堆棧內存溢出
  簡體   English   中英

用戶注冊表格錯誤php

[英]User registration form error php

 原文  2018-04-01 14:59:46       php/ mysql

問題描述

您好,我正在嘗試編寫在后端進行驗證的代碼。 一旦有錯誤,該代碼應立即停止。 就我而言,即使滿足條件,代碼也會停止在名字驗證塊本身中。 我也希望只有后端驗證。

這是php代碼clientRegister.php 

<?php

  require_once("connection.php");
  session_start();
// define variables and set to empty values

$clientFirstName = $clientLastName =$clientEmail = $clientPassword = 
$clientCPassword = $clientContact = "";

if ($_SERVER["REQUEST_METHOD"] == "POST") {


    // First Name Validation
  if (empty($_POST["clientFirstName"])) {

    die("error: empty field");
  } else {
    $clientFirstName = test_input($_POST["clientFirstName"]);
    // check if name only contains letters and whitespace
    if (!preg_match("[a-zA-Z ]",$clientFirstName)) {

      die("Error: Only letters and white space allowed");

    }
  }

  // Last Name Validation

    if (empty($_POST["clientLastName"])) {


  die("error: empty field");

   } else {

  $clientLastName = test_input($_POST["clientLastName"]);

  // check if name only contains letters and whitespace

  if (!preg_match("[a-zA-Z ]",$clientLastName)) {


  die("Error: Only letters and white space allowed");
}

    }



    // Email Validation

   if (empty($_POST["clientEmail"])) {



   die("error: empty field");

   } else {

   $clientEmail = test_input($_POST["clientEmail"]);

  // check if e-mail address is well-formed

  if (!filter_var($clientEmail, FILTER_VALIDATE_EMAIL)) {


  die("Error: Invalid email format");

  }

  }


  // Password Validation

  if (empty($_POST["clientPassword"])) {


  die("error: empty field");

  } 


  // Confirm Password Validation

  if (empty($_POST["clientCPassword"])) {


  die("error: empty field");

  } 


  if ($clientPassword != $clientCPassword) {

  die("error: passwords mismatch");


  }else{


  $hashedClientPassword = password_hash($clientPassword, PASSWORD_DEFAULT); 


  }


  if (empty($_POST["clientContact"])) {


  die("error: empty field");

  } else {

  $clientContact = test_input($_POST["clientContact"]);

  // check if number is correct

  if (!preg_match("[0-9]",$clientContact)) {

  die("error: Only 0-9 allowed");
  }

  }


  $check_email = $conn->query("SELECT clientEmail FROM tbl_clients WHERE 
  clientEmail='$clientEmail'");

  $emailCount=$check_email->num_rows;


  if ($emailCount==0) {


  $newClient = "INSERT INTO tbl_clients(clientFirstName, clientLastName, 
  clientEmail, clientPassword, clientContact) VALUES('$clientFirstName','$clientLastName','$clientEmail','$hashedClientPassword','$clientContact')";

if ($newClient === false){

    $result = array();
    $result[] = array("status" => "Error");
  }else{
     echo "Your have been signed up - please now Log In";


     $result = array();
     $result[] = array("First Name" => $clientFirstName, "Last Name" => $clientLastName, "Email" => $clientEmail, "Password" => $hashedClientPassword, "Contact" => $clientContact, "status" => "success");

  } 


  }else {

echo "Already Exists";
   $result = array();
    $result[] = array("status" => "Error");


    }


  echo json_encode($result);


  }


  function test_input($data) {

   $data = trim($data);

   $data = stripslashes($data);

    $data = htmlspecialchars($data);

    return $data;

  }


  ?>


 <!DOCTYPE HTML> <html> <head> </head> <body> <h2>Reg User</h2> <form method="post" action="clientRegister.php"> <label> First Name:<input type="text" name="clientFirstName"><br/> Last Name:<input type="text" name="clientLastName"><br/> Email:<input type="text" name="clientEmail"><br/> Password:<input type="password" name="clientPassword"><br/> Confirm Password:<input type="password" name="clientCPassword"><br/> Contact:<input type="text" name="clientContact"><br/> <input type="submit" value="Register" name="submit"> </label> </form> </body> </html>

1 個解決方案

解決方案1
 0 已采納  2018-04-01 15:42:42

您的preg_match()缺少模式定界符

用以下示例替換您的模式: 

if (!preg_match("[a-zA-Z ]",$clientFirstName)) {

    die("Error: Only letters and white space allowed");

}

帶有: 

if (!preg_match("/[a-zA-Z ]/",$clientFirstName)) {

    die("Error: Only letters and white space allowed");

}

還有你的 

($clientPassword != $clientCPassword)

將始終返回false,因為您尚未為其分配新的$ _POST值。 並且由於您已將兩個變量都初始化為空。 因此(空!=空)總是返回false。

所以你應該這樣比較: 

($_POST["clientPassword"] != $_POST["clientCPassword"])

關於您的查詢,未執行 

$newClient = "INSERT INTO tbl_clients(clientFirstName, clientLastName, clientEmail, clientPassword, clientContact) VALUES('$clientFirstName','$clientLastName','$clientEmail','$hashedClientPassword','$clientContact')";

我認為您的意思是: 

$newClient = $conn->query("INSERT INTO tbl_clients(clientFirstName, clientLastName, clientEmail, clientPassword, clientContact) VALUES('$clientFirstName','$clientLastName','$clientEmail','$hashedClientPassword','$clientContact')");

注意 :您的查詢容易受到sql注入的攻擊,因此應使用prepare語句

演示:

http://sandbox.onlinephpfunctions.com/code/d435ae025dc9e22b677823ff37712bb712b71e1b

您可以測試此文件:

https://pastebin.com/AgfquEMC

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 php用戶表單注冊 注冊表錯誤 PHP用戶注冊表格問題 php和mysql錯誤的注冊表 PHP注冊表和數據庫錯誤 PHP注冊表格打印錯誤 如何在php中調用用戶注冊表格 PHP / MySQL錯誤1054,用於表單注冊 簡單的PHP注冊表單/函數中的錯誤 注冊表單發布操作期間發生PHP錯誤
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM