php - Mysql PDO 转换验证

Question

我对 PDO 完全陌生，我正在尝试转换我的注册页面， 我能够在数据库中获取信息，但我觉得我让它变得比需要的更复杂。每个函数中我需要 2 组 POST 吗？

我的回显验证错误也与创建函数中的异常冲突。

我有一个注册函数，我通过在注册页面上使用以下内容来调用它

<?php validate_register();?>

这是我的验证注册代码

/* Validate register */

function validate_register(){

    $errors = [];

    $min = 3;
    $max = 20;

    if(isset($_POST['signupBtn'])){      

        $email = $_POST['email'];
        $username = $_POST['username'];
        $birthdate = $_POST['birthdate'];
        $password = $_POST['password'];

        if (empty($email)) {
            $errors[] = "Email Address Required.";
        }

        if (empty($username)) {
            $errors[] = "Userame Required.";
        }

        if (empty($birthdate)) {
            $errors[] = "Date of Birth Required.";
        }

        if (empty($password)) {
            $errors[] = "Password Required.";
        }

        if (! empty($errors)) {

            echo validation_errors($errors[0]);

        } else {

            if (create_user($email, $username, $birthdate, $password)) {

                set_message('Please check your email for account Information.');

                redirect ("index.php");
            }
        }
    }
}

如果验证通过，则会创建用户

/* create user  */

function create_user($email, $username, $birthdate, $password){

    $email = $_POST['email'];
    $username = $_POST['username'];
    $birthdate = $_POST['birthdate'];
    $password = $_POST['password'];

    $hashed_password = password_hash($password, PASSWORD_DEFAULT);


    try {

        $sqlInsert = "INSERT INTO users (email, username, birthdate, password)
                  VALUES(:email, :username, :birthdate, :password)";

        $stmt = $db->prepare($sqlInsert);
        $stmt->execute(array(':email' =>$email, ':username' => $username, ':birthdate' => $birthdate, ':password' => $hashed_password));

        if ($stmt->rowCount() == 1) {

            return true;
        }


    }catch (PDOException $e){

        $result = $e->getMessage();
    }
}

Answer 1

您不必在 create_user 中再次重新分配 $_POST，因为您是从 validate_register 函数将它们传递到函数中的:

validate_register()

function validate_register(){
    $errors = [];
    $min = 3;
    $max = 20;

    if(isset($_POST['signupBtn'])){      
        # Just setting here is fine like you have
        $email = $_POST['email'];
        $username = $_POST['username'];
        $birthdate = $_POST['birthdate'];
        $password = $_POST['password'];

    ...etc.

create_user()

function create_user($email, $username, $birthdate, $password){
    ################################################################
    # As noted, remove this section because you have set them in the 
    # parameters and passed them from the previous function. As long
    # as they are in the same order when you pass them, you're good
    ################################################################

    $hashed_password = password_hash($password, PASSWORD_DEFAULT);

    try {

        $sqlInsert = "INSERT INTO users (email, username, birthdate, password)
                  VALUES(:email, :username, :birthdate, :password)";

        $stmt = $db->prepare($sqlInsert);
        $stmt->execute(array(':email' =>$email, ':username' => $username, ':birthdate' => $birthdate, ':password' => $hashed_password));

        if ($stmt->rowCount() == 1) {
            return true;
        }
    }catch (PDOException $e){

        $result = $e->getMessage();
    }
}