堆栈内存溢出
  繁体   English   中英

用户注册表格错误php

[英]User registration form error php

 原文  2018-04-01 14:59:46       php/ mysql

问题描述

您好,我正在尝试编写在后端进行验证的代码。 一旦有错误,该代码应立即停止。 就我而言,即使满足条件,代码也会停止在名字验证块本身中。 我也希望只有后端验证。

这是php代码clientRegister.php 

<?php

  require_once("connection.php");
  session_start();
// define variables and set to empty values

$clientFirstName = $clientLastName =$clientEmail = $clientPassword = 
$clientCPassword = $clientContact = "";

if ($_SERVER["REQUEST_METHOD"] == "POST") {


    // First Name Validation
  if (empty($_POST["clientFirstName"])) {

    die("error: empty field");
  } else {
    $clientFirstName = test_input($_POST["clientFirstName"]);
    // check if name only contains letters and whitespace
    if (!preg_match("[a-zA-Z ]",$clientFirstName)) {

      die("Error: Only letters and white space allowed");

    }
  }

  // Last Name Validation

    if (empty($_POST["clientLastName"])) {


  die("error: empty field");

   } else {

  $clientLastName = test_input($_POST["clientLastName"]);

  // check if name only contains letters and whitespace

  if (!preg_match("[a-zA-Z ]",$clientLastName)) {


  die("Error: Only letters and white space allowed");
}

    }



    // Email Validation

   if (empty($_POST["clientEmail"])) {



   die("error: empty field");

   } else {

   $clientEmail = test_input($_POST["clientEmail"]);

  // check if e-mail address is well-formed

  if (!filter_var($clientEmail, FILTER_VALIDATE_EMAIL)) {


  die("Error: Invalid email format");

  }

  }


  // Password Validation

  if (empty($_POST["clientPassword"])) {


  die("error: empty field");

  } 


  // Confirm Password Validation

  if (empty($_POST["clientCPassword"])) {


  die("error: empty field");

  } 


  if ($clientPassword != $clientCPassword) {

  die("error: passwords mismatch");


  }else{


  $hashedClientPassword = password_hash($clientPassword, PASSWORD_DEFAULT); 


  }


  if (empty($_POST["clientContact"])) {


  die("error: empty field");

  } else {

  $clientContact = test_input($_POST["clientContact"]);

  // check if number is correct

  if (!preg_match("[0-9]",$clientContact)) {

  die("error: Only 0-9 allowed");
  }

  }


  $check_email = $conn->query("SELECT clientEmail FROM tbl_clients WHERE 
  clientEmail='$clientEmail'");

  $emailCount=$check_email->num_rows;


  if ($emailCount==0) {


  $newClient = "INSERT INTO tbl_clients(clientFirstName, clientLastName, 
  clientEmail, clientPassword, clientContact) VALUES('$clientFirstName','$clientLastName','$clientEmail','$hashedClientPassword','$clientContact')";

if ($newClient === false){

    $result = array();
    $result[] = array("status" => "Error");
  }else{
     echo "Your have been signed up - please now Log In";


     $result = array();
     $result[] = array("First Name" => $clientFirstName, "Last Name" => $clientLastName, "Email" => $clientEmail, "Password" => $hashedClientPassword, "Contact" => $clientContact, "status" => "success");

  } 


  }else {

echo "Already Exists";
   $result = array();
    $result[] = array("status" => "Error");


    }


  echo json_encode($result);


  }


  function test_input($data) {

   $data = trim($data);

   $data = stripslashes($data);

    $data = htmlspecialchars($data);

    return $data;

  }


  ?>


 <!DOCTYPE HTML> <html> <head> </head> <body> <h2>Reg User</h2> <form method="post" action="clientRegister.php"> <label> First Name:<input type="text" name="clientFirstName"><br/> Last Name:<input type="text" name="clientLastName"><br/> Email:<input type="text" name="clientEmail"><br/> Password:<input type="password" name="clientPassword"><br/> Confirm Password:<input type="password" name="clientCPassword"><br/> Contact:<input type="text" name="clientContact"><br/> <input type="submit" value="Register" name="submit"> </label> </form> </body> </html>

1 个解决方案

解决方案1
 0 已采纳  2018-04-01 15:42:42

您的preg_match()缺少模式定界符

用以下示例替换您的模式: 

if (!preg_match("[a-zA-Z ]",$clientFirstName)) {

    die("Error: Only letters and white space allowed");

}

带有: 

if (!preg_match("/[a-zA-Z ]/",$clientFirstName)) {

    die("Error: Only letters and white space allowed");

}

还有你的 

($clientPassword != $clientCPassword)

将始终返回false,因为您尚未为其分配新的$ _POST值。 并且由于您已将两个变量都初始化为空。 因此(空!=空)总是返回false。

所以你应该这样比较: 

($_POST["clientPassword"] != $_POST["clientCPassword"])

关于您的查询,未执行 

$newClient = "INSERT INTO tbl_clients(clientFirstName, clientLastName, clientEmail, clientPassword, clientContact) VALUES('$clientFirstName','$clientLastName','$clientEmail','$hashedClientPassword','$clientContact')";

我认为您的意思是: 

$newClient = $conn->query("INSERT INTO tbl_clients(clientFirstName, clientLastName, clientEmail, clientPassword, clientContact) VALUES('$clientFirstName','$clientLastName','$clientEmail','$hashedClientPassword','$clientContact')");

注意 :您的查询容易受到sql注入的攻击,因此应使用prepare语句

演示:

http://sandbox.onlinephpfunctions.com/code/d435ae025dc9e22b677823ff37712bb712b71e1b

您可以测试此文件:

https://pastebin.com/AgfquEMC

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 php用户表单注册 注册表错误 PHP用户注册表格问题 php和mysql错误的注册表 PHP注册表和数据库错误 PHP注册表格打印错误 如何在php中调用用户注册表格 PHP / MySQL错误1054,用于表单注册 简单的PHP注册表单/函数中的错误 注册表单发布操作期间发生PHP错误
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM