重定向回到前面提交的字段值的页面

时间:2014-04-13 19:54:23

标签: javascript php html

我有这个登录页面......

<!doctype html>
<html>
<head>
<title>Welcome!</title>
</head>
<body>  
<form action="signin_process.php" method="post">
Name: <input type="text" name="name">
<br />
SID: <input type="text" name="sid">
<br />
Nick Name: <input type="text" name="nn">
<br />
Email: <input type="text" name="email">
<br />
Password: <input type="text" name="pw">
<br />
<input type="submit" value="Login">
</form>
</body>
</html>

signin_process.php文件......

<!doctype html>
<html>
<head>
<title>Signin_process</title>
</head>
<body>
<?php
include ("connection.php");

$name = $_POST['name'];
$sid = $_POST['sid'];
$nn = $_POST['nn'];
$em = $_POST['email'];
$pw = $_POST['pw'];

$result = mysqli_query($con, "SELECT * FROM student_table WHERE SID='$sid'") or die('Query failed');
if(mysqli_num_rows($result)){
    echo ("<SCRIPT LANGUAGE='JavaScript'>
    window.alert('Invalied SID')
    window.location.href='welcome.php';
    </SCRIPT>");
    }

$result = mysqli_query($con, "SELECT * FROM student_table WHERE nickname='$nn'") or die('Query failed');
if(mysqli_num_rows($result)){
    echo ("<SCRIPT LANGUAGE='JavaScript'>
    window.alert('Nickname Takken!')
    window.location.href='welcome.php';
    </SCRIPT>");
    }

$result = mysqli_query($con, "SELECT * FROM student_table WHERE email='$em'") or die('Query failed');
if(mysqli_num_rows($result)){
    echo ("<SCRIPT LANGUAGE='JavaScript'>
    window.alert('Email already in use!')
    window.location.href='welcome.php';
    </SCRIPT>");
    }
?>
</body>
</html>

现在,如果SID,昵称或电子邮件无效,我想重定向到登录页面,字段值将在前面给出。因此,不必再次输入所有值。就像我们在许多网站上看到的那样,我们只需要更改未被例外的输入并再次提交。

谢谢!

3 个答案:

答案 0 :(得分:0)

您可以这样使用:

if ($_POST['name'] == '') {
    echo "<script type='text/javascript'>window.history.back();</script>";
}

通过这种方式,字段值将在前面给出。

答案 1 :(得分:0)

一个基本的例子:

您的登录表单:

<?php session_start(); ?>
<!DOCTYPE html>
<html>
    <head>
        <title>Welcome!</title>
    </head>
    <body>
        <ul>
            <?php 
                $errors = isset($_SESSION['errors']) && is_array($_SESSION['errors']) ? $_SESSION['errors'] : [];
                foreach ($errors as $error):
            ?>
            <li><?php print $error; ?></li>
            <?php endforeach; ?>
        </ul>
        <form action="signin_process.php" method="post">
            <label for="name">Name: </label>
            <input type="text" id="name" name="name" value="<?php print !isset($_SESSION['name']) ?: $_SESSION['name']; ?>" />
            <label for="sid">SID: </label>
            <input type="text" id="sid" name="sid" value="<?php print !isset($_SESSION['sid']) ?: $_SESSION['sid']; ?>" />
            <label for="nn">Nick Name: </label>
            <input type="text" id="nn" name="nn" value="<?php print !isset($_SESSION['nn']) ?: $_SESSION['nn']; ?>" />
            <label for="email">Email: </label>
            <input type="text" id="email" name="email" value="<?php print !isset($_SESSION['email']) ?: $_SESSION['email']; ?>" />
            <label for="pw">Password: </label>
            <input type="text" id="pw" name="pw" value="<?php print !isset($_SESSION['pw']) ?: $_SESSION['pw']; ?>" />
            <input type="submit" name="login" value="Login">
        </form>
     </body>
 </html>

您的PHP表单提交:

<?php
    session_start();
    include ("connection.php");

    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $name = $_SESSION['name'] = mysqli_real_escape_string($con, $_POST['name']);
        $sid = $_SESSION['sid'] = mysqli_real_escape_string($con, $_POST['sid']);
        $nn = $_SESSION['nn'] = mysqli_real_escape_string($con, $_POST['nn']);
        $em = $_SESSION['email'] = mysqli_real_escape_string($con, $_POST['email']);
        $pw = $_SESSION['pw'] = mysqli_real_escape_string($con, $_POST['pw']);

        $_SESSION['errors'] = [];

        $result = mysqli_query($con, "SELECT * FROM student_table WHERE SID='$sid'") or die('Query failed');
         if (mysqli_num_rows($result) > 0) {
             $_SESSION['errors'][] = 'Invalid SID.';
             header('Location: ' . $_SERVER['HTTP_REFERER']);
             exit();
         }

         $result = mysqli_query($con, "SELECT * FROM student_table WHERE nickname='$nn'") or die('Query failed');
         if (mysqli_num_rows($result) > 0) {
             $_SESSION['errors'][] = 'Nickname already in use.';
             header('Location: ' . $_SERVER['HTTP_REFERER']);
             exit();
         }

         $result = mysqli_query($con, "SELECT * FROM student_table WHERE email='$em'") or die('Query failed');
         if (mysqli_num_rows($result) > 0) {
             $_SESSION['errors'][] = 'E-mail already in use.';
             header('Location: ' . $_SERVER['HTTP_REFERER']);
             exit();
         }
    }

    header('Location: index.php');
    exit();
?>

这应该有效。

P.S。您应该查看预处理语句和输入过滤。应始终把安全放在第一位。

答案 2 :(得分:0)

<?php
session_start();

if(isset($_POST['nam']) && (isset($_POST['sid']) && (isset($_POST['nn'])){

    if(($_POST['name']=== 'user')&& ($_POST['sid']==='sid')&&($_POST['nn']==='sid')){
        echo "correct";

            $_SESSION['us'] = "YES";
            $_SESSION['sid'] = "YES";
            $_SESSION['nn'] = "YES";
            header("location: userpage.php"); //directs to user area
    }else {
        echo "Wronge Password/Name/Nickname";
            $_SESSION['us'] = $_POST['name'];
            $_SESSION['sid'] = $_POST['sid'];
            $_SESSION['nn'] = $_POST['nn'];
            header("location: userpage.php"); //userpage redirects to this page 
    }}

?>
<!doctype html>
<html>
<head>
<title>Welcome!</title>
</head>
<body>  
<form action="" method="post">
Name: <input type="text" name="name" <?php echo isset($_SESSION['us']) ? $_SESSION['us'] : ""; ?> >
<br />
SID: <input type="text" name="sid" <?php echo isset($_SESSION['sid']) ? $_SESSION['sid'] : ""; ?> >
<br />
Nick Name: <input type="text" name="nn" <?php echo isset($_SESSION['sid']) ? $_SESSION['sid'] : ""; ?> >

</form>
</body>
</html>