式,服务器端用Request.QueryString获取变量的值,对于post方式,服务器端用Request.Form获取提交的数据。
4. get传送的数据量较小,不能大于2KB。post传送的数据量较大,一般被默认为不受限制。但理论上,IIS4中最大量为80KB,IIS5中为100KB。
5. get安全性非常低,post安全性较高。但是执行效率却比Post方法好。
建议:
1、get方式的安全性较Post方式要差些,包含机密信息的话,建议用Post数据提交方式;
2、在做数据查询时,建议用Get方式;而在做数据添加、修改或删除时,建议用Post方式;*/
$password = trim($_POST['password']);
$password_again = trim($_POST['password_again']);
//返回字符串去除首尾空白字符后的结果
$mobile = trim($_POST['mobile']);
$email = handle_user_post_string($_POST['email']);
$has_error = FALSE;
$errors = [];
//check name
$check_user_name_result = check_user_name($name, $medoo);
if ($check_user_name_result[0]) {
$has_error = TRUE;
array_push($errors, $check_user_name_result[1]);
}
//check password
$check_user_password_result = check_user_password($password, $password_again);
if ($check_user_password_result[0]) {
$has_error = TRUE;
array_push($errors, $check_user_password_result[1]);
}
//check mobile
$check_user_mobile_result = check_user_mobile($mobile, $medoo);
if ($check_user_mobile_result[0]) {
$has_error = TRUE;
array_push($errors, $check_user_mobile_result[1]);