我是php的新手。 我正在尝试制作注册页面。 下面的编码在单独运行时工作正常,但是当它与母版页/菜单栏一起运行时,它甚至不会在点击提交时检查验证。它只是重定向到主页,而未在标题功能中指定。 我只是决定保持简单并逐步进一步。所以对于你们中的某些人来说,这可能是一种廉价的代码。 无论如何,请告诉我我错在哪里以及如何使其与menubar.php一起运行。 这是我到目前为止的注册表格代码(register.php)。
谢谢。
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<div align="center" style="height:700px; width:70%; borderstyle:solid; border-width:5px; margin:auto; background-color: #FFFFFF;">
<?php
// Initialize variables and set to empty strings
$firstName=$pass=$confpass=$gender=$city=$num=$Email="";
$firstNameErr=$passErr=$confpassErr=$cityErr=$numErr=$EmailErr=$genderErr="";
// Validate input and sanitize
if ($_SERVER['REQUEST_METHOD']== "POST")
{
$valid = true; //Your indicator for your condition, actually it depends on what you need. I am just used to this method.
if (empty($_POST["firstName"])) {
$firstNameErr = "First name is required";
$valid = false; //false
}
else
{
$firstName = test_input($_POST["firstName"]);
if (!preg_match("/^[a-zA-Z ]*$/",$firstName))
{
$firstName = "";
$firstNameErr = "Only letters are allowed";
}
}
if (empty($_POST["gender"]))
{
$genderErr = "Gender Required";
$valid = false;
}
if (empty($_POST["Email"]))
{
$EmailErr = "Email is required";
$valid = false;
}
else
{
$Email = test_input($_POST["Email"]);
}
if (empty($_POST["pass"]))
{
$passErr = "Please enter your password";
$valid = false;
}
else
{
if ($_POST["confpass"] != $_POST["pass"])
{
$passErr = "Your passwords didnt match";
$valid = false;
$pass="";
$confpass="";
}
}
if (empty($_POST["city"]))
{
$cityErr = "Please enter your city";
$valid = false;
}
else
{
$city = test_input($_POST["city"]);
}
if (empty($_POST["num"]))
{
$numErr = "Please enter your correct number";
$valid = false;
}
else
{
$num = test_input($_POST["num"]);
}
//if valid then redirect
if($valid)
{
header('Location: https://www.google.co.in');
exit();
}
}
// Sanitize data
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Registration Form</h2>
<p><span class="error">* required</span></p>
<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>" method="post">
Full Name: <input type="text" name="firstName" value="<?php echo $firstName; ?>" ><span class="error">* <?php echo $firstNameErr; ?></span><br><br>
Gender: <input type="radio" name="gender" value="Male">Male<br>
<input type="radio" name="gender" value="female">Female<span class="error">* <?php echo $genderErr; ?></span><br>
E-mail: <input type="email" name="Email" value="<?php echo $Email; ?>"><span class="error">* <?php echo $EmailErr; ?><br><br></span>
Password: <input type="password" name="pass" value="<?php echo $pass; ?>"><span class="error">* <?php echo $passErr; ?><br><br></span>
Confirm Password: <input type="password" name="confpass" value="<?php echo $confpass; ?>"><span class="error">* <?php echo $confpassErr; ?><br><br></span>
City <input type="text" name="city" value="<?php echo $city; ?>"><span class="error">* <?php echo $cityErr; ?><br><br></span>
Contact no: <input type="number" name="num"><span class="error">* <?php echo $numErr; ?><br><br></span>
State:
<select name="state"/>
<option value="ap">Andhra Pradesh</option>
<option value="aap">Arunachal Pradesh</option>
<option value="as">Assam</option>
<option value="bi">Bihar</option>
<option value="ch">Chattisgarh</option>
<option value="goa">Goa</option>
<option value="Gujarat">Gujarat</option>
<option value="Haryana">Haryana</option>
<option value="Hp">Himachal Pradesh</option>
<option value="Jk">Jammu and Kashmir</option>
<option value="jh">Jharkhand</option>
<option value="ka">Karnatka</option>
<option value="Kerala">Kerala</option>
<option value="MP">Madhya Pradesh</option>
<option value="mh">Maharashtra</option>
<option value="manipur">Manipur</option>
<option value="Meg">Meghalya</option>
<option value="miz">Mizoram</option>
<option value="ng">Nagaland</option>
<option value="or">Orissa</option>
<option value="punjab">Punjab</option>
<option value="rj">Rajasthan</option>
<option value="si">Sikkim</option>
<option value="tn">Tamil Nadu</option>
<option value="tr">Tripura</option>
<option value="ut">Uttaranchal</option>
<option value="up">Uttar Pradesh</option>
<option value="wb">West Bengal</option>
<option value="and">Andaman And Nicobar Islands</option>
<option value="ch">Chandigarh</option>
<option value="delhi">Delhi</option>
</select>
<input type="submit">
<input type="reset" name="Reset">
</form>
</div>
</body>
</html>
这是我的menubar.php代码
<!DOCTYPE html>
<html>
<head>
<style>
<?php
include("mycss/mystyle.css");
?>
</style>
</head>
<body style="font-family: verdana, sans-serif;" bgcolor="#DDDDDD";>
<br>
<ul>
<li><a href="menubar.php?page=home">Home</a></li>
<li><a href="menubar.php?page=about">About Us</a></li>
<li><a href="menubar.php?page=Product">Our Product</a></li>
<li><a href="menubar.php?page=contact">Contact Us</a></li>
<ul style="float:right; list-style-type:none; border:none; border-left:1px solid #C0C0C0;">
<li><a href="menubar.php?page=index1">Login</a></li>
<li><a href="menubar.php?page=register">Register</a></li>
</ul>
</ul>
<hr />
<div style="width: 100%; height: auto;border: 1px solid #BDBDBD;">
<?php
if(isset($_GET['page']))
{
$page_name=$_GET['page'];
include("pages/".$page_name.".php");
}
else
include("pages/home.php");
?>
</div>
</body>
</html>
答案 0 :(得分:0)
在register.php中:
<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>" method="post">
替换为:
<form action="menubar.php?page=register" method="post">
答案 1 :(得分:0)
在menubar.php中,您没有正确清理页面参数..它容易受到文件包含/目录遍历的影响.. 例如..?page = .. / .. / .. / .. / .. / .. / etc / passwd%00
你可以做这样的事情来保护它免受那些诽谤的伤害:
<?php
if(isset($_GET['page']))
{
$page_name = htmlentities($_GET['page']);
include("pages/".$page_name.".php");
}
else
include("pages/home.php");
?>
或者如果你没有太多&#34;页面&#34; ..
<?php
$files = array('foo', 'bar');
$page_name = htmlentities($_GET['page']);
$safe = in_array($page_name, $files) ? $page_name : 'home';
include('pages/'.$safe.'.php');
?>
至于问题本身啊,你不必采取行动&#34;如果动作将是同一页面,则在register.php中输入属性...但您可以将其设置为&#34;#&#34;