0
我试图根据会话数据在html注册表单中为文本框填充默认的“值”字段。从php变量设置html文本框的值
如果用户在我的注册表单上发生任何错误,它会将其发回,我希望尽可能多地填写其数据,而不是将它们发送回普通表单以重新开始。
这里是我的handleer脚本检查:
// Let's get the text from the form,.
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$password_check = mysql_real_escape_string($_POST['pwcheck']);
$email = mysql_real_escape_string($_POST['email']);
$spam_check = mysql_real_escape_string($_POST['checkit']); // spam check
$IP = $_SERVER['REMOTE_ADDR']; // log their ip
// set up some session data for mnistakes or spam or errors
$_SESSION['username'] = $username;
$_SESSION['email'] = $email;
// check for empty info
if ($username == NULL || $username == '') { // no username set
header ("Location: register.php?p=un"); die;
}
if ($password == NULL || $password == '') { // no password set
header ("Location: register.php?p=pw"); die;
}
if ($password_check == NULL || $password_check == '') { // no password check set
header ("Location: register.php?p=pwchk"); die;
}
if ($email == NULL || $email == '') { // no email set
header ("Location: register.php?p=em"); die;
}
// have we had Spam?
if (strlen($spam_check) > 0) { // spam bot alert
header ("Location: http://www.google.co.uk");
die ('You\'re naughty.');
}
// does password and check match?
if ($password != $password_check) { // no match
$_SESSION['username'] = $username;
$_SESSION['email'] = $email;
header ("Location: register.php?p=pwnpc&email=".$email.""); die;
}
我的窗体页上我做:
// check for empty fields and session data
if (isset($_SESSION['email'])) { // email session data set
$email_value = 'value = "'.$_SESSION['email'].'"';
} else { $email_value = 'placeholder="Email"'; }
$errors = mysql_real_escape_string($_GET['p']);
switch ($errors) { // something is empty
case "un": // no username set
$pen_name = 'Pen Name missing!';
break;
case "pw": // no username set
$password = 'Password missing!';
break;
case "pwchk": // no password check set
$pw_check = 'Your passwords don\'t match!';
break;
case "em": // no username set
$email = 'Email missing!';
break;
case "pwnpc": // passwords don't match
$pw_mismatch = 'Passwords don\'t match!';
break;
}
和形式自身
<form action="register_handle.php" method="post">
<label>Choose a Pen Name</label><br /><?php echo $pen_name ?>
<p><input type="text" name="username" placeholder="Pen Name" autofocus required> </p>
<label>Choose a Password</label><br />
<p><input type="password" name="password" placeholder="Password" required> ---> <input type="password" name="pwcheck" placeholder="Password Confirm" required> <?php echo $password.$pw_check.$pw_mismatch ?></p>
<label>Email</label><br />
<?php echo $email ?>
<p><input type="email" name="email" <?php echo $email_value ?> required></p>
<input id="checkit" type="text" name="checkit" maxlength="50" size="30">
<input type="submit" value=" Sign Me Up " name="submit" class="submit">
</form>
,但我不能似乎没有回到价值。我相信这一定很简单,但你能在这里看到问题吗?正如你所看到的,我迄今为止只在电子邮箱中尝试过,但无济于事。
不要忘记XSS保护。 +1还定义了'$ email_value'时设置了value属性:s –
它看起来像来自会话并且不是用户提供的。但是你是对的,我应该证明完整性。 –
php没有工作; ?回声后我的意思是 –