exit('不要非法注册!'); } //为了防止恶意注册,跨站攻击 _check_code($_POST['code'], $_SESSION['code']); //引入验证文件 include ROOT_PATH . 'includes/check.func.php'; //创建一个空数组,用来存放提交过来的合法数据 $_clean = array(); //可以通过唯一标识符来防止恶意注册,伪装表单跨站攻击等 //这个存放入数据库的唯一标识符还有第二个用处,就是登陆cookie的验证 $_clean['uniqid'] = _check_uniqid($_POST['uniqid'], $_SESSION['uniqid']); //active也是一个唯一标识符,用来刚注册的用户进行激活处理,方可登陆 $_clean['active'] = _sha1_uniqid(); $_clean['username'] = _check_username($_POST['username']); $_clean['password'] = _check_password($_POST['password'], $_POST['notpassword'], 6); $_clean['question'] = _check_question($_POST['question'], 2, 20); $_clean['answer'] = _check_answer($_POST['question'], $_POST['answer'], 2, 20); $_clean['sex'] = _check_sex($_POST['sex']); $_clean['face'] = _check_face($_POST['face']); $_clean['email'] = _check_email($_POST['email'], 5, 40); $_clean['qq'] = _check_qq($_POST['qq']); $_clean['url'] = _check_url($_POST['url'], 40); //print_r($_clean); //首先获取本机名 $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']); //通过本机名获取Ip $ip = gethostbyname("{$hostname}"); //在新增之前,要判断用户名是否重复 _is_repeat("select tg_username from tg_user where tg_username='******'username']}' limit 1", "对不起,该用户名已被注册"); //新增用户 //在双引号里直接放变量是可以的,比如$_username,但如果是数组,就必须加上{},比如{$_clean['username']}
//判断是否提交了 if (@$_GET['action'] == 'register') { //为了防止恶意注册,跨站攻击 _check_code($_POST['code'], $_SESSION['code']); //引入验证文件 include ROOT_PATH . 'includes/check.func.php'; //创建一个空数组,用来存放提交过来的合法数据 $_clean = array(); //可以通过唯一标示符来防止恶意注册,伪装表单跨站攻击等 //这个存放入数据库的唯一标识符还有第二个用处,就是登录cookies验证 $_clean['uniqid'] = _check_uniqid($_POST['uniqid'], $_SESSION['uniqid']); //active也是一个唯一标识符,用来刚注册的用户进行激活处理,方可登录。 $_clean['active'] = _sha1_uniqid(); $_clean['username'] = _check_username(@$_POST['username'], 2, 20); $_clean['password'] = _check_password(@$_POST['password'], @$_POST['notpassword'], 6); $_clean['question'] = _check_question(@$_POST['passt'], 2, 20); $_clean['answer'] = _check_answer(@$_POST['passt'], @$_POST['passd'], 2, 20); $_clean['sex'] = _check_sex(@$_POST['sex']); $_clean['qq'] = _check_qq($_POST['qq']); $_clean['email'] = _check_email(@$_POST['email'], 6, 40); //在新增之前,要判断用户名是否重复 _is_repeat("SELECT username FROM tb_user WHERE username='******'username']}' LIMIT 1", '对不起,此用户已被注册'); //新增用户 //在双引号里,直接放变量是可以的,比如$_username,但如果是数组,就必须加上{} ,比如 {$_clean['username']} _query("INSERT INTO tb_user (\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tuniqid,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tactive,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tusername,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tpassword,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tquestion,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tanswer,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tsex,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tqq,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\temail,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\treg_time\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t) \n\t\t\t\t\t\t\t\t\t\t\t\tVALUES (\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$_clean['uniqid']}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$_clean['active']}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$_clean['username']}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$_clean['password']}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$_clean['question']}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$_clean['answer']}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$_clean['sex']}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$_clean['qq']}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t'{$_clean['email']}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tNOW()\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t)"); //关闭 if (_affected_rows() == 1) { _close(); _location('恭喜你,注册成功!', 'active.php?active=' . $_clean['active']); } else { _close(); _location('韩遗憾,注册失败!', 'register.php');