PHP表单验证并提交到数据库

时间:2014-05-03 12:09:40

标签: php mysql validation

我想问一下如何在一个php文件中设置PHP“表单验证”和“提交到数据库”?这是我在第1部分和第2部分中尝试做的。

$latErr = $lngErr = $messageErr = "";
$lat = $lng = $message = "";

$tbl_name="stickers";
$datetime=date("d-m-y H:i:s");

//PART 1 - form validation method
if ($_SERVER["REQUEST_METHOD"] == "POST") {

  if (empty($_POST["inputfield1"])) {
  $latErr = "* Latitude is required. Please enable your browser geolocation settings.";
  } else {
  $lat = test_input($_POST["inputfield1"]);
}

if (empty($_POST["inputfield2"])) {
  $lngErr = "* Longitude is required. Please enable your browser geolocation settings.";
  }else{
  $lng = test_input($_POST["inputfield2"]);
  }

if (empty($_POST["message"])) {
  $messageErr = "* Please enter your message.";
  } else {
  $message = test_input($_POST["message"]);
  }

}


//PART 2 - check if all 3 parameters are filled, if yes then insert into database
if (isset($lat, $lng, $message)){

$sql="INSERT INTO $tbl_name(username, message, datetime, lat, lng )VALUES('$user-   >username','$message', '$datetime', '$lat', '$lng')";
$result=mysql_query($sql);

//check if query successful
if($result){
$post_info = "Your msg is successfully posted!";
}else{
$post_info = "Oops, there is an error posting the msg.";
}


mysql_close();
}

function test_input($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}

它不起作用。它只是将空白插入数据库。有什么不对,但我不知道它是什么?有人可以建议。感谢。

1 个答案:

答案 0 :(得分:0)

也许您需要使用empty()而不是isset()?

//PART 1 - form validation method
if ($_SERVER["REQUEST_METHOD"] == "POST") {

  if (empty($_POST["inputfield1"])) {
  $latErr = "* Latitude is required. Please enable your browser geolocation settings.";
  } else {
  $lat = test_input($_POST["inputfield1"]);
}

if (empty($_POST["inputfield2"])) {
  $lngErr = "* Longitude is required. Please enable your browser geolocation settings.";
  }else{
  $lng = test_input($_POST["inputfield2"]);
  }

if (empty($_POST["message"])) {
  $messageErr = "* Please enter your message.";
  } else {
  $message = test_input($_POST["message"]);
  }

}


//PART 2 - check if all 3 parameters are filled, if yes then insert into database
if ( !empty($lat) && !empty($lng) && !empty($message) ){

$sql="INSERT INTO $tbl_name(username, message, datetime, lat, lng )VALUES('$user-   >username','$message', '$datetime', '$lat', '$lng')";
$result=mysql_query($sql);

//check if query successful
if($result){
$post_info = "Your msg is successfully posted!";
}else{
$post_info = "Oops, there is an error posting the msg.";
}


}
else {
$post_info = "Empty content.";
}
mysql_close();
相关问题
最新问题