使用预处理语句无效的Php表单验证

时间:2017-01-09 18:41:46

标签: php forms validation prepared-statement

这是我第一次用准备好的语句验证php表单,而且我遇到了一些问题。

我正在使用Form.php进行验证并插入到以index.php形式调用的数据库中。

问题是错误消息没有显示出来。我可以按下“提交”按钮,即使没有在输入框中插入数据也可以处理表格!

我一直很顽固,试图自己做事但是因为我已经被困在这个表格好几天了,在我放弃之前我觉得我应该在这一点上寻求帮助。

这是Index.php中的表单代码:

<form id="form" name="contactForm" method="post" action="php/Form.php">
            <div>
                <label for="name">Your name</label> 
                <input type="text" id="name" name="name" maxlength="40" placeholder="Write your Name"   >
                <span class="error"><?php echo $nameError;  ?></span>
            </div>
            <div>
                <label for="email">Your email</label>
                <input type="email" id="email" name="user_mail" placeholder="email@example.com">
                <span class="error"><?php echo $emailError;  ?></span> 
            </div>                
            <div>
                <label for="topic">Select Topic</label>
                <select id="topic" name="topic">
                    <option selected disabled hidden value="">Choose a Topic</option>
                    <option value="link">Site Link</option>
                    <option value="copyright">Copyright</option>
                    <option value="errors">Site/Article errors</option>
                    <option value="feedback">Feedback</option>
                    <option value="other">Other</option>
                </select>
                <span class="error"><?php echo $topicError;  ?></span>
            </div>                
            <div>
                <label for="msg">Your message</label>
                <textarea id="msg" name="user_message" placeholder="Write your message"></textarea>
                <span class="error"><?php echo $msgError;  ?></span>
            </div>                
            <div class="button">
                <button type="submit" id="submit" name="submit"  value="true">Submit</button> 
                <span class="success"></span>
            </div>
        </form>

这是Form.php 

<?php

$servername = "localhost:3306";
$username = "root";
$password = "";
$dbname = "site_comboios";


$nameError = "";
$emailError = "";
$topicError = "";
$msgError = "";

$name = $_POST['name'];
$email = $_POST['user_mail'];
$topic = $_POST['topic'];
$msg = $_POST['user_message'];

if( isset( $_POST['submit'])) {
if(empty( $name) && !isset($name) ) {
    $nameError = "Name is required";
}

if(empty( $email) && !isset($email)) {
    $emailError = "Email is required";
} elseif(filter_var($email,FILTER_VALIDATE_EMAIL)) {
  $emailError = "Please insert a correct email address";  
}  

if(empty( $topic) && !isset($topic) ) {
    $topicError = "Please choose a topic";
} 

if(empty( $msg) && !isset($msg) ) {
    $msgError = "Let us know your opinion";
}
}

//Create connection to database
$mysqli = new mysqli($servername, $username, $password, $dbname);

//check connection
if($mysqli->connect_errno) {
echo 'Error connecting to database';
}

//Prepared Statement
$stmt = $mysqli->prepare("INSERT INTO contacts(Nome, Email, Topico,    Mensagem)  VALUES(?, ?, ?, ?)" );
$stmt->bind_param('ssss', $name, $email, $topic, $msg);
$stmt->execute();

0 个答案:

没有答案
相关问题
最新问题