我的submit_form_company.php中有一个表单(add_company_form.php),它从POST获取值并通过pdo连接将它们发送到mysql。但是我无法通过validation.php来验证输入。我希望用户保持在同一页面上,这就是我在表单中没有动作的原因。代码本身并不完整,可以做很多改进,但我现在仍然坚持验证。我是否在正确的轨道上添加了validation.php,就像我的db.php一样?
Submit_form_company.php
<?php
if ($_SERVER['REQUEST_METHOD'] == "POST") {
try {
include('db.php');
include('validation.php');
if(empty($_SESSION["error_message"]) && $_POST['submit_company']) {
$STH = $conn->prepare("
INSERT INTO companies (Name,Notes,OrganizationNumber)
VALUES (:Name,:Notes,:OrganizationNumber)");
$STH->bindParam(':Name', $_POST['Name'], PDO::PARAM_STR);
$STH->bindParam(':Notes', $_POST['Notes'], PDO::PARAM_STR);
$STH->bindParam(':OrganizationNumber', $_POST['OrganizationNumber'], PDO::PARAM_INT);
$STH->execute();
} elseif ($_SESSION["error_message"] && $_POST['submit_edit']) {
foreach ($_POST['company'] as $i => $value) {
$STH = $conn->prepare("
UPDATE companies
SET Name = :Name,Notes = :Notes,OrganizationNumber = :OrganizationNumber
WHERE Id = :Id");
$STH->bindParam(':Id', $value['Id'], PDO::PARAM_INT);
$STH->bindParam(':Name', $value['Name'], PDO::PARAM_STR);
$STH->bindParam(':Notes', $value['Notes'], PDO::PARAM_STR);
$STH->bindParam(':OrganizationNumber', $value['OrganizationNumber'], PDO::PARAM_INT);
$STH->execute();
}
}
if(empty($_SESSION["error_message"])){
echo "<meta http-equiv='refresh' content='0'>";
}
}
catch (PDOException $e) {
echo $e->getMessage();
}
}
require("add_company_form.php");
$DBH = null;
?>
add_company_form.php
<div class="row">
<form class="col-md-4 navbar-form" method="POST" action="" enctype="multipart/form-data">
<div class="form-group">
<label class="sr-only" for="Name">Name:</label> <input type="text" class="form-control" name="Name" placeholder="Name"><br />
<label class="sr-only" for="Notes">Notes:</label> <input type="text" class="form-control" name="Notes" placeholder="Notes"><br />
<label class="sr-only" for="OrganizationNumber">OrganizationNumber:</label> <input type="text" class="form-control" name="OrganizationNumber" placeholder="OrganizationNumber"><br />
<input type="submit" name="submit_company" class="btn btn-default" value="Submit">
</div>
</form>
<?php
if(!empty($_SESSION["error_message"])){
echo'<div id="error_message" class="col-md-8">';
print_alert_error($_SESSION["error_message"]);
$_SESSION["error_message"] = "";
echo'</div>';
} ?>-
Validation.php
<?
$error = "";
if(isset($_POST['submit_company'])) {
$name = $_POST['Name'];
$notes = $_POST['Notes'];
$organization_number = $_POST['OrganizationNumber'];
if (!ctype_alpha(str_replace(array("'", "-"), "",$name))) {
$error .= '<p class="error">Name should be alpha characters only.</p>';
}
}
//Add error message to session
if (!empty($error)){
$_SESSION["error_message"] = $error;
}
?>
db.php中
<?php
$servername = "127.0.0.1";
$username = "root";
$password = "";
$dbname = "test";
$conn = new PDO("mysql:host=$servername;dbname=$dbname;charset=utf8", $username, $password,array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'"));
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
&GT;
答案 0 :(得分:1)
这是一个愚蠢的建议,但请尝试使用<?php文件中的完整validation.php开头标记。