我使用php bootsratp创建了一个注册页面。填写注册表后,如果我按下提交按钮我成功上传了msg ...但是表格是空白的......没有验证消息显示....如果任何字段为空白 下面是我的代码
表单验证码
function formValidation()
{
var uid = document.registration.userid;
var passid = document.registration.passid;
var uname = document.registration.username;
var uadd = document.registration.address;
var ucountry = document.registration.country;
var uzip = document.registration.zip;
var uemail = document.registration.email;
var umsex = document.registration.msex;
var ufsex = document.registration.fsex; if(userid_validation(uid,5,12))
{
if(passid_validation(passid,7,12))
{
if(allLetter(uname))
{
if(alphanumeric(uadd))
{
if(countryselect(ucountry))
{
if(allnumeric(uzip))
{
if(ValidateEmail(uemail))
{
if(validsex(umsex,ufsex))
{
}
}
}
}
}
}
}
}
return false;
} function userid_validation(uid,mx,my)
{
var uid_len = uid.value.length;
if (uid_len == 0 || uid_len >= my || uid_len < mx)
{
alert("User Id should not be empty / length be between "+mx+" to "+my);
uid.focus();
return false;
}
return true;
}
function passid_validation(passid,mx,my)
{
var passid_len = passid.value.length;
if (passid_len == 0 ||passid_len >= my || passid_len < mx)
{
alert("Password should not be empty / length be between "+mx+" to "+my);
passid.focus();
return false;
}
return true;
}
function allLetter(uname)
{
var letters = /^[A-Za-z]+$/;
if(uname.value.match(letters))
{
return true;
}
else
{
alert('Username must have alphabet characters only');
uname.focus();
return false;
}
}
function alphanumeric(uadd)
{
var letters = /^[0-9a-zA-Z]+$/;
if(uadd.value.match(letters))
{
return true;
}
else
{
alert('User address must have alphanumeric characters only');
uadd.focus();
return false;
}
}
function countryselect(ucountry)
{
if(ucountry.value == "Default")
{
alert('Select your country from the list');
ucountry.focus();
return false;
}
else
{
return true;
}
}
function allnumeric(uzip)
{
var numbers = /^[0-9]+$/;
if(uzip.value.match(numbers))
{
return true;
}
else
{
alert('ZIP code must have numeric characters only');
uzip.focus();
return false;
}
}
function ValidateEmail(uemail)
{
var mailformat = /^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/;
if(uemail.value.match(mailformat))
{
return true;
}
else
{
alert("You have entered an invalid email address!");
uemail.focus();
return false;
}
} function validsex(umsex,ufsex)
{
x=0;
if(umsex.checked)
{
x++;
} if(ufsex.checked)
{
x++;
}
if(x==0)
{
alert('Select Male/Female');
umsex.focus();
return false;
}
else
{
alert('Form Succesfully Submitted');
window.location.reload()
return true;
}
}
这是表单设计代码:
<?PHP
//require_once("./include/membersite_config.php");
require_once "formvalidator.php";
//if(isset($_POST['submitted']))
//{
// if($fgmembersite->RegisterUser())
// {
// $fgmembersite->RedirectToURL("thank-you.html");
// }
//}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="css/style.css">
<script src="form-validation.js"></script>
<style>
body {
color: #000000;
font-family:Arial, Geneva, sans-serif, Helvetica, sans-serif;
line-height: 150%;
font-size:12px;
margin:auto;
background-color:#ffffff;
}
</style>
</head>
<title>Registration page</title></head>
<body>
<div class="container">
<div><h2 style="background-color:#00CCCC" align="center" "height:50px" >Registration page</h2></div>
<form class="form-horizontal" name='registration' onSubmit="return formValidation()" method="POST" action="insert.php">
<fieldset>
<legend>Registration form</legend>
<div class="form-group">
<label class="control-label col-xs-4" for="userid">Fullname:</label>
<div class="col-xs-4">
<input type="text" class="form-control" id="userid" placeholder="Enter name">
</div>
</div>
<div class="form-group">
<label class="control-label col-xs-4" for="uid">Username:</label>
<div class="col-xs-4">
<input type="text" class="form-control" id="uid" placeholder="Enter username">
</div>
</div>
这是我的insert.php代码
<?php
define('DB_HOST', 'localhost');
define('DB_NAME', 'phonebook');
define('DB_USER','root');
define('DB_PASSWORD','');
// Connect to server and select database.
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error());
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " . mysql_error());
// Get values from form
$fullname=$_POST['userid'];
$username=$_POST['uid'];
$email=$_POST['uemail'];
$password=$_POST['passid'];
$birthdate=$_POST['mytextarea'];
$country=$_POST['message'];
// Insert data into mysql
$sql="INSERT INTO tbl_registration(fullname,username,email,password, birthdate,country) VALUES('$fullname', '$username', '$email', '$password', '$birthdate', '$country')";
$result=mysql_query($sql);
我会做什么...
答案 0 :(得分:0)
你不应该引用变量你必须在变量中使用查询字符串中的变量(或者只是在任何其他字符串中),如'{$fullname}'
来告诉这些是字符串变量,你必须这样做< / p>
$sql="INSERT INTO tbl_registration(`fullname`,`username`,`email`,`password`, `birthdate`,`country`) VALUES('{$fullname}', '{$username}', '{$email}', '{$password}', '{$birthdate}', '{$country}')";
$result=mysqli_query($con,$sql);
您还必须使用mysqli
而不是mysql
,因为PHP
手册说mysql
已过时且容易受到攻击,您应该将其替换为Mysqli
}。
此外,您的代码容易受到SQL
注入传递变量的方法,以防止代码中的注入
取代
$fullname=$_POST['userid'];
与
$fullname= Mysqli_real_escape_string($_POST['userid']);
但这只是您可以使用准备好的查询的简单方法,并且准备好的查询将变量传递给查询而且它是安全的。