如何在页面上显示php验证错误

时间:2018-10-10 08:28:09

标签: php

我有一个表单和所有验证,现在我想在文本字段的前面而不是在url中显示错误消息。我该怎么做呢?

这是我的public void RunTest() { using (var context = new EasyMwsContext()) { var result = context.FeedSubmissionEntries.ToList(); } } 代码:

PHP

这是我的<?php if ((isset($_POST['submit']))){ $email = strip_tags($_POST['email']); $fullname = strip_tags($_POST['fullname']); $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); $fullname_valid = $email_valid = $username_valid = $password_valid = false; if(!empty($fullname)){ if (strlen($fullname) > 2 && strlen($fullname)<=30) { if (!preg_match('/[^a-zA-Z\s]/', $fullname)) { $fullname_valid = true; # code... }else {$fmsg .="fullname can contain only alphabets <br>";} }else{$fmsg1 .="fullname must be 2 to 30 char long <br>";} }else{$fmsg2 .="fullname can not be blank <br>";} if (!empty($email)) { if (filter_var($email , FILTER_VALIDATE_EMAIL)) { $query2 = "SELECT email FROM users WHERE email = '$email'"; $fire2 = mysqli_query($con,$query2) or die("can not fire query".mysqli_error($con)); if (mysqli_num_rows($fire2)>0) { $msg .=$email."is already taken please try another one<br> "; }else{ $email_valid=true; } # code... }else{$msg .=$email."is an invalid email address <br> ";} # code... }else{$msg .="email can not be blank <br>";} if(!empty($username)){ if (strlen($username) > 4 && strlen($username)<=15) { if (!preg_match('/[^a-zA-Z\d_.]/', $username)) { $query = "SELECT username FROM users WHERE username = '$username'"; $fire = mysqli_query($con,$query) or die("can not fire query".mysqli_error($con)); if(mysqli_num_rows($fire)> 0){ $umsg ='<p style="color:#cc0000;">username already taken</p>'; }else{ $username_valid = true; } # code... # code... }else {$msg.= "username can contain only alphabets <br>";} }else{$msg.= "username must be 4 to 15 char long <br>";} }else{$msg.="username can not be blank <br>";} if (!empty($password)) { if (strlen($password) >=5 && strlen($password) <= 15 ) { $password_valid = true; $password = md5($password); # code... }else{$msg .= $password."password must be between 5 to 15 character long<br>";} # code... }else{$msg .= "password can not be blank <br>";} if ($fullname_valid && $email_valid && $password_valid && $username_valid) { $query = "INSERT INTO users(fullname,email,username,password,avatar_path) VALUES('$fullname','$email','$username','$password','avatar.jpg')"; $fire = mysqli_query($con,$query) or die ("can not insert data into database".mysqli_error($con)); if ($fire){ header("Location: dashboard.php");} }else{ header("Location: createaccount.php?msg=".$msg); } } ?> 代码:

html

如何在我的文本字段前面获取错误消息,以及如何在指定的文本字段前面获取指定的错误?我不想使用 <div class="container"> <form name="signup" id="signup" method="POST"> <h2>sign up</h2> <div class="form-input"> <input name="email" type="email" name="email" id="email" placeholder="enter email" required="email is required"> </div> <input name="mobile" type="number" id="mobile" placeholder="enter mobile number" required="mobile is required"> <span id="message"></span> <div class="form-input"> <input name="fullname" type="full name" id="fullname" name="full name" placeholder="full name" required="what's your fullname"> </div> <div> <input name="username" type="username" id="username" name="username" placeholder="username" required="username is required"> </div> <div> <input name="password" type="password" id="password" name="password" placeholder="password" required="password is required"> </div> <div> <input type="submit" name="submit" id="submit" value="sign up" class="btn btn-primary btn-block"> <a href="#">forgot password?</a> <h3>have an account? <a href="login">log in</a></h3> </div> </form> ajax。我想用javascript来做。我已经尝试过了,但是没有运气。

PHP

3 个答案:

答案 0 :(得分:2)

发送味精以获得参数不是一个好主意。 使用会话

$_SESSION['error_msg'] = $msg
header("Location: createaccount.php");

并在php中添加获取错误

$errors = '';
if(isset($_SESSION['error_msg'])) { $errors = $_SESSION['error_msg']; } ?>

并在html中显示$ errors     

答案 1 :(得分:0)

通过查看您的表单没有action属性,因此可以得出结论,您在与表单PHP_SELF相同的页面上提交表单。

因此,如果您要在字段旁边显示错误,我建议您首先在页面顶部为每个文本错误声明一个空变量,然后在每个字段旁边回显变量。 

<?php

$emailError    = "";
$fullnameError = "";
$usernameError = "";
$passwordError = "";
$errors        = 0;

if ((isset($_POST['submit']))) {

    $email    = strip_tags($_POST['email']);
    $fullname = strip_tags($_POST['fullname']);
    $username = strip_tags($_POST['username']);
    $password = strip_tags($_POST['password']);



