Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/283.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/3/html/88.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
php/mysql表单验证问题_Php_Html_Mysql - Fatal编程技术网
Fatal编程技术网
  • php/
  • php/mysql表单验证问题

php/mysql表单验证问题

php html mysql

php/mysql表单验证问题,php,html,mysql,Php,Html,Mysql,因此,我的php验证有两个检查功能,第一个是检查空名称或密码输入,第二个是如果用户在输入姓名时输入了不需要的字符,问题是如果用户在“名称”输入中输入了不需要的字符或数字,表单仍会保存到数据库中,而不应该保存到数据库中,如果用户将name和password字段保留为空并且显示错误,则不会将任何内容保存到数据库中,这意味着我的验证检查有一半工作正常。有人能帮我吗 <?php // Connect to data base $servername = "localhost"; $username

因此,我的php验证有两个检查功能,第一个是检查空名称或密码输入,第二个是如果用户在输入姓名时输入了不需要的字符,问题是如果用户在“名称”输入中输入了不需要的字符或数字,表单仍会保存到数据库中,而不应该保存到数据库中,如果用户将name和password字段保留为空并且显示错误,则不会将任何内容保存到数据库中,这意味着我的验证检查有一半工作正常。有人能帮我吗

<?php
// Connect to data base
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "myDB";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}   
// define variables and set to empty values
$nameErr = $userpasswordErr = "";
$name = $userpassword = "";
  //check for error 
if ($_SERVER["REQUEST_METHOD"] == "POST") {   
    //validate name and password
    if (
            empty($_POST["name"]) || 
            empty($_POST["userpassword"] || 
            !preg_match("/^[a-zA-Z ]*$/",$name))
    ) {
        $nameErr= "* Incorrect username or password ";   
    } else {
        $name = test_input($_POST["name"]);
        $userpassword = test_input($_POST["userpassword"]);

        $sql = "INSERT INTO users(name,email)
             VALUES ('$name','$userpassword')"; 
        if ($conn->query($sql) === true) {
           echo "New record created successfully";
        } else {
            echo "Error: " . $sql . "<br>" . $conn->error;
        }
        $conn->close();
    }
}     

function test_input($data) {
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);

    return $data;
}

?>
<span class="error"></span>
<form method="post" action="<?php echo htmlspecialchars ($_SERVER["PHP_SELF"]);?>">
name : <input type="text" name="name" value="<?php echo $name;?>"/>
<span class="error"><?php echo $nameErr ;?> </span>
<br/><br/>
password :  <input type="text" name="userpassword" value="<?php echo $userpassword ; ?>">
<span class="error"><?php echo $userpasswordErr ;?> </span>
<br/><br/>
<input type="submit" name="submit" value="Submit"/>
</form>

正则表达式检查中的
$name
应该是
$\u POST['name']


if(empty($_POST["name"]) || empty($_POST["userpassword"] || !preg_match("/^[a-zA-Z ]*$/",$_POST["name"])))
{
     $nameErr= "* Incorrect username or password ";  
}



我想你想改变
!预匹配(“/^[a-zA-Z]*$/”,$name)
!preg_match(“/^[a-zA-Z]*$/”,$\u POST['name'])
-现在您运行的正则表达式不是posted name字段,而是通过空的$name变量。我建议您查看[尊重验证程序]()。你可以节省大量的时间,而不是再次发明轮子。这样做了吗,仍然没有任何变化,同样的问题也存在,因此验证了回声预匹配(“/^[a-zA-Z]*$/”,“hhhhhh 45435sdf”)您要输入的名称是什么?