下面你看到我的表单验证脚本,我已经工作了一段时间。该脚本假设检查“Name:”是否首先不为空,然后如果它只包含字母然后插入数据。同样,对于“价格:”,它应该检查它是否为空,然后它只是数字。到目前为止,我未能使所有功能正常工作,现在这就是问题所在:
一般情况下,它不会将数据插入表格
无论价格是多少都要求(即使价格已经给定)
当名称字段中有给定的数字时,没有错误
这是脚本:
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
$con=mysqli_connect("localhost","xxxxx","xxxxx","my_project");
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// define variables and set to empty values
$nameErr = $priceErr = $catErr = $condErr = $regionErr = "";
$product_name = $product_price = $product_cat = $product_cond = $product_region = "";
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if (empty($_POST["product_name"]))
{
$nameErr = "Name is required";
}
else if (!preg_match("/^[a-zA-Z ]*$/",$product_name))
{
$nameErr = "Only letters and white space allowed";
}
if (empty ($_POST ["product_price"]))
{
$priceErr = "Price is required";
}
else if(!ctype_digit($product_price))
{
$priceErr = "Price is required";
}
else
{
$product_name = test_input($_POST["product_name"]);
$product_price = test_input($_POST["product_price"]);
$sql= "INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
VALUES
('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')";
if (!mysqli_query($con,$sql))
{
echo 'Error: ' . mysqli_error($con);
}
else
{
echo "1 record added";
}
mysqli_close($con);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="product_name" value="<?php echo $product_name;?>">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
price: <input type="text" name="product_price" value="<?php echo $product_price;?>">
<span class="error">* <?php echo $priceErr;?></span>
<br><br>
Condition:
<select name="product_cond" required >
<option value="" >SELECT</option>
<option value="Used" >Used </option>
<option value="new" >New</option>
</select>
Category:
<select name="product_cat" required >
<option value="" >SELECT</option>
<option value="books" >books</option>
<option value="Computers" >Computers</option>
<option value="Hardware/Tools" >Hardware/Tools </option>
<option value="Cars" >Cars</option>
<option value="home Appliances" >home Appliances</option>
</select>
Region:
<select name="product_region" required >
<option value="" >SELECT</option>
<option value="Oulu" >Oulu</option>
<option value="Turku" >Turku</option>
<option value="Helsinki" >Helsinki </option>
<option value="Tornio" >Vaasa</option>
<option value="Tampere" >Tampere</option>
<option value="Kemi" >Kemi</option>
<input type="submit">
</form>
</body>
以下是我使用和修改过的示例:
http://www.w3schools.com/php/showphp.asp?filename=demo_form_validation_special
答案 0 :(得分:0)
我建议使用一系列错误而不是变量。
然后您应该访问由$_POST['variable']
试试这段代码:
$errors = array();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["product_name"])) {
$errors['name'] = "Name is required";
} else if (!preg_match("/^[a-zA-Z ]*$/", $_POST['product_name'])) {
$errors['name'] = "Only letters and white space allowed";
}
if (empty($_POST ["product_price"])) {
$errors['price'] = "Price is required";
} else if (!ctype_digit($_POST['product_price'])) {
$errors['price'] = "Price is required";
}
if(count($errors) == 0){
$product_name = test_input($_POST["product_name"]);
$product_price = test_input($_POST["product_price"]);
$sql = "INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
VALUES
('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')";
if (!mysqli_query($con, $sql)) {
echo 'Error: ' . mysqli_error($con);
} else {
echo "1 record added";
}
}
}