尝试插入新记录时,表单验证错误未被回显

时间:2015-11-29 20:10:26

标签: php mysqli

如果我根据我建立的正则表达式格式化表单字段,然后回显成功插入数据库的记录,则表单输入记录。如果我犯了任何错误,它只会删除字段并且不会回显错误。我对php很新,我正在为一个课程项目做这个,作为在线课程的一部分。我不确定我的错误在哪里。任何帮助将不胜感激。

<!DOCTYPE HTML>
<html lang = "en">
  <head>
    <link rel="stylesheet" type="text/css" href="stylesheet.css">
    <title>Tech Order Department.html</title>
    <meta charset = "UTF-8" />

<style>

div {
    text-align: justify;
    }

.section {
     margin-left: auto;
     margin-right: auto;
     width: 70%;
    }
</style>

</head>

<body>

<h2>Tech Orders</h2>

<br>

    <title>Page Title</title>

    <h2>New Project</h2>

<p class="first"><span class="error">* required field.</span></p>
    <form action="http://www.oldgamer60.com/Project/try.php" method="post">

<div class="fieldset">
        <fieldset>

        Project: <input type="text" name="Project" value="<?php if(isset($Project)){ echo $Project; } ?>">
        <span class="error">* <?php if(isset($ProjectErr)){ echo $ProjectErr; } ?></span>
        <br><br>
        Client: <input type="text" name="Client" value="<?php if(isset($Client)){ echo $Client; } ?>">
        <span class="error">* <?php if(isset($ClientErr)){ echo $ClientErr; } ?></span>
        <br><br>
        LastName: <input type="text" name="LastName" value="<?php if(isset($LastName)){ echo $LastName; } ?>">
        <span class="error">* <?php if(isset($LastNameErr)){ echo $LastNameErr; } ?></span>
        <br><br>
        DateReceived: <input type="text" name="DateReceived" value="<?php if(isset($DateReceived)){ echo $DateReceived; } ?>">
        <span class="error">* <?php if(isset($DateReceivedErr)){ echo $DateReceivedErr; } ?></span>
        <br><br>
        <input type="submit" name="submit" value="Submit"> 
     </fieldset>
    </div>
    </form>
<br>        

<?php
function test_input($data){
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}

$servername = "localhost";
$username = "xxx";
$password = "xxx";
$dbname = "oldga740_SeniorProject";

// create connection
$connection = new mysqli($servername, $username, $password, $dbname);

if(isset($_POST['submit']) && !$connection->connect_error){
    // to track errors
    $error = false;

    // now validate input fields
    if (empty($_POST['Project']) || !isset($_POST['Project'])){
        $ProjectErr = "Project name is required";
        $error = true;
    }elseif(!preg_match("/^[A-Za-z0-9.-]+$/",$_POST['Project'])){
        // check if project only contains number, letters, comma's periods and whitespace
        $ProjectErr = "Only letters, numbers, comma's, periods and white space allowed";
        $error = true;
    }else{
        $Project = test_input($_POST['Project']);
    }

    if (empty($_POST['Client']) || !isset($_POST['Client'])){
        $ClientErr = "Client name is required";
        $error = true;
    }elseif(!preg_match("/^[A-Za-z0-9.-]+$/",$_POST['Client'])){
        // check if project only contains number, letters, comma's periods and whitespace
        $ClientErr = "Only letters, numbers, comma's, periods and white space allowed";
        $error = true;
    }else{
        $Client = test_input($_POST['Client']);
    }

    if (empty($_POST['LastName']) || !isset($_POST['LastName'])){
        $LastNameErr = "Last name is required";
        $error = true;
    }elseif(!preg_match("/^[A-Za-z0-9-]+$/",$_POST['LastName'])){
        // check if last name only contains letters and whitespace
        $LastNameErr = "Only letters and white space allowed";
        $error = true;
    }else{
        $LastName = test_input($_POST['LastName']);
    }

    if (empty($_POST['DateReceived']) || !isset($_POST['DateReceived'])){
        $DateReceivedErr = "Data received field is required";
        $error = true;
    }elseif(!preg_match("/^\d{4}-\d{2}-\d{2}$/",$_POST['DateReceived'])){
        // check if data received only contains letters and whitespace
        $DateReceivedErr = "Date must be entered as YYYY/MM/DD";
        $error = true;
    }else{
        $DateReceived = test_input($_POST['DateReceived']);
    }

    if(!$error){
        $query = "INSERT INTO Projects (Project, Client, LastName, DateReceived) VALUES ('$Project', '$Client', '$LastName', '$DateReceived')";
        if($connection->query($query)){
            echo "record is successfully inserted!";
        }else{
            echo "error: record could not be inserted";
        }
    }
}
?>
<?php
    $connection->close();
?>
</div>
</div>
</body>
</html>

1 个答案:

答案 0 :(得分:0)

