我创建了一个小型注册粘贴表单。一切都工作正常,但如果我输入任何错误的值,如姓名中的数字,年龄的字母,甚至错误的电子邮件格式,那么数据仍保存在数据库中,我无法弄清楚验证问题。 另外一个是搜索选项。每当我在搜索框中输入任何FirstName或lastname时,它应显示数据库中的名称,否则将显示错误消息。 任何1可以建议我该怎么做..请参阅下面的编码。
sticky_form代码......
<html>
<head>
<?php
global $fname,$lname,$gender,$age,$course,$email;
if(isset($_POST['register']))
{
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$gender=$_POST['gender'];
$age=$_POST['age'];
$course=$_POST['course'];
$email=$_POST['email'];
if (preg_match("/[a-zA-Z ]+$/", $_POST['fname'])) {
$fname = trim($_POST['fname']);
}
else
{
echo '<p>The First name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
//$error = true;
}
if (preg_match("/[a-zA-Z ]+$/", $_POST['lname'])) {
$lname = trim($_POST['lname']);
}
else
{
echo '<p>The last name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
$error = true;
}
if(isset($_POST['gender']))
{
$gender = $_POST['gender'];
}
else
{
echo "<p>No gender found!</p>";
}
if (preg_match("/[a-zA-Z ]+$/", $_POST['age'])) {
$age = trim($_POST['age']);
}
else
{
echo '<p>Please enter age. Or your age contains illegal characters</p>';
//$error = true;
}
if(isset($_POST['course']))
{
$course = $_POST['course'];
}
else
{
echo "<p>Please Select Course!</p>";
}
// Validate the email:
if (preg_match("/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/", $_POST['email'] )){
$email = trim($_POST['email']);
}
else
{
echo '<p>The email is empty or has illegal characters! To edit please go the link Display Data Information</p>';
//$error = false;
}
echo "<br/>";
echo "<br/>";
echo "<br/>";
}
if($fname&&$lname&&$gender&&$age&&$email&&$course)
{
require_once('connection.php');
$query = mysql_query("INSERT INTO members SET FirstName='$fname', LastName='$lname', Gender='$gender', Age='$age', Email='$email', Course='$course'") or die(mysql_error());
if($query){
echo"Your Data Successfully Saved";
}
else
{
echo "Please recheck your Data!";
}
}
?>
</head>
<body id="body">
<h2><strong>Register Student Account</strong></h2>
<form action="student_form.php" method="post" >
<table border="1" id="container">
<tr>
<td>First Name</td>
<td>:</td>
<td><input type="text" name="fname" size="30" maxlength="50"/></td>
</tr>
<tr>
<td>Last Name</td>
<td>:</td>
<td><input type="text" name="lname" size="30" maxlength="50"/></td>
</tr>
<tr>
<td>Age</td>
<td>:</td>
<td><input type="text" name="age" size="3" /></td>
</tr>
<tr>
<td >Gender </td>
<td> : </td>
<td> Male
<input type="radio" name="gender" value="Male"/>
Female
<input type="radio" name="gender" value="Female"/></td>
</tr>
<tr>
<td valign="top">Course</td>
<td valign="top"> : </td>
<td> <input type="radio" name="course" value="Bachelor Of Computing"/>Bachelor Of Computing<br/>
<input type="radio" name="course" value="Bachelor Of Science"/>Bachelor Of Science<br/>
<input type="radio" name="course" value="Bachelor Of Software Engineering"/>Bachelor Of Software Engineering<br/>
<input type="radio" name="course" value="Bachelor Of Networking"/>Bachelor Of Networking<br/>
<input type="radio" name="course" value="Bacelor Of IT"/>Bacelor Of IT <br/>
<input type="radio" name="course" value="Bachelor Of Computer Science"/>Bachelor Of Computer Science<br/></td>
</tr>
<tr>
<td>Email Address</td>
<td>:</td>
<td><input type="text" name="email" size="30" maxlength="50"/></td>
</tr>
</table>
<input type="submit" name="register" value="REGISTER"/>
</form><br>
<p><a href="student_form.php" >Home</a></p>
<p><a href="display_data.php">Display Data Information</a>
<p><a href="search.php">To search for Members</a>
</body>
</html>
这是search_form代码......
<html>
<head>
<?php
//require_once('student_form.php');
if(isset($_POST['s1'])){
$id=$_REQUEST['id'];
$fname=$_POST['fname'];
//connect to the database
include('connection.php');
//-query the database table
$sql=mysql_query("SELECT * FROM members WHERE (FirstName LIKE '". $fname ."%' OR LastName LIKE '". $lname ."%'");
//-run the query against the mysql query function
$result=mysql_query($sql);
if($row=mysql_fetch_array($result)){
$fname=$row['FirstName'];
$lname=$row['LastName'];
/*$email=$row['Email'];
$age =$row['Age'];
$gender=$row['Gender'];
$course = $row['Course'];*/
}
//-display the result of the array
else
{
<?php echo $rows['FirstName']; ?>
<?php echo $rows['LastName']; ?>
}
}
?>
</head>
<body>
<form action="search.php" method="post">
<table>
<tr>
<td><strong>search box</strong></td>
<td><strong>:</strong></td>
<td><input type="text" name="search" value=""size="30"/><input type="submit" name="s1" value="Search"/></td>
</table>
</form>
</body>
</html>
答案 0 :(得分:1)
$fname $lname $gender $age $email $course之类的变量如果条件为isset($_POST['register'])之后的条件,则会输入if($fname&&$lname&&$gender&&$age&&$email&&$course)。现在,即使您的验证有效,数据仍将输入数据库。因为你已经把条件
if (preg_match("/[a-zA-Z ]+$/", $_POST['fname'])) {
$fname = trim($_POST['fname']);
}
else
{
echo '<p>The First name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
$fname = "";
}
现在,当所有这些变量中只有一个值时,控件将进入该块。必须发生的是,你输入了错误的值,那些正在验证的信息,将显示消息,但是当第一个if块完成时,因为$ _POST变量仍然具有SOME值,无论它们是否无效,第二个if block将被输入和查询将被解雇。
您可以做的是,无论您何时回显错误消息,都会删除相应的变量。像这样的东西:
{{1}}
答案 1 :(得分:0)
关于您的第一个问题,请不要检查$var,检查!empty($var)。
第二个问题:我不确定我明白你要做什么。但是,当您展示某些内容时,不是指$row而不是$rows吗?此外,如果您有多个搜索匹配怎么办?你想要的是:
while($row=mysql_fetch_assoc($result)){
echo $row['Firstname'], ' ', $row['LastName'];
}
而不是你的if-else结构。