【问题标题】:Stop empty values from input boxes from being inserted into my database? PHP阻止输入框中的空值插入我的数据库? PHP
【发布时间】:2013-08-07 05:11:26
【问题描述】:

这是html表单(register.php):

<html>
<body>

<form action="handle_registration.php" method="post">

<fieldset><legend>Enter your
information in the form below:</legend>

First Name: <input type="text" name="fname" size="20" maxlength="40"><br>
Last Name: <input type="text" name="lname" size="20" maxlength="40"><br>
Username: <input type="text" name="uname" size="20" maxlength="40"><br>
Password: <input type="text" name="pword" size="20" maxlength="40"><br>
<input type="submit" name="submit" value="submit my info">

</form>

</body>
</html>

这是处理注册的php脚本(handle_registration.php):

<?php

// Create a shorthand for the form data:

$fname = $_POST['fname'];
$lname = $_POST['lname'];
$uname = $_POST['uname'];
$pword = $_POST['pword'];

// Create the connection variables:

$db_host = "localhost";
$db_user = "root";
$db_pass = "";
$db_name = "registration_info";
$con = mysqli_connect("$db_host", "$db_user", "$db_pass", "$db_name");

// Check the connection:

if (mysqli_connect_errno ())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

// Make sure all of the input boxes have a value:

if (empty($fname)) {
die('You forgot to enter your first name!');
}

if (empty($lname)) {
die('You forgot to enter your last name!');
}

if (empty($uname)) {
die('You forgot to choose a username!');
}

if (empty($pword)) {
die('You forgot to choose a password!');
}

// Insert the data from the form into the DB:

$sql = "INSERT INTO basic_information (First_Name, Last_Name, Username, Password)
VALUES
('$_POST[fname]', '$_POST[lname]', '$_POST[uname]', '$_POST[pword]')";

// Enter the info the end user type if everything is ok:

if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
else
{
echo "Record has been added";
}

// Close the connection:

mysqli_close($con);

?>

问题来了:

如果所有输入字段都有值,我想将输入的值提交到我的数据库中,但是当我在检查它们是否为空后使用 die 函数时,它会终止脚本。如果一个或多个字段为空,我只想杀死部分将其插入我的数据库并显示一条错误消息,告知哪个字段为空。我不知道如何解决这个问题,任何帮助将不胜感激。

【问题讨论】:

  • 1.将所有错误存储在一个数组中。如果数组为空,则插入数据库,否则打印数组内容。
  • 您可能会收到一些 cmets,告诉您注意 SQL 注入和安全性。这也是您应该关注的一个问题。另一个问题是,检查表单字段的来源是否是一个更好的主意,即通过客户端浏览器中的一些 JavaScript/jQuery 验证器。通过这种方式,您可以在出现错误(或缺失值)时为用户提供更快的响应,并避免来自服务器的不必要流量。

标签: php forms mysqli registration


【解决方案1】:

解决方案相当简单。只需将错误消息存储在变量中,然后在将行插入数据库之前 - 检查天气是否设置了错误或者它是否为空。如果它是空的 - 我们可以插入该行。否则 - 让我们显示错误消息。

// Currently we do not have an error
$error = NULL;

// Validate
if (empty($pword)) {
    $error = 'You forgot to choose a password!';
}

// If there are no errors - lets insert
if (!$error) {
    $sql = 'INSERT INTO ...';
}

【讨论】:

    【解决方案2】:

    不要使用 die ,使用一些变量来存储错误并稍后打印出来

     <?php
    
     // Create a shorthand for the form data:
    
     $fname = $_POST['fname']; $lname = $_POST['lname']; $uname =
    $_POST['uname']; $pword = $_POST['pword'];
    
    // Create the connection variables:
    
     $db_host = "localhost"; $db_user = "root"; $db_pass = ""; $db_name =
     "registration_info"; $con = mysqli_connect("$db_host", "$db_user",
     "$db_pass", "$db_name");
    
     // Check the connection:
    
     if (mysqli_connect_errno ()) { echo "Failed to connect to MySQL: " .
     mysqli_connect_error(); }
    
     // Make sure all of the input boxes have a value:
    
     if (empty($fname)) { $error_msg[]='You forgot to enter your first name!'; }
    
     if (empty($lname)) { $error_msg[]='You forgot to enter your last name!'; }
    
     if (empty($uname)) { $error_msg[]='You forgot to choose a username!'; }
    
     if (empty($pword)) { $error_msg[]='You forgot to choose a password!'; }
    
     // Insert the data from the form into the DB:
     if(count($error_msg)==0){
     $sql = "INSERT INTO basic_information (First_Name, Last_Name,
     Username, Password) VALUES ('$_POST[fname]', '$_POST[lname]',
     '$_POST[uname]', '$_POST[pword]')";
    
     // Enter the info the end user type if everything is ok:
    
     if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); }
     else { echo "Record has been added"; }
    
     // Close the connection:
    
     mysqli_close($con);
    }else{
    print_r($error_msg);
    }
    
     ?>
    

    【讨论】:

      【解决方案3】:

      停止插入空数据的完整工作示例

      <?php
                if (isset($_POST["submit"])) {
                    $emptyInput = NULL;
                    if (!($_POST["firstname"] == $emptyInput or $_POST["lastname"] == $emptyInput or $_POST["email"] == $emptyInput)) {
                        $sql = "INSERT INTO MyGuests (firstname, lastname, email) VALUES ('" . $_POST["firstname"] . "','" . $_POST["lastname"] . "','" . $_POST["email"] . "')";
                        if (mysqli_query($conn, $sql)) {
                            echo 'Record inserted successfully!';
                        }
                    } else {
                        echo 'all fields are compulsory!';
                    }
                }
                ?>  
      

      【讨论】:

        【解决方案4】:

        您可以使用 $errors 变量来保存所有字段的错误

        $error = array();//initializing the $error
        if (empty($fname)) {
        $error[] = 'You forgot to enter your first name!';
        }
        
        if (empty($lname)) {
        $error[] = 'You forgot to enter your last name!';
        }
        
        if (empty($uname)) {
        $error[] = 'You forgot to choose a username!';
        }
        
        if (empty($pword)) {
        $error[] = 'You forgot to choose a password!';
        }
        
        if(!empty($error))//if error occured
        {
           die(implode('<br />', $error));//Stops the script and prints the errors if any occured
        }
        // Insert the data from the form into the DB:
        
        $sql = "INSERT INTO basic_information (First_Name, Last_Name, Username, Password)
        VALUES
        ('$_POST[fname]', '$_POST[lname]', '$_POST[uname]', '$_POST[pword]')";
        
        // Enter the info the end user type if everything is ok:
        
        if (!mysqli_query($con,$sql))
        {
        die('Error: ' . mysqli_error($con));
        }
        else
        {
        echo "Record has been added";
        }
        
        // Close the connection:
        
        mysqli_close($con);
        

        【讨论】:

          猜你喜欢
          • 2012-10-23
          • 1970-01-01
          • 2016-03-20
          • 1970-01-01
          • 1970-01-01
          • 2015-03-19
          • 2018-04-07
          • 2015-05-21
          • 2013-04-17
          相关资源
          最近更新 更多