我正在创建一个注册表单,但我只有一个问题...为什么他们可以通过无效条目传递验证?唯一(我知道)是他们可以在不选择国家的情况下通过它!
这是我的HTML / PHP代码:
<table border="0" width="100%">
<form action="" method="post">
<tr><td><label>Username:<span class="requiredfield">*</span></label></td><td width="200"><input type="text" name="myusername" id="myusername" maxlength="15" style="background-color:transparent;" /></td></tr>
<tr><td><label>Summoner Name (League of Legends):<span class="requiredfield">*</span></label></td><td><input type="text" name="mysummonername" id="mysummonername" maxlength="30" /></td></tr>
<tr><td><label>Password:<span class="requiredfield">*</span></label></td><td><input type="password" name="mypassword" id="mypassword" maxlength="15" /></td></tr>
<tr><td><label>Retype Password:<span class="requiredfield">*</span></label></td><td><input type="password" name="myrpassword" id="myrpassword" maxlength="15" /></td></tr>
<tr><td><label>E-mail:<span class="requiredfield">*</span></label></td><td><input type="text" name="myemail" id="myemail" maxlength="65" /></td></tr>
<tr><td><label>Retype E-mail:<span class="requiredfield">*</span></label></td><td><input type="text" name="myremail" id="myremail" maxlength="65" /></td></tr>
<tr><td width="300"><br />Please note that we only need this information because we'll send out prices to the winners of our tournaments.</td></tr>
<tr><td><label>First Name:<span class="requiredfield">*</span></label></td><td><input type="text" name="myfname" id="myfname" maxlength="20" /></td></tr>
<tr><td><label>Last Name:<span class="requiredfield">*</span></label></td><td><input type="text" name="mylname" id="mylname" maxlength="30" /></td></tr>
<tr><td><label>Select Country:<span class="requiredfield">*</span></label></td><td><select name="mycountry" id="mycountry">
<option value="-choose-">-Choose-</option>
<option value="Afganistan">Afghanistan</option>
<option value="Albania">Albania</option>
<option value="Algeria">Algeria</option>
...
</select></td></tr>
<tr><td><label>Postal Code:</label></td><td><input type="text" name="myzipcode" id="myzipcode" maxlength="9" /></td></tr>
<tr><td><label>City:</label></td><td><input type="text" name="mycity" id="mycity" maxlength="60" /></td></tr>
<tr><td><label>Street:</label></td><td><input type="text" name="mystreet" id="mystreet" maxlength="50" /></td></tr>
<tr><td><label>Telephone Number:</label></td><td><input type="text" name="myphonenumber" id="myphonenumber" maxlength="15" /></td></tr>
<!--<tr><td><label>Invite Code<span style="color:#F00;">*</span>:</label></td><td><input type="text" name="myinvcode" id="myinvcode" /></td></tr>-->
<!-- <tr><td colspan="2" style="height: 20px;"></td></tr> -->
<tr><td width="300"><br />This information will be used later on when you have lost your password and need to retrieve it again.</td></tr>
<tr><td><label>Secret Question:<span class="requiredfield">*</span></label></td><td><input type="text" name="myscrtquestion" id="myscrtquestion" maxlength="50" /></td></tr>
<tr><td><label>Secret Answer:<span class="requiredfield">*</span></label></td><td><input type="text" name="myscrtanswer" id="myscrtanswer" maxlength="50" /></td></tr>
<tr><td></td><td><span class="button"><input type="submit" name="submitregister" value="Register" /></span></td></tr>
<tr><td colspan="2">By pressing "Register" you agree to the <a href='termsofuse.php'>terms of use</a> and our <a href='privacypolicy.php'>privacy policy</a>.</td></tr>
</form>
<?php
if (isset($_POST['submitregister'])) {
ob_start();
include 'config.php'; // Connect to Database
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mysummonername=$_POST['mysummonername'];
$myfname=$_POST['myfname'];
$mylname=$_POST['mylname'];
$mypassword=$_POST['mypassword'];
$myrpassword=$_POST['myrpassword'];
$myemail=$_POST['myemail'];
$myremail=$_POST['myremail'];
// $myinvcode=$_POST['myinvcode'];
$myphonenumber=$_POST['myphonenumber'];
$mycountry=$_POST['mycountry'];
$myzipcode=$_POST['myzipcode'];
$mycity=$_POST['mycity'];
$mystreet=$_POST['mystreet'];
$myscrtquestion=$_POST['myscrtquestion'];
$myscrtanswer=$_POST['myscrtanswer'];
// check to make sure required fields are entered
if ($myusername == '' || $mysummonername == '' || $myfname == '' || $mylname == '' || $mypassword == '' || $myemail == '' || $mycountry == "-Choose-" || $myscrtquestion == '' || $myscrtanswer == '') {
echo "<span style='color:#F00;'>Please fill in all the required fields. All the fields which are marked with a <span style='color:#0076c9;'>*</span> are required fields!</span>";
当你没有选择一个国家时,为什么还能通过这个?我无法理解!
答案 0 :(得分:4)
您正在检查-Choose-,但您的值为-choose-。
答案 1 :(得分:3)
因为当他们将选择值留在选择值时传递的国家/地区的值为-choose-,但您正在检查$mycountry == "-Choose-"。这两个值不相等。
你应该开发一种更好的方法来检查这个国家是否正确。任何人都可以复制您的表单并将其指回您的页面,输入他们对该字段的任何值,并且您只是检查以确保它不是 -choose-。
答案 2 :(得分:1)
检查字母的大小写。在选项中你有-Choose-但你将它与-choose -
进行比较答案 3 :(得分:1)
如前所述,您需要-Choose时检查-choose-。将来调试此问题的一种方法是执行以下操作:
print_r($_POST);
它显示了所有POST数据,因此您可以看到已发布的内容。
查看他们是否未选择国家/地区,查看相关的帖子数据是否为空。
答案 4 :(得分:1)
将您的<option value="-choose-">-Choose-</option>更改为<option value="-Choose-">-Choose-</option>,或将“-Choose-”选项的值留空并检查空“mycountry”:$mycountry == ""
答案 5 :(得分:0)
因为选项--choose--在你的html代码中都是小写的,而你正在测试--Choose--你的PHP中有一个大写'C'。
罗斯