我不明白我做错了什么以及为什么它没有显示错误代码但是它会在特定单词之后显示我的其余代码。
代码:
<?php
$errors = array();
$required = array(
'InvoiceFrom' =>'This is required',
'InvoiceTo' =>'This is required',
'InvoiceAddress'=>'This is required',
'ContactName' =>'This is required',
'ContactNumber' =>'This is required',
'Email' =>'This is required',
'PoNo' =>'This is required',
'Details' =>'This is required',
'InvoiceAmount' =>'This is required',
'Submitted' =>'This is required',
'SubmittedBy' =>'This is required',
);
if ('POST' === $_SERVER['REQUEST_METHOD'])
{
foreach ($required as $field => $error)
{
$isEmpty = 0 == strlen(trim($_POST[$field]));
if ($isEmpty) {
$errors[] = $error;
}
}
if ( ! filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL)) {
$errors[] = 'Email must be a valid email address';
}
if ( ! preg_match('~^[0-9.]+$~i', $_POST['InvoiceAmount'])) {
$errors[] = 'Invoice amount value is invalid';
}
if ( ! empty($errors))
{
$con = mysqli_connect("localhost","FORM","form","form");
$sql = sprintf(
"INSERT INTO
table
(InvoiceFrom, InvoiceTo, InvoiceAddress, ContactName, ContactNumber, Email, PoNo, Details, InvoiceAmount, Submitted, SubmittedBy )
VALUES
('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s','%s','%s');",
mysql_real_escape_string($_POST['InvoiceFrom']),
mysql_real_escape_string($_POST['InvoiceTo']),
mysql_real_escape_string($_POST['InvoiceAddress']),
mysql_real_escape_string($_POST['ContactName']),
mysql_real_escape_string($_POST['ContactNumber']),
mysql_real_escape_string($_POST['Email']),
mysql_real_escape_string($_POST['PoNo']),
mysql_real_escape_string($_POST['Details']),
mysql_real_escape_string($_POST['InvoiceAmount']),
mysql_real_escape_string($_POST['Submitted']),
mysql_real_escape_string($_POST['SubmittedBy'])
);
$res = mysql_query($sql, $con);
if ($res) {
header('Location: http://example.org/success', true, 301);
exit;
}
$errors[] = mysql_error($con);
}
}
?>
<html>
<head></head>
<body>
<?php if (count($errors)): ?>
<ul>
<?php foreach ($errors as $error): ?>
<li><?php echo $error; ?></li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<form method="post">
</form>
</body>
结果是什么:
'This is required','InvoiceTo' =>'This is required','InvoiceAddress'=>'This is required','ContactName' =>'This is required','ContactNumber' =>'This is required','Email' =>'This is required','PoNo' =>'This is required','Details' =>'This is required','InvoiceAmount' =>'This is required','Submitted' =>'This is required','SubmittedBy' =>'This is required',); if ('POST' === $_SERVER['REQUEST_METHOD']) { foreach ($required as $field => $error) { $isEmpty = 0 == strlen(trim($_POST[$field])); if ($isEmpty) { $errors[] = $error; } } if ( ! filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL)) { $errors[] = 'Email must be a valid email address'; } if ( ! preg_match('~^[0-9.]+$~i', $_POST['InvoiceAmount'])) { $errors[] = 'Invoice amount value is invalid'; } if ( ! empty($errors)) { $con = mysqli_connect("localhost","FORM","form","form"); $sql = sprintf( "INSERT INTO table (InvoiceFrom, InvoiceTo, InvoiceAddress, ContactName, ContactNumber, Email, PoNo, Details, InvoiceAmount, Submitted, SubmittedBy ) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s','%s','%s');", mysql_real_escape_string($_POST['InvoiceFrom']), mysql_real_escape_string($_POST['InvoiceTo']), mysql_real_escape_string($_POST['InvoiceAddress']), mysql_real_escape_string($_POST['ContactName']), mysql_real_escape_string($_POST['ContactNumber']), mysql_real_escape_string($_POST['Email']), mysql_real_escape_string($_POST['PoNo']), mysql_real_escape_string($_POST['Details']), mysql_real_escape_string($_POST['InvoiceAmount']), mysql_real_escape_string($_POST['Submitted']), mysql_real_escape_string($_POST['SubmittedBy']) ); $res = mysql_query($sql, $con); if ($res) { header('Location: http://example.org/success', true, 301); exit; } $errors[] = mysql_error($con); } } include "ERROR.html" ?>
你能解释一下我做错了什么以及我怎样做得更好?