堆棧內存溢出
  簡體   English   中英

驗證PHP中的注冊頁面

[英]Validation for registration page in PHP

 原文  2019-02-27 22:56:15       php

問題描述

我有一個注冊頁面,我想對其進行驗證。 我有以下代碼: 

$msg = "";
$msg_3 = "";
if(isset($_POST['submit'])) {
  $First_Name = ((isset($_POST['First_Name']))?sanitize($_POST['First_Name']):'');
  $Last_Name = ((isset($_POST['Last_Name']))?sanitize($_POST['Last_Name']):'');
  $email = ((isset($_POST['email']))?sanitize($_POST['email']):'');
  $confirm_email = ((isset($_POST['confirm_email']))?sanitize($_POST['confirm_email']):'');
  $mobile_number = ((isset($_POST['mobile_number']))?sanitize($_POST['mobile_number']):'');
  $password = ((isset($_POST['password']))?sanitize($_POST['password']):'');
  $confirm_password = ((isset($_POST['confirm_password']))?sanitize($_POST['confirm_password']):'');
  $gender = ((isset($_POST['gender']))?sanitize($_POST['gender']):'');
  $day = ((isset($_POST['day']))?sanitize($_POST['day']):'');
  $month = ((isset($_POST['month']))?sanitize($_POST['month']):'');
  $year = ((isset($_POST['year']))?sanitize($_POST['year']):'');
  $insurance = ((isset($_POST['insurance']))?sanitize($_POST['insurance']):'');
  $agree = ((isset($_POST['agree']))?sanitize($_POST['agree']):'');
  $sql = "SELECT email, mobile_number FROM customers WHERE email ='$email' OR mobile_number ='$mobile_number'";
  $result = $db->query($sql);
  if ($result->num_rows > 0) {
    while ($row = $result->fetch_assoc()) {
      if ($email == $row['email']) {
        $msg = "<span class='text-danger'>The email address you've entered is already associated with another account.
        <br>Please sign in or enter a different email address. Please try again.</span>";
      }  if ($mobile_number == $row['mobile_number']) {
        $msg_3 = "<span class='text-danger'>The mobile phone number you've entered is already associated with another account.
        <br>Please sign in or enter a different number. Please try <br>again.</span>";
      }
    }
  } else {
// Insert into database and send email
}

現在,我如何驗證每個字段是否為空,並在嵌套的if和while的每個字段下打印不同的消息。 我很困惑。

2 個解決方案

解決方案1
 2  2019-02-27 23:11:56

如果您將在db中使用與表單中相同的名稱,則可以使用以下形式: 

$keys = ['gender', 'email', 'mobile_number']; //etc

$errors = [];

while ($row = $result->fetch_assoc()) {
    array_walk($keys, function ($key) {
        if (empty($row[$key])) {
            $errors[] = "$key is required"
        }

        if (isset($_POST[$key]) && $_POST[$key] == $row[$key]) {
            $errors[] = "please enter $key"
        }
    })
}

如果您需要更多定制消息,則可以將鍵映射到錯誤文本,例如: 

$keys = ['gender' => ['equal' => 'your error message', 'empty' => 'empty msg'], 'email' => ['equal' => 'email validation error', 'empty' => 'error msg 2']]; //etc
$errors = [];

while ($row = $result->fetch_assoc()) {
    array_walk($keys, function ($errorMsg, $key) {

        if (isset($_POST[$key]) && $_POST[$key] == $row[$key]) {
            $errors[$key] = $errorMsg['equal'];
        }

        if (empty($row[$key])) {
            $errors[$key] = $errorMsq['empty'];
        }
    })
}

解決方案2
 0  2019-02-27 23:22:26

  1. 不要重復
  2. 防止SQL注入

你可以做這樣的事情。 

<?php
if(isset($_POST['submit'])) {

  $errors = [];

  function getPost($postIndex, $errorMessage = '') {
    global $errors;
    if (!empty( $_POST[$postIndex] )) {
      $value = $_POST[$postIndex];
      return $value;;
    } else {
      $errors[$postIndex] = $errorMessage;
      return null;
    }
  }

  function validateString($s) {
    return htmlspecialchars(trim($s));
  }

  getPost('First_Name', 'Firstname Cannot Be Empty');
  getPost('Last_Name', 'Lastname cannot be empty');
  $email = getPost('email', 'Your Error Message');
  getPost('confirm_email', 'Your Error Message');
  $mobile_number = getPost('mobile_number', 'Your Error Message');
  getPost('password', 'Your Error Message');
  getPost('confirm_password', 'Your Error Message');
  getPost('gender', 'Your Error Message');
  getPost('day', 'Your Error Message');
  getPost('month', 'Your Error Message');
  getPost('year', 'Your Error Message');
  getPost('insurance', 'Your Error Message');
  getPost('agree', 'Your Error Message');

  $stmt = $mysqli -> prepare('SELECT email, mobile_number FROM customers WHERE email =? OR mobile_number =?');

  if (
    $stmt &&
    $stmt -> bind_param('ss', $email, $mobile_number) &&
    $stmt -> execute() &&
    $stmt -> store_result() &&
    $stmt -> bind_result($dbEmail, $dbMobileNumber) &&
    $stmt -> fetch()
  ) {

    if ($email == $dbEmail) {
      // email equal error message
    }  if ($mobile_number == $row['mobile_number']) {
      // mobile number equal error message
    }

  }

  if (count($errors)) {
    echo "You have an error";    
  }
  // or get the post index in your HTML form and show the error message there
  // <?php isset($errors['firstName']) ? echo $errors['firstname'] : null; 

}

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 注冊頁面,驗證並將數據發送到php文件 PHP注冊錯誤驗證 注冊表格在php驗證 在注冊頁面添加驗證消息 PHP中的簡單注冊頁面 PHP注冊頁面 PHP用戶注冊頁面 PHP注冊頁面 測試php中的注冊頁面 注冊會話中的PHP驗證功能
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM