新手在AJAX中我得到了这段代码,请帮忙,即使密码不匹配,我的代码也会继续访问sec_reg.php页面,或者即使表单有效,我希望用户保持当前页面如果他提交表格。这是我的代码
这是我的表格
<h4>ADD ANOTHER ADMIN</h4>
<form action="sec_reg.php" method="post" name="registration_form">
<br>
<p>
<strong>Email</strong>
<br>
<br>
<input class="acc_input" type="text" id="email" name="email"placeholder="Email">
</p>
<br>
<p>
<strong> Password</strong>
<br>
<br>
<input class="acc_input" type="password" name="password" id="password" placeholder="Password">
<br /><br />
<strong> Confirm Password</strong>
<br>
<br>
<input class="acc_input" type="password" name="cpassword" id="cpassword" placeholder="Confirm Password">
<input type="hidden" name="p" id="p" value="">
<br>
</p>
<button type="submit" class="btnsubmit" onclick="formhash(this.form,
this.form.password, this.form.p);" ><strong>Register</strong></button>
</form>
这是forhash的脚本(密码在发送安全性之前需要哈希)
<script src="sha512.js"></script>
<script>
function formhash (form, password)
{
var pass1 = document.getElementById("password").value;
var pass2 = document.getElementById("cpassword").value;
var ok = true;
if (password != cpassword) {
//alert("Passwords Do not match");
document.getElementById("password").style.borderColor = "#E34234";
document.getElementById("cpassword").style.borderColor = "#E34234";
ok = false;
}
else {
var p = document.createElement("input");
form.appendChild(p);
p.name="p";
p.type="hidden";
p.value=hex_sha512(password.value);
password.value="";
form.submit();
}
}
</script>
这是我的sec_reg.php
<?php
// Include database connection and functions here.
include '../Connections/mabini150_Conn.php';
if (isset($_POST['p']))
{
include 'login_Function.php';
// The hashed password from the form
$password = $_POST['p'];
// Create a random salt
$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
// Create salted password (Careful with the chilli)
$password = hash('sha512', $password.$random_salt);
$username='nousername';
$email = $_POST['email'];
if ($insert_stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt) VALUES (?, ?, ?, ?)"))
{
$insert_stmt->bind_param('ssss', $username, $email, $password, $random_salt);
// Execute the prepared query.
$insert_stmt->execute();
答案 0 :(得分:3)
在调用formhash()之后,您需要返回false;在您的onclick属性中。
<button type="submit" class="btnsubmit"
onclick="formhash(this.form, this.form.password, this.form.p); return false;" ><strong>Register</strong></button>
否则按钮无论如何都会提交。