1. 首页
  2. 问答
  3. PHP表单验证

PHP表单验证

2014-04-16 118 views
0

以下是我的将数据插入表的脚本。我的问题只涉及在PHP中的表单验证。PHP表单验证

这里是我的PHP代码:

<?php 
//Here I have defined an error variable for each of the variables in the project 

$nameErr = $productErr = $priceErr = $catErr = $regionErr = ""; 
$product_name = $product_cond = $product_price = $product_cat = $product_region = ""; 

$con=mysqli_connect("localhost","*****","*****","my_project"); 
if (mysqli_connect_errno()) 
{ 
    echo "Failed to connect to MySQL: " . mysqli_connect_error(); 
} 

    // here in this elseif, I check the number of characters in the field and then it is suppose to send an error (on the same page) if it does not match 

elseif (strlen($_POST['product_name']) < 5) { 

    $productErr = "name is too short"; 
} 
elseif (strlen($_POST['product_name']) > 10) { 

    $productErr = "name is too long"; 
} 
elseif (empty($_POST['product_cond'])) { 
    $productErr = "product condition required"; 
} 
else 
{ 
    $sql= "INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num) 
      VALUES 
      ('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')"; 

    if (!mysqli_query($con,$sql)) 
    { 
     echo 'Error: ' . mysqli_error($con); 
    } 
    else  
    { 
     echo "1 record added"; 
    } 
} 
mysqli_close($con); 
?>

,这里是我的html页面:

<html> 
<body> 
    <h3> Please enter your product information bellow: </h3> 
    <form action="insert_data.php" method="post"> 
Product name: <input type="text" name="product_name" > 

// here I added this line that is suppose to do echo the error message: 

<span class="error">* <?php echo $nameErr;?></span> 
Condition: 
<select name="product_cond"> 
    <option value="" >SELECT</option> 
    <option value="Used" >Used </option> 
    <option value="new" >New</option> 

</select> 

Category: 
<select name="product_cat"> 
    <option value="" >SELECT</option> 
    <option value="books" >books</option> 
    <option value="Computers" >Computers</option> 
    <option value="Hardware/Tools" >Hardware/Tools </option> 
    <option value="Cars" >Cars</option> 
    <option value="home Appliances" >home Appliances</option> 
</select> 

Region: 
<select name="product_region"> 
    <option value="Oulu" >Oulu</option> 
    <option value="Turku" >Turku</option> 
    <option value="Helsinki" >Helsinki </option> 
    <option value="Tornio" >Tornio</option> 
    <option value="Tampere" >Tampere</option> 
    <option value="Kemi" >Kemi</option> 

</select> 
Product price: <input type="text" name="product_price"> 

<input type="submit"> 
</form> 
</body> 
</html>

的问题是,这种方法还可以防止数据被插入到表中,但它确实不是给我一个错误,它只是给了我一个空白的屏幕。问题是什么。 (我使用由w3school提供本例中:http://www.w3schools.com/php/showphp.asp?filename=demo_form_validation_required

来源

2014-04-16 user3463859

+2

尝试在每个条件中回显变量$ productErr .. –

+0

您将错误存储在'$ productErr'中,但您没有在任何地方引用/回显'$ productErr'。 –

+0

尝试检查它与死而不是回声的错误,然后如果该作品使字符串变量,并在一个if语句输出在身体的某个地方 –

回答

0

尝试下面的代码在PHP:

<?php 

$con=mysqli_connect("localhost","*****","*****","my_project"); 
if (mysqli_connect_errno()) 
{ 
    echo "Failed to connect to MySQL: " . mysqli_connect_error(); 
} 

$error = false; 
$errorMsg = ""; 

if (strlen($_POST['product_name']) < 5) { 
    $error = true; 
    $errorMsg. = "name is too short"; 
} 
elseif (strlen($_POST['product_name']) > 10) { 
    $error = true; 
    $errorMsg. = "name is too long"; 
} 

if (empty($_POST['product_cond'])) { 
    $error = true; 
    $errorMsg. = "product condition required<br/>"; 
} 
if (empty($_POST['product_price'])) { 
$error = true; 
    $errorMsg. = "product price required<br/>"; 
} 

if (empty($_POST['product_cat'])) { 
$error = true; 
    $errorMsg. = "product category required<br/>"; 
} 

if (empty($_POST['product_region'])) { 
$error = true; 
    $errorMsg. = "product region required<br/>"; 
} 

if (empty($_POST['email'])) { 
$error = true; 
    $errorMsg. = "email required<br/>"; 
} 

if (empty($_POST['phone_num'])) { 
$error = true; 
    $errorMsg. = "phone required<br/>"; 
} 


if(!$error) 
{  
    $sql= "INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num) 
     VALUES   ('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')"; 

    if (!mysqli_query($con,$sql)) 
    { 
     echo 'Error: ' . mysqli_error($con); 
    } 
    else  
    { 
     echo "1 record added"; 
    } 
}else{ 
    echo $errorMsg; 
} 
mysqli_close($con); 
?>

来源

2014-04-16 07:18:42

+0

好吧,所以你没有做任何事情的HTML部分? – user3463859

+0

PHP验证将在PHP文件中工作,您需要为html部分使用JavaScript验证... –

+0

注意:SQL注入 –

0

PHP CODE

<?php 


    //Here I have defined an error variable for each of the variables in the project 

    if (isset($_POST['product_name']) && isset($_POST['product_cond']) && isset($_POST['product_price']) && isset($_POST['product_cat']) && isset($_POST['product_region']) && isset($_POST['Email']) && isset($_POST['PhoneNumber'])) { 

     $nameErr = $productErr = $priceErr = $catErr = $regionErr = ""; 
     $product_name = $product_cond = $product_price = $product_cat = 
     $product_region = ""; 


     $con = mysqli_connect("localhost", "*****", "*****", "my_project"); 
     if 
     (mysqli_connect_errno() 
     ) { 
      echo "Failed to connect to MySQL: " . mysqli_connect_error(); 
     } 


     // here in this elseif, I check the number of characters in the 
     field and then it is suppose to send an error(on the same page) if it 
      does not match 

    elseif (strlen($_POST['product_name']) < 5) { 

      $productErr = "name is too short"; 
     } elseif (strlen($_POST['product_name']) > 10) { 

      $productErr = "name is too long"; 
     } elseif (empty($_POST['product_cond'])) { 
      $productErr = "product condition required"; 
     } 

    else { 
      $sql = "INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num) 

       VALUES 
       ('$_POST['product_name']','$_POST['product_cond']','$_POST['product_price']','$_POST['product_cat']','$_POST['product_region']','$_POST['Email']','$_POST['PhoneNumber']')"; 

     if (!mysqli_query($con, $sql)) { 
      echo 'Error: ' . mysqli_error($con); 
     } else { 

      echo "1 record added"; 
     } } mysqli_close($con); 
    } 
    ?>

HTML

<html> 
<body> 
    <h3> Please enter your product information bellow: </h3> 
    <form action="insert_data.php" method="post"> 
Product name: <input type="text" name="product_name" pattern="[a-zA-Z]{4,9}" required> 

// here I added this line that is suppose to do echo the error message: 
<span class="error">* <?php echo $nameErr;?></span> 
Condition: 
<select name="product_cond" required> 
    <option value="" >SELECT</option> 
    <option value="Used" >Used </option> 
    <option value="new" >New</option> 

</select> 

Category: 
<select name="product_cat" required> 
    <option value="" >SELECT</option> 
    <option value="books" >books</option> 
    <option value="Computers" >Computers</option> 
    <option value="Hardware/Tools" >Hardware/Tools </option> 
    <option value="Cars" >Cars</option> 
    <option value="home Appliances" >home Appliances</option> 
</select> 

Region: 
<select name="product_region" required> 
    <option value="Oulu" >Oulu</option> 
    <option value="Turku" >Turku</option> 
    <option value="Helsinki" >Helsinki </option> 
    <option value="Tornio" >Tornio</option> 
    <option value="Tampere" >Tampere</option> 
    <option value="Kemi" >Kemi</option> 

</select> 
Product price: <input type="text" name="product_price" pattern="[0-9]{0,5}" required> 



<input type="submit"> 
</form>

来源

2014-04-16 07:39:57

+0

这不起作用! – user3463859

+0

我编辑了我的答案 –

相关问题

 相关问题