检查一下。在您的表单中,您使用尚未定义的变量(Tey在代码中定义,但您在定义它们之前尝试回显它们):

Project: <input type="text" name="Project" value="<?php if(isset($Project)){ echo $Project; } ?>">
    <span class="error">* <?php if(isset($ProjectErr)){ echo $ProjectErr; } ?></span>
    <br><br>

isset($ProjectErr)永远不会设置,因为您在代码中将其设置得更低 您的表单中不存在$ProjectErr

解决方案,将表格放在检查输入字段的php代码下。

编辑: 尝试这样的事情:

<!DOCTYPE HTML>
<html lang = "en">
  <head>
    <link rel="stylesheet" type="text/css" href="stylesheet.css">
    <title>Tech Order Department.html</title>
    <meta charset = "UTF-8" />

<style>

div {
    text-align: justify;
    }

.section {
     margin-left: auto;
     margin-right: auto;
     width: 70%;
    }
</style>

</head>

<body>

<h2>Tech Orders</h2>

<br>

    <title>Page Title</title>

    <h2>New Project</h2>

<p class="first"><span class="error">* required field.</span></p>



<?php
function test_input($data){
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}

$servername = "localhost";
$username = "xxx";
$password = "xxx";
$dbname = "oldga740_SeniorProject";

// create connection
$connection = new mysqli($servername, $username, $password, $dbname);

if(isset($_POST['submit']) && !$connection->connect_error){
    // to track errors
    $error = false;

    // now validate input fields
    if (empty($_POST['Project']) || !isset($_POST['Project'])){
        $ProjectErr = "Project name is required";
        $error = true;
    }elseif(!preg_match("/^[A-Za-z0-9.-]+$/",$_POST['Project'])){
        // check if project only contains number, letters, comma's periods and whitespace
        $ProjectErr = "Only letters, numbers, comma's, periods and white space allowed";
        $error = true;
    }else{
        $Project = test_input($_POST['Project']);
    }

    if (empty($_POST['Client']) || !isset($_POST['Client'])){
        $ClientErr = "Client name is required";
        $error = true;
    }elseif(!preg_match("/^[A-Za-z0-9.-]+$/",$_POST['Client'])){
        // check if project only contains number, letters, comma's periods and whitespace
        $ClientErr = "Only letters, numbers, comma's, periods and white space allowed";
        $error = true;
    }else{
        $Client = test_input($_POST['Client']);
    }

    if (empty($_POST['LastName']) || !isset($_POST['LastName'])){
        $LastNameErr = "Last name is required";
        $error = true;
    }elseif(!preg_match("/^[A-Za-z0-9-]+$/",$_POST['LastName'])){
        // check if last name only contains letters and whitespace
        $LastNameErr = "Only letters and white space allowed";
        $error = true;
    }else{
        $LastName = test_input($_POST['LastName']);
    }

    if (empty($_POST['DateReceived']) || !isset($_POST['DateReceived'])){
        $DateReceivedErr = "Data received field is required";
        $error = true;
    }elseif(!preg_match("/^\d{4}-\d{2}-\d{2}$/",$_POST['DateReceived'])){
        // check if data received only contains letters and whitespace
        $DateReceivedErr = "Date must be entered as YYYY/MM/DD";
        $error = true;
    }else{
        $DateReceived = test_input($_POST['DateReceived']);
    }

    if(!$error){
        $query = "INSERT INTO Projects (Project, Client, LastName, DateReceived) VALUES ('$Project', '$Client', '$LastName', '$DateReceived')";
        if($connection->query($query)){
            echo "record is successfully inserted!";
        }else{
            echo "error: record could not be inserted";
        }
    }
}
?>
<?php
    $connection->close();
?>
<form action="http://www.oldgamer60.com/Project/try.php" method="post">

    <div class="fieldset">
            <fieldset>

            Project: <input type="text" name="Project" value="<?php if(isset($Project)){ echo $Project; } ?>">
            <span class="error">* <?php if(isset($ProjectErr)){ echo $ProjectErr; } ?></span>
            <br><br>
            Client: <input type="text" name="Client" value="<?php if(isset($Client)){ echo $Client; } ?>">
            <span class="error">* <?php if(isset($ClientErr)){ echo $ClientErr; } ?></span>
            <br><br>
            LastName: <input type="text" name="LastName" value="<?php if(isset($LastName)){ echo $LastName; } ?>">
            <span class="error">* <?php if(isset($LastNameErr)){ echo $LastNameErr; } ?></span>
            <br><br>
            DateReceived: <input type="text" name="DateReceived" value="<?php if(isset($DateReceived)){ echo $DateReceived; } ?>">
            <span class="error">* <?php if(isset($DateReceivedErr)){ echo $DateReceivedErr; } ?></span>
            <br><br>
            <input type="submit" name="submit" value="Submit"> 
         </fieldset>
        </div>
        </form>
    <br>
</div>
</div>
</body>
</html>