[英]PHP, MySQL validation malfunction and search doesn't work?
我創建了一個小的注冊即時貼。 一切工作正常,但是如果我輸入任何錯誤的值,例如名稱中的數字,年齡中的字母或什至錯誤的電子郵件格式,那么數據仍然保存在數據庫中,我將無法確定驗證問題。 另一個1是搜索選項。 每當我在搜索框中輸入任何名字或姓氏時,它都應顯示數據庫中的名稱,否則它將顯示錯誤消息。 任何1都可以建議我該怎么辦。。請參閱下面的代碼。
sticky_form代碼...
<html>
<head>
<?php
global $fname,$lname,$gender,$age,$course,$email;
if(isset($_POST['register']))
{
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$gender=$_POST['gender'];
$age=$_POST['age'];
$course=$_POST['course'];
$email=$_POST['email'];
if (preg_match("/[a-zA-Z ]+$/", $_POST['fname'])) {
$fname = trim($_POST['fname']);
}
else
{
echo '<p>The First name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
//$error = true;
}
if (preg_match("/[a-zA-Z ]+$/", $_POST['lname'])) {
$lname = trim($_POST['lname']);
}
else
{
echo '<p>The last name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
$error = true;
}
if(isset($_POST['gender']))
{
$gender = $_POST['gender'];
}
else
{
echo "<p>No gender found!</p>";
}
if (preg_match("/[a-zA-Z ]+$/", $_POST['age'])) {
$age = trim($_POST['age']);
}
else
{
echo '<p>Please enter age. Or your age contains illegal characters</p>';
//$error = true;
}
if(isset($_POST['course']))
{
$course = $_POST['course'];
}
else
{
echo "<p>Please Select Course!</p>";
}
// Validate the email:
if (preg_match("/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/", $_POST['email'] )){
$email = trim($_POST['email']);
}
else
{
echo '<p>The email is empty or has illegal characters! To edit please go the link Display Data Information</p>';
//$error = false;
}
echo "<br/>";
echo "<br/>";
echo "<br/>";
}
if($fname&&$lname&&$gender&&$age&&$email&&$course)
{
require_once('connection.php');
$query = mysql_query("INSERT INTO members SET FirstName='$fname', LastName='$lname', Gender='$gender', Age='$age', Email='$email', Course='$course'") or die(mysql_error());
if($query){
echo"Your Data Successfully Saved";
}
else
{
echo "Please recheck your Data!";
}
}
?>
</head>
<body id="body">
<h2><strong>Register Student Account</strong></h2>
<form action="student_form.php" method="post" >
<table border="1" id="container">
<tr>
<td>First Name</td>
<td>:</td>
<td><input type="text" name="fname" size="30" maxlength="50"/></td>
</tr>
<tr>
<td>Last Name</td>
<td>:</td>
<td><input type="text" name="lname" size="30" maxlength="50"/></td>
</tr>
<tr>
<td>Age</td>
<td>:</td>
<td><input type="text" name="age" size="3" /></td>
</tr>
<tr>
<td >Gender </td>
<td> : </td>
<td> Male
<input type="radio" name="gender" value="Male"/>
Female
<input type="radio" name="gender" value="Female"/></td>
</tr>
<tr>
<td valign="top">Course</td>
<td valign="top"> : </td>
<td> <input type="radio" name="course" value="Bachelor Of Computing"/>Bachelor Of Computing<br/>
<input type="radio" name="course" value="Bachelor Of Science"/>Bachelor Of Science<br/>
<input type="radio" name="course" value="Bachelor Of Software Engineering"/>Bachelor Of Software Engineering<br/>
<input type="radio" name="course" value="Bachelor Of Networking"/>Bachelor Of Networking<br/>
<input type="radio" name="course" value="Bacelor Of IT"/>Bacelor Of IT <br/>
<input type="radio" name="course" value="Bachelor Of Computer Science"/>Bachelor Of Computer Science<br/></td>
</tr>
<tr>
<td>Email Address</td>
<td>:</td>
<td><input type="text" name="email" size="30" maxlength="50"/></td>
</tr>
</table>
<input type="submit" name="register" value="REGISTER"/>
</form><br>
<p><a href="student_form.php" >Home</a></p>
<p><a href="display_data.php">Display Data Information</a>
<p><a href="search.php">To search for Members</a>
</body>
</html>
這是search_form代碼...
<html>
<head>
<?php
//require_once('student_form.php');
if(isset($_POST['s1'])){
$id=$_REQUEST['id'];
$fname=$_POST['fname'];
//connect to the database
include('connection.php');
//-query the database table
$sql=mysql_query("SELECT * FROM members WHERE (FirstName LIKE '". $fname ."%' OR LastName LIKE '". $lname ."%'");
//-run the query against the mysql query function
$result=mysql_query($sql);
if($row=mysql_fetch_array($result)){
$fname=$row['FirstName'];
$lname=$row['LastName'];
/*$email=$row['Email'];
$age =$row['Age'];
$gender=$row['Gender'];
$course = $row['Course'];*/
}
//-display the result of the array
else
{
<?php echo $rows['FirstName']; ?>
<?php echo $rows['LastName']; ?>
}
}
?>
</head>
<body>
<form action="search.php" method="post">
<table>
<tr>
<td><strong>search box</strong></td>
<td><strong>:</strong></td>
<td><input type="text" name="search" value=""size="30"/><input type="submit" name="s1" value="Search"/></td>
</table>
</form>
</body>
</html>
您的變量(例如$fname $lname $gender $age $email $course
被放置在if condition isset($_POST['register'])
if條件之后。 現在,即使您的驗證有效,數據仍將輸入數據庫中。 因為你有條件
if($fname&&$lname&&$gender&&$age&&$email&&$course)
現在,當所有這些變量中只有一個值時,控件將進入該塊。 必須發生的是,您輸入了錯誤的值,這些值將通過驗證,但將顯示消息,但是如果第一個如果塊完成,則由於$ _POST變量仍然具有SOME值,無論它們是否無效,第二個如果輸入了塊並會觸發查詢。
您可以做的是,無論您在何處回顯錯誤消息,都將相應的變量清空。 像這樣的東西:
if (preg_match("/[a-zA-Z ]+$/", $_POST['fname'])) {
$fname = trim($_POST['fname']);
}
else
{
echo '<p>The First name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
$fname = "";
}
至於第一個問題,不要檢查$var
,不要檢查!empty($var)
。
第二個問題:我不確定我是否理解您要做什么。 但是,當顯示某些內容時,您不是用$row
而不是$rows
嗎? 另外,如果您有多個搜索命中怎么辦? 您想要的是:
while($row=mysql_fetch_assoc($result)){
echo $row['Firstname'], ' ', $row['LastName'];
}
而不是if-else結構。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.