Php Form没有提交值

时间:2012-07-29 15:58:32

标签: php

请检查代码,我在这里错了。表单没有提交值。页面令人耳目一新但没有发布值。我不知道发生了什么。请检查代码并识别错误。我也在另一个应用程序上使用了这个代码。它在那里工作但不在这里

<?php
    if ($username && $userid) {
        echo "you are already logged in as $dbuser.<a href='w-post.php'> Click here to go to Post area</a>";
    }

    else {
        $form = "<form method=post action=123.php autocomplete=off enctype=multipart/form-data>

    <table width=759 border=1>
        <tr>
            <td width=749>
                <table width=756 border=1>
                    <tr>
                        <td colspan=3 bgcolor=#d9d9d9>
                            <div align=center class=style1><font color=#003366>PERSONAL INFORMATION</font></div>
                        </td>
                    </tr>
                    <tr>
                        <td width=196>
                            <div class=label-text>Email Address</div>
                        </td>
                        <td width=297>
                            <div class=accountboxes><input type=text class=accounttextboxes id=txtemail name=txtemail
                                                           size=50/>
                            </div>
                        </td>
                        <td width=241>&nbsp;</td>
                    </tr>
                    <tr>
                        <td width=196>
                            <div class=label-text>Password</div>
                        </td>
                        <td width=297>
                            <div class=accountboxes><input type=password class=accounttextboxes id=txtpass name=txtpass
                                                           size=50/>
                            </div>
                        </td>
                        <td width=241>&nbsp;</td>
                    </tr>
                    <tr>
                        <td width=196></td>
                        <td width=297><input name=submit type=submit id=submit value=submit/>

                        <td width=241>&nbsp;</td>
                    </tr>
                </table>
            </td>
        </tr>
    </table>
    </td>
    </tr>
    </table>
</form>";

        if (isset($_POST['submit'])) {
            $user = $_POST['txtemail'];
            $pass = $_POST['txtpass'];
            if ($user) {
                if ($password) {
                    $password = md5($pass);
                    //echo $epassword;
                    $query   = mysql_query("SELECT * from users where email='$user'");
                    $numrows = mysql_num_rows($query);
                    if ($numrows == 1) {
                        $row      = mysql_fetch_assoc($query);
                        $id       = $row['id'];
                        $dbuser   = $row['name'];
                        $dbpass   = $row['password'];
                        $activate = $row['activation'];
                        if ($password == $dbpass) {
                            if ($activate == '1') {
                                $_SESSION['name']  = $dbuser;
                                $_SESSION['id']    = $id;
                                $_SESSION['email'] = $email;
                                header('location:forms.php');
                                exit();
                            }
                            else {
                                $error_account = 'Your Account is not activated yet';
                            }
                            echo $form;
                        }
                        else {
                            $error_pass = 'You entered an incorrect password';
                        }
                        echo $form;
                    }

                    else {
                        $error_email = 'Email Address not found';
                        echo $form;
                    }

                }

                else {
                    $enter_pass = 'Enter your password';
                    echo $form;
                }

            }
            else {
                $enter_email = 'Enter email address';
                echo $form;
            }

        }

        else {
            echo $form;
        }

    }
?>

2 个答案:

答案 0 :(得分:2)

您应该在整个HTML中引用所有属性值,例如post123.php等,以确保安全。否则(假设您使用的是HTML而不是XHTML - 必须引用字符串)任何无效字符都会使HTML无效,您的代码可能会中断,这肯定是您的代码可能发生的事情。

使用HEREDOC语法:

$form = <<<EOD
<form method="post" action="123.php" autocomplete="off" enctype="multipart/form-data">
<table width="759" border="1">
  <tr>

<!-- Rest of HTML code -->

EOD;

答案 1 :(得分:0)

如果你这样做,你的代码就会简单得多:

if (isset($_POST['submit'])) {
 $error = 0;
 $errorMessages = array();
 $user = $_POST['txtemail'];
 $pass = $_POST['txtpass'];
 if (!$user) {
  $errors++;
  $errorMessages[] = "Please enter your email address";
 }
 ...//rest of the form check
 if($errors == 0) {
  //do what you want with the data
 }
}

所以你没有那么多括号。