1. 首页
  2. 问答
  3. 为什么这个PHP验证仍然设置值

为什么这个PHP验证仍然设置值

2015-05-13 36 views
0

我想验证表单字段(用于名字)的字母和破折号,但无论我如何实现代码,$ player_name的值仍然是被设置。为什么这个PHP验证仍然设置值

if ($_SERVER["REQUEST_METHOD"] == "POST") { 
      if (empty($_POST["player_name"])) { 
       $nameErr = "Name is required"; 
      } else { 
       $player_name = test_input($_POST["player_name"]); 
       // check if name only contains letters and whitespace 
       if (!preg_match("/^[a-zA-Z -]+$/",$player_name)) { 
        $nameErr = "Only letters and white space allowed"; 
       } 
      } 
     } 

     function test_input($data) { 
      $data = trim($data); 
      $data = stripslashes($data); 
      $data = htmlspecialchars($data); 
      return $data; 
     }

形式已经使用下面的代码来实现:

<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> 
     Registration Date: <input type="text" name="date_captured" id="date_captured" value="<?php echo $current_date; ?>"> 
     <br><br> 
     Name: <input type="text" name="player_name" id="player_name"> 
     <span class="error">* <?php echo $nameErr;?></span> 
     <br><br> 
     <input type="submit" name="submit" value="Submit"> 
    </form> 

    <?php 
     echo "<h2>Your Input:</h2>"; 
     echo $date_captured; 
     echo $player_name; 
     echo "<br>"; 
    ?>

即使错误设置和显示“只允许字母和空格”,$ PLAYER_NAME的值仍设置。

来源

2015-05-13 user2696851

+0

值以前分配,然后将其正在validated.You应该验证'test_input($ _ POST [ “PLAYER_NAME”])代替'。 – vks

+0

@ user2696851请提出答案并向上投票。它会帮助别人。谢谢。 –

回答

1

我固定它使用以下:

if ($_SERVER["REQUEST_METHOD"] == "POST") { 
$fieldTitle = "Player Name"; 
if (empty($_POST["player_name"])) { 
    $player_nameErr = $fieldTitle . $requiredErrorText; 
} else { 
    // check if name only contains letters and whitespace 
    if (!preg_match("/^[a-zA-Z -]*$/",test_input($_POST["player_name"]))) { 
     $player_nameErr = $nameValidationErrorText; 
    } else { 
     $player_name = test_input($_POST["player_name"]); 
    } 
}

来源

2015-05-27 17:50:46 user2696851

相关问题

 相关问题