PHP& MYSQL我没有收到错误代码,但我收到了其余的代码

时间:2014-06-05 12:12:58

标签: php mysql

我不明白我做错了什么以及为什么它没有显示错误代码但是它会在特定单词之后显示我的其余代码。

代码:

    <?php
    $errors = array();

$required = array(
'InvoiceFrom'   =>'This is required',
'InvoiceTo'     =>'This is required',
'InvoiceAddress'=>'This is required',
'ContactName'   =>'This is required',
'ContactNumber' =>'This is required',
'Email'         =>'This is required',
'PoNo'          =>'This is required',
'Details'       =>'This is required',
'InvoiceAmount' =>'This is required',
'Submitted'     =>'This is required',
'SubmittedBy'   =>'This is required',
);

if ('POST' === $_SERVER['REQUEST_METHOD'])
{
  foreach ($required as $field => $error)
    {
    $isEmpty = 0 == strlen(trim($_POST[$field]));

    if ($isEmpty) {
        $errors[] = $error;
    }
}

if ( ! filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL)) {
    $errors[] = 'Email must be a valid email address';
}

if ( ! preg_match('~^[0-9.]+$~i', $_POST['InvoiceAmount'])) {
    $errors[] = 'Invoice amount value is invalid';
}

if ( ! empty($errors))
{
   $con = mysqli_connect("localhost","FORM","form","form");

    $sql = sprintf(
        "INSERT INTO
            table
        (InvoiceFrom, InvoiceTo, InvoiceAddress, ContactName, ContactNumber, Email, PoNo, Details, InvoiceAmount, Submitted, SubmittedBy )
            VALUES
        ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s','%s','%s');",
        mysql_real_escape_string($_POST['InvoiceFrom']),
        mysql_real_escape_string($_POST['InvoiceTo']),
        mysql_real_escape_string($_POST['InvoiceAddress']),
        mysql_real_escape_string($_POST['ContactName']),
        mysql_real_escape_string($_POST['ContactNumber']),
        mysql_real_escape_string($_POST['Email']),
        mysql_real_escape_string($_POST['PoNo']),
        mysql_real_escape_string($_POST['Details']),
        mysql_real_escape_string($_POST['InvoiceAmount']),
        mysql_real_escape_string($_POST['Submitted']),
        mysql_real_escape_string($_POST['SubmittedBy'])
    );

    $res = mysql_query($sql, $con);

    if ($res) {
        header('Location: http://example.org/success', true, 301);
        exit;
    }

    $errors[] = mysql_error($con);
}
 }
?>
<html>
<head></head>
<body>
    <?php if (count($errors)): ?>
        <ul>
            <?php foreach ($errors as $error): ?>
                <li><?php echo $error; ?></li>
            <?php endforeach; ?>
        </ul>
    <?php endif; ?>
    <form method="post">
    </form>
</body>

结果是什么:

'This is required','InvoiceTo' =>'This is required','InvoiceAddress'=>'This is required','ContactName' =>'This is required','ContactNumber' =>'This is required','Email' =>'This is required','PoNo' =>'This is required','Details' =>'This is required','InvoiceAmount' =>'This is required','Submitted' =>'This is required','SubmittedBy' =>'This is required',); if ('POST' === $_SERVER['REQUEST_METHOD']) { foreach ($required as $field => $error) { $isEmpty = 0 == strlen(trim($_POST[$field])); if ($isEmpty) { $errors[] = $error; } } if ( ! filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL)) { $errors[] = 'Email must be a valid email address'; } if ( ! preg_match('~^[0-9.]+$~i', $_POST['InvoiceAmount'])) { $errors[] = 'Invoice amount value is invalid'; } if ( ! empty($errors)) { $con = mysqli_connect("localhost","FORM","form","form"); $sql = sprintf( "INSERT INTO table (InvoiceFrom, InvoiceTo, InvoiceAddress, ContactName, ContactNumber, Email, PoNo, Details, InvoiceAmount, Submitted, SubmittedBy ) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s','%s','%s');", mysql_real_escape_string($_POST['InvoiceFrom']), mysql_real_escape_string($_POST['InvoiceTo']), mysql_real_escape_string($_POST['InvoiceAddress']), mysql_real_escape_string($_POST['ContactName']), mysql_real_escape_string($_POST['ContactNumber']), mysql_real_escape_string($_POST['Email']), mysql_real_escape_string($_POST['PoNo']), mysql_real_escape_string($_POST['Details']), mysql_real_escape_string($_POST['InvoiceAmount']), mysql_real_escape_string($_POST['Submitted']), mysql_real_escape_string($_POST['SubmittedBy']) ); $res = mysql_query($sql, $con); if ($res) { header('Location: http://example.org/success', true, 301); exit; } $errors[] = mysql_error($con); } } include "ERROR.html" ?>

你能解释一下我做错了什么以及我怎样做得更好?

0 个答案:

没有答案