我有一个表单,我使用PHP来验证,使用一堆嵌套的if语句。它工作但但问题当然是错误消息会一次显示一个。我想让他们一次显示所有内容。所以我尝试在不使用嵌套条件语句的情况下重写代码。我花了至少4个小时尝试,没有任何工作。有人可以给我一些建议吗?非常感谢...另外,我不确定是否可以编写if语句,如果满足条件,则不执行代码。这就是我的代码目前正在尝试做的事情,我确信这是一种可怕的做法,但我想不出另一种做法。
<?php
if($_POST['submit']==1)
{
//$submit = strip_tags(isset($_POST['submit']));
$fname = strip_tags($_POST['fname']);
$lname = strip_tags($_POST['lname']);
$usernamereg = strip_tags($_POST['usernamereg']);
$passwordreg = strip_tags($_POST['passwordreg']);
$email = strip_tags($_POST['email']);
$emailcheck = strip_tags($_POST['emailcheck']);
$date = date("Y-m-d");
$connect = mysql_connect("localhost","user","password") or die ("There is a problem connecting to the database");
mysql_select_db("user_db",$connect) or die("Couldn't find the database.");
$queryusername = mysql_query("SELECT * FROM users WHERE username = '$usernamereg'");
$numrowsusername = mysql_num_rows($queryusername);
$queryemail = mysql_query("SELECT * FROM users WHERE email = '$email'");
$numrowsemail = mysql_num_rows($queryemail);
if($fname&&$lname&&$usernamereg&&$passwordreg&&$email&&$emailcheck)
{
}
else
{
$all_fields = 'All fields must be filled in';
}
if (strlen($usernamereg)>25||strlen($fname)>25||strlen($lname)>25)
{
$length_error = "First name, last name, and username cannot be longer than 25 characters";
}
if($numrowsusername = 0)
{
}
else
{
$username_error ='username already taken';
}
if(strlen($passwordreg)<6)
{
$password_error ="Password must be atleast 6 characters";
}
else
{
//some form of password encryption
}
if($email != $emailcheck)
{
$emails_no_match = "Emails don't match";
}
if($numrowsemail = 0)
{
}
else
{
$email_in_use_error ="This email is already in use";
}
if(isset($all_fields)||isset($length_error)||isset($username_error)||isset($password_error)||isset($emails_no_match)||isset($email_in_use_error)==1)
{
}
else
{
$queryget =mysql_query("INSERT INTO users(date,fname,lname,username,password,email,emailcheck)VALUES('$date','$fname','$lname','$usernamereg','$passwordreg','$email','$emailcheck')");
echo "You have been registered!";
}
}
?>
Here is my form code
<form action ='' method = 'POST' name ='regform'>
<table width = '500px'>
<tr>
<td id ="form_title" align ='left'>Sign Up Here</td>
</tr>
<tr>
<td id="form_subtitle" align ='left'> 100% Free</td>
</tr>
<tr>
<td align ='left'><input type ='text' name = 'fname' placeholder = 'First Name' class = 'firstname' /><input type ='text' name='lname' placeholder = 'Last Name' class = 'lastname' /></td>
</tr>
<tr>
<td></td>
</tr>
<tr>
<td align ='left'><input type ='text' name = 'usernamereg' placeholder = 'Username' class = 'username2' /></td>
</tr>
<tr>
<td><?php
if(!empty($username_error)){
echo $username_error;
}
?></td>
</tr>
<tr>
<td align ='left'><input type ='password' name='passwordreg' placeholder = 'Password' class = 'password2' /></td>
</tr>
<tr>
<td><?php
if(isset($password_error)){
echo $password_error;
}
?></td>
</tr>
<tr>
<td align ='left'><input type ='email' name = 'email' placeholder = 'Email' class = 'email'/></td>
</tr>
<tr>
<td><?php
if(!empty($emails_no_match)){
echo $emails_no_match;
}
?></td>
</tr>
<tr>
<td align ='left'><input type ='email' name = 'emailcheck' placeholder = 'Re-enter Email' class = 'emailcheck'/></td>
</tr>
<tr>
<td><?php
if(!empty($email_in_use_error)){
echo $email_in_use_error;
}
?></td>
</tr>
<tr>
<td><?php
if(!empty($all_fields)){
echo $all_fields;
}
?> </td>
</tr>
<td align='center'><input type = 'submit' name = 'submit' id= 'regbutton' value = 'Register' /></td>
</form>
答案 0 :(得分:0)
您能否提供更多详细信息(原始表格)以及对问题的更好描述。很难理解它。
尽管如此,在你发布的代码中我猜错了......
if($numrowsusername = 0)
是一项任务。所以,在这种情况下,总是假的......应该是
if ( $numrowsusername == 0 )
同样的'if($ numrowsemail = 0)'
顺便说一句,是的,如果if-statement为true,则可能没有执行任何操作。不要在支架之间放任何东西,或者更好,只需放一个;介于两者之间以便于阅读。
答案 1 :(得分:0)
您可以将错误放入数组中,然后在出现任何错误时显示其内容。
<?php
$errors = array();
if ($_POST['submit'] == 1) {
//$submit = strip_tags(isset($_POST['submit']));
$fname = strip_tags($_POST['fname']);
$lname = strip_tags($_POST['lname']);
$usernamereg = strip_tags($_POST['usernamereg']);
$passwordreg = strip_tags($_POST['passwordreg']);
$email = strip_tags($_POST['email']);
$emailcheck = strip_tags($_POST['emailcheck']);
$date = date("Y-m-d");
$connect = mysql_connect("localhost","user","password") or die ("There is a problem connecting to the database");
mysql_select_db("user_db",$connect) or die("Couldn't find the database.");
$queryusername = mysql_query("SELECT * FROM users WHERE username = '$usernamereg'");
$numrowsusername = mysql_num_rows($queryusername);
$queryemail = mysql_query("SELECT * FROM users WHERE email = '$email'");
$numrowsemail = mysql_num_rows($queryemail);
if (!$fname || !$lname || !$usernamereg || !$passwordreg || !$email || !$emailcheck) {
$errors[] = 'All fields must be filled in';
}
if (strlen($usernamereg) > 25 || strlen($fname) > 25 || strlen($lname) > 25) {
$errors[] = "First name, last name, and username cannot be longer than 25 characters";
}
if ($numrowsusername > 0) {
$errors[] ='Username already taken';
}
if (strlen($passwordreg) < 6) {
$errors[] = "Password must be atleast 6 characters";
} else {
$passwordreg = md5($passwordreg);
}
if ($email != $emailcheck) {
$errors[] = "Emails don't match";
}
if ($numrowsemail > 0) {
$errors[] ="This email is already in use";
}
// If no errors occurred, insert the user into the database
if (count($errors) == 0) {
$queryget =mysql_query("INSERT INTO users(date,fname,lname,username,password,email,emailcheck)VALUES('$date','$fname','$lname','$usernamereg','$passwordreg','$email','$emailcheck')");
echo "You have been registered!";
}
}
现在,您要在哪里显示错误,只需输入以下代码:
<?php if (count($errors)) { ?><ul><li><?php echo implode('</li><li>', $errors); ?></li></ul><?php } ?>
我建议你在&#34; 100%免费&#34;下面这样做。线。
另外,我建议您查看PHP PSR-2 coding standards文档。该文档及其前身PSR-1和PSR-0定义了编写易于调试的可读PHP代码的良好实践。
另外需要注意的是,strip_tags()不足以保护自己免受SQL注入攻击。在将$_POST变量用于SQL查询之前,需要对其进行清理。对于整数和浮点数,我建议使用以下语法:
$myInt = (isset($_POST['myInt']) ? (int)$_POST['myInt'] : null);
$myFloat = (isset($_POST['myFloat']) ? (float)$_POST['myFloat'] : null);
对于字符串,您应该使用mysql_real_escape_string()来确保按如下方式正确处理变量:
$myStr = (isset($_POST['myStr']) ? mysql_real_escape_string($_POST['myStr']) : null);
因此,您的$fname变量行将变为以下内容:
$fname = (isset($_POST['fname']) ? mysql_real_escape_string($_POST['fname']) : null);
依此类推其他输入变量。
理想情况下,您希望使用PDO和预处理语句,但这不属于本问题的范围。此外,mysql_*()函数已弃用,将在未来版本中从PHP中删除,可能很快就会删除。建议您改用mysqli库。