我有一个注册脚本(称为“script.php”)分为3个步骤;这是基本的结构(我已经剥离的东西出来像消毒用户输入,并防止其他步骤比1的直接访问):
<?php
$step = $_GET['step'];
switch($step) {
case 1:
//show form - action="script.php?step=2" method="post"
break;
case 2:
//if user data is good show an overview of the data and show a button to go to step 3 (the button is enclosed in a form - action="script.php?step=3" and method="post")
//if not, show again form - action="script.php?step=2" method="post" - and display errors
break;
case 3:
//add user data into db
break;
}
?>
真正的代码:
<?php
switch ($step) {
case 1:
//display form
$html = <<<FORM
<form action="/install?step=2" method="post">
<input type="text" name="username">
<input type="email" name="email">
<input type="password" name="password">
<input type="password" name="password_repeat">
<button class="next" type="submit">Next</button>
</form>
FORM;
break;
case 2:
$errors = array();
if (empty($_POST['username'])||!preg_match_all('/^([A-Za-z0-9]+){1,16}$/', $_POST['username'])) {
$errors[] = 'bad/empty username';
}
if (empty($_POST['email'])||!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$errors[] = 'bad/empty email';
}
if (empty($_POST['password'])) {
$errors[] = 'empty password';
}
if (empty($_POST['password_repeat'])) {
$errors[] = 'empty password confirm';
}
if ((!empty($_POST['password'])&&!empty($_POST['password_repeat']))&&$_POST['password']!==$_POST['password_repeat']) {
$errors[] = 'passwords do not match';
}
if(count($errors)>0) {
$error_html = 'some errors occurred';
foreach ($errors as $err) {
$error_html .= 'error: '.$err;
}
$form_html = <<<FORM
<form action="/install?step=2" method="post">
<input type="text" name="username" value="{$_POST['username']}">
<input type="email" name="email" id="email" value="{$_POST['email']}">
<input type="password" name="password">
<input type="password" name="password_repeat">
<button class="next" type="submit">Next</button>
</form>
FORM;
$html = $error_html.$form_html;
}
else {
$ent = 'htmlentities';
$html = <<<DATA_OK
<h3>Data overview</h3>
<table>
<tr>
<th>Username:</th>
<td>{$ent($_POST['username'])}</td>
</tr>
<tr>
<th>email:</th>
<td>{$ent($_POST['email'])}</td>
</tr>
<tr>
<th>Password:</th>
<td>{$ent($_POST['password'])}</td>
</tr>
</table>
<form action="/install?step=3" method="post">
<button class="next" type="submit">Avanti</button>
</form>
DATA_OK;
}
break;
case 3:
//connect to db and insert data
break;
}
?>
<!doctype HTML>
<html>
<head>
<title>Script</title>
<meta charset="utf-8">
</head>
<body>
<?php echo $html; ?>
</body>
</html>
的问题是,当我去到第3步$ _POST总是空的。第2步显示的按钮(如果用户数据是好的)覆盖$ _POST?或者是因为该表单没有输入而只是提交而清空?如何将$ _POST数据传递给第3步而不使用隐藏字段(因为它们将包含密码/密码哈希)?
我已经搜索谷歌和这里所以但我找不到任何与我的问题有关。
你为什么要从'$ _GET'中取值? – celeriko
请发表格式HTML。你的表单是否有method =“post”? – Thomas
@Joe是的,我正在休息。我会将它们添加到代码中,我认为它们不相关。 – plumbe0