表单未经验证发送:php mysql

【问题标题】:The form is sent without validation: php mysql表单未经验证发送:php mysql
【发布时间】:2014-02-06 11:31:04
【问题描述】:

我尝试了以下 php 脚本来验证用户输入。但是表单被发送到数据库而没有提示用户填写必填字段,即如果用户将一个或多个字段留空,则提交表单而不要求填写字段。在满足每个表单字段的条件之前如何阻止它提交?

这里是代码:-

<?php
$fnameErr=$lnameErr=$emailErr=$passwordErr=$cpasswordErr="";
if ($_SERVER['REQUEST_METHOD'] === 'POST') 
{ 
   if(empty($_POST["fname"]))
     { 
      $fnameErr="First name is Required";
     }
  else
    {
    $fname = $_POST["fname"];
    }
    if (empty($_POST["lname"]))
    {
    $lnameErr = "Last Name is required";
    }
  else
    {
    $lname = $_POST["lname"];
    }
    if (empty($_POST["email"]))
    {
    $emailErr = "Email is required";
    }
  else
    {
    $email = $_POST["email"];
    }
    if (empty($_POST["password"]))
    {
    $passwordErr = "Password is required";
    }
  else
    {
    $password = $_POST["password"];
    }
    if (empty($_POST["cpassword"]))
    {
    $cpasswordErr = "Confirm Password";
    }
  else
    {
    $cpassword = $_POST["cpassword"];
    }

    //Create connection
$con=mysqli_connect("localhost","root","p11","daot");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
    $sql="INSERT INTO registration (FirstName, LastName, EmailAddress,Password,ConfirmPassword)
VALUES
('$_POST[fname]','$_POST[lname]','$_POST[email]','$_POST[password]','$_POST[cpassword]')";

if (!mysqli_query($con,$sql))
  {
  die('Error: ' . mysqli_error($con));
  }
  mysqli_close($con);
}

?> 
<html>
<head>
<link rel="stylesheet" type="text/css" href="mastercss.css">
<title>SIGN UP PAGE</title>
</head>
<body>
<?php include 'header.php'; ?>
<div class="leftbar">
 </div>
<div class="content">
<h1 class="h1">complete the following form to register</h1>
<fieldset style="width:450px; background:gray;">
<form autocomplete="on" method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
  <label for="fname">First Name:</label>
  <input type="text" name="fname"><?php echo $fnameErr;?><br><br>
  <label for="lname">Last Name:</label>
  <input type="text" name="lname"><?php echo $lnameErr;?><br><br>
  <label for="email">Email:</label>
  <input type="email" name="email"><?php echo $emailErr;?><br><br>
  <label for="password">Password:</label>
  <input type="password" name="password"><?php echo $passwordErr;?><br><br>
  <label for="cpassword">Confirm Password</label>
  <input type="password" name="cpassword"><?php echo $cpasswordErr;?><br><br>
  <!--<label for="sex">Sex</label><input type="radio" name="sex" value="female"> Female
  <input type="radio" name="sex" value="male">Male<br>
  <label for="select">Birthday</label>
<select name="birthday_Month" id="month">
<option value="0" selected="1">Month</option>
<option value="1">January</option>
<option value="2">February</option>
<option value="3">March</option>
</select>
<select name="birthday_day" id="month">
<option value="0" selected="1">Day</option>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
</select>
<select name="birthday_year" id="year">
<option value="0" selected="1">year</option>
<option value="2010">2010</option>
<option value="2011">2011</option>
<option value="2012">2012</option>
</select><br><br>-->
<input type="submit" value="SIGN UP" style="width:100: height:100" name="Submit">
</form>
</fieldset>
</div>
<div class="rightbar"><br><br>
<a href="https://www.twitter.com"><img src="tw1.jpg">
<a href="https://www.facebook.com"><img src="fb2.jpg"></a>
</div>
<?php include "footer.php";?>

</body>
</html>

【问题讨论】:

  • 根据您的代码运行
  • 如果你想在表单提交前通知用户,你需要使用javascript。
  • 我知道我可以使用 java 脚本,但我想使用 PHP 代码进行验证

标签: php mysql forms


【解决方案1】:

提交表单时没有显示验证,因为即使在执行了验证条件之后它仍在执行以下代码行。如果任何验证不正确,您需要通过退出代码段来避免执行代码。

if(empty($_POST["fname"]))
     { 
      $fnameErr="First name is Required";
      exit;
     }

【讨论】:

    【解决方案2】:

    你应该这样做

    if(empty($_POST["fname"]))
     { 
      $fnameErr="First name is Required";
      echo $fnameErr;
exit();
     }

    并且其余条件相同。

    【讨论】:

    • 我想在同一页面上显示错误消息,即在每个文本框的右侧,而不是在另一个页面上。
    • 为此您需要使用 javascript
    • 你确定php里没有办法吗?
    【解决方案3】:

    这将一次显示所有错误:

    在您的 PHP 中:

    $error = array(); //save all errors into one array, later we will check if this array is empty to proceed with saving into DB
if(empty($_POST["fname"]))
     { 
      $error['fname']="First name is Required";
     }
  else
    {
    $fname = $_POST["fname"];
    }
    if (empty($_POST["lname"]))
    {
    $error['lname'] = "Last Name is required";
    }
  else
    {
    $lname = $_POST["lname"];
    }
    if (empty($_POST["email"]))
    {
    $error['email'] = "Email is required";
    }
  else
    {
    $email = $_POST["email"];
    }
    if (empty($_POST["password"]))
    {
    $error['password'] = "Password is required";
    }
  else
    {
    $password = $_POST["password"];
    }
    if (empty($_POST["cpassword"]))
    {
    $error['cpassword'] = "Confirm Password";
    }
  else
    {
    $cpassword = $_POST["cpassword"];
    }

if (empty($errors)) {
//if there are no errors, save into DB
//Create connection
$con=mysqli_connect("localhost","root","p11","daot");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
    $sql="INSERT INTO registration (FirstName, LastName, EmailAddress,Password,ConfirmPassword)
VALUES
('$_POST[fname]','$_POST[lname]','$_POST[email]','$_POST[password]','$_POST[cpassword]')";

if (!mysqli_query($con,$sql))
  {
  die('Error: ' . mysqli_error($con));
  }
  mysqli_close($con);
}
}

    在你的 HTML 中:

      <label for="fname">First Name:</label>
  //checking if error message is set, if yes display it
  <input type="text" name="fname"><?php echo isset($error['fname'])?$error['fname']:'' ;?><br><br>
  <label for="lname">Last Name:</label>
  <input type="text" name="lname"><?php echo isset($error['lname'])?$error['lname']:'' ;?><br><br>
  <label for="email">Email:</label>
  <input type="email" name="email"><?php echo isset($error['email'])?$error['email']:'' ;?><br><br>
  <label for="password">Password:</label>
  <input type="password" name="password"><?php echo isset($error['password'])?$error['password']:'' ;?><br><br>
  <label for="cpassword">Confirm Password</label>
  <input type="password" name="cpassword"><?php echo isset($error['cpassword'])?$error['cpassword']:'' ;?><br><br>

    【讨论】:

    • 与我的代码结果相同,没有任何改变。
    • 哦等等 -.- 我以为你不想让它保存到数据库中,除非你的所有错误都得到纠正。看@user3279301 HTML 代码仅在您的 PHP 代码完成后才在浏览器上输出,现在如果您要检查 PHP 上的错误,除非您重新提交表单,否则它不会执行(这样您的PHP 代码在 HTML 之前首先执行),因此这成为客户端验证,如果没有刷新,那么您必须使用 AJAX(您在另一个表单上的 PHP 代码)或使用 javascript/jQuery 进行验证。我写了一个很长的评论因为我想 XD
    猜你喜欢
    • 2016-09-08
    • 2016-08-07
    • 2012-08-23
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2018-01-26
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode