Php 我的表格在T&;即使表单中其他地方存在错误,也会勾选C复选框
我目前尝试使用if(count($count)=0)){then SQL inject…submit form…}但后来我意识到,如果出现错误,表单将永远不会提交,因为计数将始终大于0。我尝试过其他方法,但我不知道如何解决这个问题。解决这个问题的最好办法是什么?谢谢Php 我的表格在T&;即使表单中其他地方存在错误,也会勾选C复选框,php,Php,我目前尝试使用if(count($count)=0)){then SQL inject…submit form…}但后来我意识到,如果出现错误,表单将永远不会提交,因为计数将始终大于0。我尝试过其他方法,但我不知道如何解决这个问题。解决这个问题的最好办法是什么?谢谢 <?php $errors = array('firstname' =>' ', 'firstnameMatch' =>' ', 'surname' =>' ', 'surnameMatch
<?php
$errors = array('firstname' =>' ', 'firstnameMatch' =>' ', 'surname' =>' ', 'surnameMatch' =>' ', 'email' =>' ', 'emailMatch' =>' ', 'username' =>' ', 'passwordMatch' =>' ', 'checkbox' =>' ');
$count;
if (isset($_POST['submit'])){
if(empty($_POST['firstname'])){
//echo 'Your missing a First Name! <br>';
$errors['firstname'] = 'Your missing a First Name!';
$count++;
}
if (!preg_match("/^[a-zA-Z ]*$/",$_POST['firstname'])) {
// echo 'Ensure that your First Name only contains letters!';
$errors['firstnameMatch'] = 'Ensure that your First Name only contains letters!';
}
if (!preg_match("/^[a-zA-Z ]*$/",$_POST['surname'])) {
// echo 'Ensure that your Surname only contains letters!';
$errors['surnameMatch'] = 'Ensure that your Surname only contains letters!';
}
if(empty($_POST['surname'])){
// echo 'Your missing a Surname! <br>';
$errors['surname'] = 'Your missing a Surname!';
}
if(empty($_POST['email'])){
// echo 'Your missing a Email! <br>';
$errors['email'] = 'Your missing a Email!';
}
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
// echo 'Ensure that you have entered a valid Email Address! e.g: john@gmail.com';
$errors['emailMatch'] = 'Ensure that you have entered a valid Email Address! e.g: john@gmail.com';
}
if(empty($_POST['username'])){
//echo 'Your missing a Username! <br>';
$errors['username'] = 'Your missing a Username!';
}
if(empty($_POST['password'])){
// echo 'Your missing a Password! <br>';
$errors['password'] = 'Your missing a Password!';
}
/*else if(strlen($_POST['password']) < 6){
// 'Your Password must be greater than 6 characters!';
$errors['passwordLength'] = 'Your missing a Password!';
}*/
if(!preg_match('/^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{6,12}$/', $_POST['password'])) {
// echo 'the password does not meet the requirements!';
$errors['passwordMatch'] = 'Ensure that your password meets the requirements above!';
}
if (!isset($_POST['checkbox'])){
// echo 'Ensure that you have read the Terms and Conditions and ticked the box!';
$errors['checkbox'] = 'Ensure that you have read the Terms and Conditions and ticked the box!';
}
else {
include '../php/connection.php';
$fname= mysqli_real_escape_string($connection, $_POST['firstname']);
$sname= mysqli_real_escape_string($connection, $_POST['surname']);
$age= mysqli_real_escape_string($connection, $_POST['age']);
$email= mysqli_real_escape_string($connection, $_POST['email']);
$user= mysqli_real_escape_string($connection, $_POST['username']);
$password= mysqli_real_escape_string($connection, $_POST['password']);
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$query="INSERT INTO customer (USER_TYPE, FIRST_NAME, SURNAME, AGE, EMAIL, USERNAME, PASSWORD) VALUES
(NULL, '$fname', '$sname', '$age', '$email', '$user', '$hashed_password')";
mysqli_query($connection, $query);
header('location: login.php');
}
}
?>
你是说
if(count($count)==0
不
if(count($count)=0
?因为第二个将返回错误
我目前尝试使用if(count($count)=0)){then SQL inject…submit form…}但后来我意识到,如果出现错误,表单将永远不会提交,因为计数将始终大于0
仅当您未填写firstname字段时才计算变量增量。这不是我们使用某种形式的表单验证的原因吗?如果出现任何错误,您宁愿不提交表单。也许我没有正确理解您想要实现的目标
试试这个:
<?php
$errors = array(
'firstname' => ' ',
'firstnameMatch' => ' ',
'surname' => ' ',
'surnameMatch' => ' ',
'email' => ' ',
'emailMatch' => ' ',
'username' => ' ',
'passwordMatch' => ' ',
'checkbox' => ' '
);
$count = 0;
if (isset($_POST['submit'])) {
if (empty($_POST['firstname'])) {
//echo 'Your missing a First Name! <br>';
$errors['firstname'] = 'Your missing a First Name!';
$count++;
}
if (!preg_match("/^[a-zA-Z ]*$/", $_POST['firstname'])) {
// echo 'Ensure that your First Name only contains letters!';
$errors['firstnameMatch'] = 'Ensure that your First Name only contains letters!';
$count++;
}
if (!preg_match("/^[a-zA-Z ]*$/", $_POST['surname'])) {
// echo 'Ensure that your Surname only contains letters!';
$errors['surnameMatch'] = 'Ensure that your Surname only contains letters!';
$count++;
}
if (empty($_POST['surname'])) {
// echo 'Your missing a Surname! <br>';
$errors['surname'] = 'Your missing a Surname!';
$count++;
}
if (empty($_POST['email'])) {
// echo 'Your missing a Email! <br>';
$errors['email'] = 'Your missing a Email!';
$count++;
}
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
// echo 'Ensure that you have entered a valid Email Address! e.g: john@gmail.com';
$errors['emailMatch'] = 'Ensure that you have entered a valid Email Address! e.g: john@gmail.com';
$count++;
}
if (empty($_POST['username'])) {
//echo 'Your missing a Username! <br>';
$errors['username'] = 'Your missing a Username!';
$count++;
}
if (empty($_POST['password'])) {
// echo 'Your missing a Password! <br>';
$errors['password'] = 'Your missing a Password!';
$count++;
}
/*else if(strlen($_POST['password']) < 6){
// 'Your Password must be greater than 6 characters!';
$errors['passwordLength'] = 'Your missing a Password!';
}*/
if (!preg_match('/^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{6,12}$/', $_POST['password'])) {
// echo 'the password does not meet the requirements!';
$errors['passwordMatch'] = 'Ensure that your password meets the requirements above!';
$count++;
}
if (!isset($_POST['checkbox'])) {
// echo 'Ensure that you have read the Terms and Conditions and ticked the box!';
$errors['checkbox'] = 'Ensure that you have read the Terms and Conditions and ticked the box!';
$count++;
}
if(!$count)
include '../php/connection.php';
$fname = mysqli_real_escape_string($connection, $_POST['firstname']);
$sname = mysqli_real_escape_string($connection, $_POST['surname']);
$age = mysqli_real_escape_string($connection, $_POST['age']);
$email = mysqli_real_escape_string($connection, $_POST['email']);
$user = mysqli_real_escape_string($connection, $_POST['username']);
$password = mysqli_real_escape_string($connection, $_POST['password']);
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$query = "INSERT INTO customer (USER_TYPE, FIRST_NAME, SURNAME, AGE, EMAIL, USERNAME, PASSWORD) VALUES
(NULL, '$fname', '$sname', '$age', '$email', '$user', '$hashed_password')";
mysqli_query($connection, $query);
header('location: login.php');
}
}
?>
你是说
if(count($count)==0
不
if(count($count)=0
?因为第二个将返回错误
我目前尝试使用if(count($count)=0)){then SQL inject…submit form…}但后来我意识到,如果出现错误,表单将永远不会提交,因为计数将始终大于0
仅当您未填写firstname字段时才计算变量增量。这不是我们使用某种形式的表单验证的原因吗?如果出现任何错误,您宁愿不提交表单。也许我没有正确理解您想要实现的目标
试试这个:
<?php
$errors = array(
'firstname' => ' ',
'firstnameMatch' => ' ',
'surname' => ' ',
'surnameMatch' => ' ',
'email' => ' ',
'emailMatch' => ' ',
'username' => ' ',
'passwordMatch' => ' ',
'checkbox' => ' '
);
$count = 0;
if (isset($_POST['submit'])) {
if (empty($_POST['firstname'])) {
//echo 'Your missing a First Name! <br>';
$errors['firstname'] = 'Your missing a First Name!';
$count++;
}
if (!preg_match("/^[a-zA-Z ]*$/", $_POST['firstname'])) {
// echo 'Ensure that your First Name only contains letters!';
$errors['firstnameMatch'] = 'Ensure that your First Name only contains letters!';
$count++;
}
if (!preg_match("/^[a-zA-Z ]*$/", $_POST['surname'])) {
// echo 'Ensure that your Surname only contains letters!';
$errors['surnameMatch'] = 'Ensure that your Surname only contains letters!';
$count++;
}
if (empty($_POST['surname'])) {
// echo 'Your missing a Surname! <br>';
$errors['surname'] = 'Your missing a Surname!';
$count++;
}
if (empty($_POST['email'])) {
// echo 'Your missing a Email! <br>';
$errors['email'] = 'Your missing a Email!';
$count++;
}
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
// echo 'Ensure that you have entered a valid Email Address! e.g: john@gmail.com';
$errors['emailMatch'] = 'Ensure that you have entered a valid Email Address! e.g: john@gmail.com';
$count++;
}
if (empty($_POST['username'])) {
//echo 'Your missing a Username! <br>';
$errors['username'] = 'Your missing a Username!';
$count++;
}
if (empty($_POST['password'])) {
// echo 'Your missing a Password! <br>';
$errors['password'] = 'Your missing a Password!';
$count++;
}
/*else if(strlen($_POST['password']) < 6){
// 'Your Password must be greater than 6 characters!';
$errors['passwordLength'] = 'Your missing a Password!';
}*/
if (!preg_match('/^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{6,12}$/', $_POST['password'])) {
// echo 'the password does not meet the requirements!';
$errors['passwordMatch'] = 'Ensure that your password meets the requirements above!';
$count++;
}
if (!isset($_POST['checkbox'])) {
// echo 'Ensure that you have read the Terms and Conditions and ticked the box!';
$errors['checkbox'] = 'Ensure that you have read the Terms and Conditions and ticked the box!';
$count++;
}
if(!$count)
include '../php/connection.php';
$fname = mysqli_real_escape_string($connection, $_POST['firstname']);
$sname = mysqli_real_escape_string($connection, $_POST['surname']);
$age = mysqli_real_escape_string($connection, $_POST['age']);
$email = mysqli_real_escape_string($connection, $_POST['email']);
$user = mysqli_real_escape_string($connection, $_POST['username']);
$password = mysqli_real_escape_string($connection, $_POST['password']);
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$query = "INSERT INTO customer (USER_TYPE, FIRST_NAME, SURNAME, AGE, EMAIL, USERNAME, PASSWORD) VALUES
(NULL, '$fname', '$sname', '$age', '$email', '$user', '$hashed_password')";
mysqli_query($connection, $query);
header('location: login.php');
}
}
?>
当复选框被选中且所有其他字段都为空(这将提示错误)时,表单将提交并将空白字段放入我的数据库。您没有任何代码来检查是否存在任何错误。您仅在选中t&C复选框时才进行检查。```如果(!isset($\u POST['checkbox')){``这只是其中一个验证条件。添加您尝试的验证条件–if(count($count)){//有一些错误}否则{//插入数据库}
不确定您想告诉我什么?我确实有代码来检查是否有错误,这很好。只是我的代码格式不正确,所以如果选中复选框,它会提交表单。我只是不知道如何正确设置代码格式。检查是否有错误的条件在哪里?我只能看到哪个条件检查是否选中复选框(if(!isset($\u POST['checkbox'])){
)。因此,如果选中该复选框,您将始终将数据插入数据库。如果其他字段为空,则会发生事件。您可以再写一次吗?您希望实现什么?我已将更改添加到我的答案代码中。请将其签出。当选中该复选框时,所有其他字段均为空(这将提示错误)表单提交并将空白字段放入我的数据库。您没有任何代码可以检查是否有任何错误。您只在选中t&C复选框时进行检查。```如果(!isset($\U POST['checkbox']){``这只是其中一个验证条件。添加您尝试的验证条件–如果(count($count)){//有一些错误}其他{//插入数据库}
不确定您想告诉我什么?我确实有代码来检查是否有错误,这很好。只是我的代码格式不正确,所以如果选中复选框,它会提交表单。我只是不知道如何正确设置代码格式。检查是否有错误的条件在哪里?我只能看到哪个条件检查复选框是否被选中(if(!isset($\u POST['checkbox']){
)。因此,如果复选框被选中,您将始终向数据库插入数据。如果您的其他字段为空,则会发生事件。您可以再写一次吗?您希望实现什么?我已将更改添加到我的答案代码中。请签出它。