提交表单数据库后获取错误的值。所以表单的工作方式如下:用户从选择选项中选择用户名,然后系统在不可编辑的字段中获取用户的id(使用ajax)。用户选择部门后按提交。数据存储在数据库中,但是我遇到了值的问题,cuz id变成了用户名,用户名就消失了,id变为0.不能理解是什么问题。以下是表单的HTML代码:
<form id="reguserform" method="post" action="register.php#err">
<?php
$res = verifyFormFields();
?>
<!-- Username field -->
<select class="empidselectbox" name="username" onchange="showUser(this.value)">
<option disabled selected>Username (required)</option>
<?php
while ($row = mysql_fetch_array($result))
{
echo "<option value='".$row[1]."'>$row[0]</option>";
}
mysql_free_result($result);
?>
</select>
<!-- Id field -->
<input type="hidden" name="ID" />
<div id="txtHint"><input type="text" class="input name" name="ID" placeholder="ID" disabled="disabled"/></div>
<!-- Employee group field -->
<select class="empidselectbox" name="userGroup">
<option disabled selected>User group (required)</option>
<option value = "Planning Department" >Planning Department</option>
<option value="HR Department">HR Department</option>
<option value="Recruitment Department">Recruitment Department</option>
</select>
<center><input type="submit" class="button small" name="submit" value="Register User"/></center>
<?php
if($count == 1)
{
if($res=="")
{
registerUser();
echo"<script>document.getElementById('testRegister').innerHTML=registerStr;callShowAlert();</script>";
}
else
{
echo "<a style='color:red';>$res</a>";
}
}
?>
</form>
然后来验证部分检查用户是否已经在数据库中,然后生成密码并添加到数据库:
if(isset($_POST['submit'])){
if (isset($_POST["username"])) {$username = $_POST["username"];}
if (isset($_POST["uid"])) {$ID = $_POST["uid"];}
if (isset($_POST["userGroup"])) {$userGroup = $_POST["userGroup"];}
$count = 1;
}
else $count = 0;
function registerUser(){
global $username,$ID,$userGroup;
// To protect MySQL injection
$username = cleanInputData($username);
$username = mysql_real_escape_string($username);
$email = $username . "@pk.com";
$result = getStatus($userGroup);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
if ($row = mysql_fetch_array($result))
{
$roleID = $row[0];
}
$random_string_length = 6;
$characters = 'abcdefghijklmnopqrstuvwxyz0123456789';
$password = '';
for ($i = 0; $i < $random_string_length; $i++) {
$password .= $characters[rand(0, strlen($characters) - 1)];
}
//query result
$result = insertNewUser($username,md5($password),$ID,$email,$roleID,1);
// Check result
if (!$result) {
die('Invalid queryyyy: ' . mysql_error());
}
}
function verifyFormFields(){
global $username,$ID,$userGroup;
if(isset($username))
{
$result = getUser($username);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
if (mysql_num_rows($result) > 0)
{
return "<p id ='err'>This Username Already Exists!</p>";
}
}
if(empty($username)){
return "<p id ='err'>Please Select Username</p>";
}
else if(empty($userGroup)){
return "<p id ='err'>Please Select User Group</p>";
}
else return "";
}
?>
我用来获取数据并将其插入表中的函数:
<?php
function getUnregisteredEmployee()
{
global $con;
$sql = "SELECT username, uid FROM `user`";
return @mysql_query($sql,$con);
}
function getID()
{
global $con;
$q = intval($_GET['q']);
$sql="SELECT * FROM user WHERE uid = '".$q."'";
return @mysql_query($sql,$con);
}
function getUser($username){
global $con;
$sql = "SELECT username
FROM `user` WHERE username='$username'";
return @mysql_query($sql,$con);
}
function getStatus($status){
global $con;
$sql = "SELECT roleID FROM `user_group` WHERE `status` = '$status'";
return @mysql_query($sql,$con);
}
function insertNewUser($username,$password,$ID,$email,$role,$active){
global $con;
$sql = "INSERT INTO `user_dep`(`username`,`password`,`empID`,`email`,`role`,`active`)
VALUES ('$username', '$password','$ID', '$email','$role','$active');";
return @mysql_query($sql,$con);
}
?>
用户选择用户名后出现的ajax部分:
$result = getID();
while($row = mysql_fetch_array($result))
{
echo "<input type='hidden' name='ID' />";
echo "<input type='text' class='input name' name='ID' value='".$row['uid']."' name='username' disabled='disabled'/>";
}
?>