    $fullname_valid = $email_valid = $username_valid = $password_valid = false;



    if (!empty($fullname)) {

        if (strlen($fullname) > 2 && strlen($fullname) <= 30) {
            if (!preg_match('/[^a-zA-Z\s]/', $fullname)) {
                $fullname_valid = true;

                # code...
            } else {
                $fullnameError = "fullname can contain only alphabets <br>";
                $errors++;
            }
        } else {
            $fullnameError = "fullname must be 2 to 30 char long <br>";
            $errors++;
        }
    } else {
        $fullnameError = "fullname can not be blank <br>";
        $errors++;
    }


    if (!empty($email)) {
        if (filter_var($email, FILTER_VALIDATE_EMAIL)) {

            $query2 = "SELECT email FROM users WHERE email = '$email'";
            $fire2 = mysqli_query($con, $query2) or die("can not fire  query" . mysqli_error($con));
            if (mysqli_num_rows($fire2) > 0) {
                $emailError = $email . "is already taken please try another one<br> ";
            } else {
                $email_valid = true;
            }
            # code...
        } else {
            $emailError = $email . "is an invalid email address <br> ";
            $errors++;
        }
        # code...
    } else {
        $emailError = "email can not be blank <br>";
    }


    if (!empty($username)) {

        if (strlen($username) > 4 && strlen($username) <= 15) {
            if (!preg_match('/[^a-zA-Z\d_.]/', $username)) {


                $query = "SELECT username FROM users WHERE username = '$username'";
                $fire = mysqli_query($con, $query) or die("can not fire  query" . mysqli_error($con));


                if (mysqli_num_rows($fire) > 0) {
                    $usernameError = '<p style="color:#cc0000;">username already taken</p>';
                    $errors++;
                } else {
                    $username_valid = true;
                }

            } else {
                $usernameError = "username can contain only alphabets <br>";
                $errors++;
            }
        } else {
            $usernameError = "username must be 4 to 15 char long <br>";
            $errors++;
        }
    } else {
        $usernameError = "username can not be blank <br>";
        $errors++;
    }

    if (!empty($password)) {
        if (strlen($password) >= 5 && strlen($password) <= 15) {
            $password_valid = true;
            $password       = md5($password);

            # code...
        } else {
            $passwordError = $password . "password must be between 5 to 15 character long<br>";
            $errors++;
        }
        # code...
    } else {
        $passwordError = "password can not be blank <br>";
        $errors++;
    }

    //if there's no errors insert into database
    if ($errors <= 0) {
        if ($fullname_valid && $email_valid && $password_valid && $username_valid) {
            $query = "INSERT INTO users(fullname,email,username,password,avatar_path) VALUES('$fullname','$email','$username','$password','avatar.jpg')";
            $fire = mysqli_query($con, $query) or die("can not insert data into database" . mysqli_error($con));
            if ($fire) {


                header("Location: dashboard.php");
            }
        }

    }
}
?>
<div class="container">
<form  name="signup" id="signup" method="POST">
    <h2>sign up</h2>
    <div class="form-input">
        <input name="email" type="email" name="email" id="email" placeholder="enter email" required="email is required">
        <!-- display email error here -->
        <?php echo $emailError?>
    </div>
    <input name="mobile" type="number" id="mobile" placeholder="enter mobile number" required="mobile is required">
    <span id="message"></span>
    <div class="form-input">
        <input name="fullname" type="full name" id="fullname" name="full name" placeholder="full name" required="what's your fullname">
        <?php echo $fullnameError?>
    </div>
    <div>
        <input name="username" type="username" id="username" name="username" placeholder="username" required="username is required">
        <?php echo $usernameError?>
    </div>
    <div>
        <input name="password" type="password" id="password" name="password" placeholder="password" required="password is required">
        <?php echo $passwordError?>
    </div>
    <div>
        <input type="submit" name="submit" id="submit" value="sign up" class="btn btn-primary btn-block">
        <a href="#">forgot password?</a>
        <h3>have an account? <a href="login">log in</a></h3>
    </div>
</form>
  

注意:我建议您研究password_hash() and password_verify()to hash your passwords, they provide better security as compared to md5()`并确保您的数据库列是   至少60个字符的长度..我也建议您调查一下   准备好的语句。

     

以下内容可以帮助您:

     

How can I prevent SQL injection in PHP?   Using PHP 5.5's password_hash and password_verify function

答案 2 :(得分:0)

我认为最好的方法是在结果中包含模板

if ($fire){
    header("Location: dashboard.php");
}else{
    include("createaccount.php");
}

并在 createaccount.php 

<div class="container">
    <form  name="signup" id="signup" method="POST">
        <h2>sign up</h2>
        <p class="errors"><?= $msg ?></p>
...
相关问题
最新问题