我正在尝试通过让用户填写已经过验证的表单来更新页面上的表。出于某种原因,当我添加验证if语句时,除了用户单击“添加新”时刷新,表单不执行任何操作。如果我删除if语句,表将更新。我错过了什么?
<?php
session_start();
require_once "db.php";
if ( isset ($_POST['url']) && isset ($_POST['email'])
&& isset ($_POST['length']) && isset ($_POST['rating']) ) {
//Reject empty form fields
if (strlen($_POST['url']) < 1 || strlen($_POST['email']) <1 || strlen ($_POST['length']) <1 || strlen($_POST['rating']) < 1) {
$_SESSION['error'] = 'All values are required';
header('Location: add.php');
return;
}
//Reject urls that are not http or https
$url = $_POST['url'];
if (strpos($url,"http://") !== 0 && strpos($url, "https://") !== 0 ) {
$_SESSION['error'] = 'Error in input data';
header('Location: add.php');
return;
}
//Reject emails without '@' symbol
if ( strpos($_POST['email'], "@") === false ) {
$_SESSION['error'] = 'Error in input data';
header('Location: add.php');
return;
}
//Reject track lengths or rating numbers that are too small
if ( $_POST['length'] +0 < 1 || $_POST['rating'] +0 < 1 ) {
$_SESSION['error'] = 'Error in input data';
header('Location: add.php');
return;
}
$sql = "INSERT INTO videos (url, email, length, rating)
VALUES (:url, :email, :length, :rating)";
$stmt = $pdo->prepare($sql);
$stmt->execute(array(
':url' => $_POST ['url'],
':email' => $_POST ['email'],
':length' => $_POST['length'],
':rating' => $_POST['rating']));
$_SESSION['success'] = 'Record Added';
header( 'Location: index.php' ) ;
return;
}
?>
<p>Add A New Video</p>
<form method="post">
<p>URL:
<input type="text" name="url"></p>
<p>Email:
<input type="text" name="email"></p>
<p>Length:
<input type="text" name="length"></p>
<p>Rating:
<input type="text" name="rating"></p>
<p><input type="submit" value="Add New"/>
<a href="index.php">Cancel</a></p>
</form>
答案 0 :(得分:0)
我想说使用strpos进行验证很容易出错。尝试使用这样的正则表达式:
if (! preg_match('/[^@\s]{3,}@([-a-z0-9]{2,}\.)+[a-z]{2,}/', $_POST['e_mail'])) { $_SESSION['error'] = 'Error in input data'; }
答案 1 :(得分:0)
查看以下代码是否适合您?我稍微修改了 length 和 rating 字段的条件,以及电子邮件字段。祝你好运!
<?php
session_start();
require_once "db.php";
if ( isset ($_POST['url']) && isset ($_POST['email'])
&& isset ($_POST['length']) && isset ($_POST['rating']) ) {
//Reject empty form fields
if (strlen($_POST['url']) < 1 || strlen($_POST['email']) < 1 || strlen ($_POST['length']) < 1 || strlen($_POST['rating']) < 1) {
$_SESSION['error'] = 'All values are required';
die(header('Location: add.php'));
}
//Reject urls that are not http or https
$url = $_POST['url'];
if (strpos($url,"http://") !== 0 && strpos($url, "https://") !== 0 ) {
$_SESSION['error'] = 'Error in input data';
die(header('Location: add.php'));
}
//Reject emails without '@' symbol
if (FILTER_VAR($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$_SESSION['error'] = 'Error in input data';
die(header('Location: add.php'));
}
//Reject track lengths or rating numbers that are too small
if ($_POST['length'] < 1 || $_POST['rating'] < 1 || $_POST['length'] > 1000 || $_POST['rating'] > 1000) {
$_SESSION['error'] = 'Error in input data';
die(header('Location: add.php'));
}
$sql = "INSERT INTO videos (url, email, length, rating)
VALUES (:url, :email, :length, :rating)";
$stmt = $pdo->prepare($sql);
$stmt->execute(array(
':url' => $_POST ['url'],
':email' => $_POST ['email'],
':length' => $_POST['length'],
':rating' => $_POST['rating']));
$_SESSION['success'] = 'Record Added';
header( 'Location: index.php' ) ;
}
?>
<p>Add A New Video</p>
<form method="post">
<p>URL:
<input type="text" name="url"></p>
<p>Email:
<input type="text" name="email"></p>
<p>Length:
<input type="text" name="length"></p>
<p>Rating:
<input type="text" name="rating"></p>
<p><input type="submit" value="Add New"/>
<a href="index.php">Cancel</a></p>
</form>