为什么我的isset和/或空函数不起作用?每次我单击html表单上的提交按钮时,即使表单为空,它也会插入到数据库中。有人可以让我彻底解释我做错了什么以及如何解决它?
<?php
$host = "localhost";
$user = "root";
$db_password = "";
$database = "listings_db";
$link = mysqli_connect($host, $user, $db_password, $database) or die("Error " . mysqli_error($link));
if (isset
($_POST['user_firstname'],
$_POST['user_lastname'],
$_POST['user_email'],
$_POST['user_password'],
$_POST['user_type']))
{
$firstname = $_POST['user_firstname'];
$lastname = $_POST['user_lastname'];
$email = $_POST['user_email'];
$password = $_POST['user_password'];
$type = $_POST['user_type'];
$errors = array();
if(empty($firstname)
|| empty($lastname)
|| empty($email)
|| empty($email)
|| empty($password)
|| empty($type))
{$errors [] = '*All fields are required!';}
else {
if(filter_var($email, FILTER_VALIDATE_EMAIL) === false) {$errors[] = '*Please enter a valid email address!' ;}
if(strlen($firstname) > 25) {$errors[] = '*The email address you entered contains too many characters!';}
if(strlen($lastname) > 25) {$errors[] = '*The first name you entered contains too many characters!';}
if(strlen($email) > 40) {$errors[] = '*The last name you entered contains too many characters!';}
if(strlen($password) > 40) {$errors[] = '*The password you entered contains too many characters!';}
if(strlen($type) != true){$errors[] = '*Please select an account type!';}
}
$firstname = $_POST['user_firstname'];
$lastname = $_POST['user_lastname'];
$email = $_POST['user_email'];
$password = md5($_POST['user_password']);
$type = $_POST['user_type'];
$firstname = mysqli_real_escape_string($link, $firstname);
$lastname = mysqli_real_escape_string($link, $lastname);
$email = mysqli_real_escape_string($link, $email);
$password = mysqli_real_escape_string($link, $password);
$type = mysqli_real_escape_string($link, $type);
$query = mysqli_query($link, "INSERT INTO users (user_id, user_firstname, user_lastname, user_email, user_password) VALUES ('', '$firstname', '$lastname', '$email', '$password')");
}
?>
编辑:以下是表格:
<form action="" method="post">
<p>First Name: <br><input type="text" name="user_firstname" size="25" maxlength="25"/></p>
<p>Last Name: <br><input type="text" name="user_lastname" size="25" maxlength="25"/></p>
<p>Email Address: <br><input type="email" id="email" name="user_email" size="25" maxlength="40"/><p>
<p>Create a Password: <br><input type="password" name="user_password" size="25" maxlength="40"/></p>
<p>Account Type: <br> <select name="user_type">
<option value="seller" selected>Seller</option>
<option value="Buyer">Buyer </option>
</select>
答案 0 :(得分:1)
这是因为您的表单字段将始终提交。无论他们是否充满了任何内容。
因此,您无需检查它们是否已设置,因为它们将始终设置。如果它们不是空的,你需要检查。为此,您可以使用空的PHP构造:
if (!empty($_POST['user_firstname'])
&& !empty($_POST['user_lastname'])
&& !empty($_POST['user_email'])
&& !empty($_POST['user_password'])
&& !empty($_POST['user_type']))
{
// TODO
}