即使数据无效,表单仍会接受数据

时间:2015-08-08 09:22:24

标签: php html mysql forms

我的表格仍然给我一个“注册成功!”并将数据存储在mysql中,即使它不是有效数据并且为空。然后在显示“注册成功”后,它会显示错误。

它应该运行的方式是,当输入无效或为空时,它不会存储在数据库中,也不会提示“注册成功!”。 我将php代码放在与html相同的文件中,具体位于html代码的顶部。

PHP 

<?php
mysql_connect("localhost","root","");
mysql_select_db("registration");

    if (isset($_POST['register'])){
            $fname = $_POST['first_name'];
            $lname = $_POST['last_name'];
            $email = $_POST['email'];
            $pword = $_POST['password_verify'];

        if($_POST){
            $errors = array();

            if(empty($_POST['first_name'])){
                $errors['first_name1'] = "This field cannot be empty";
            }
            if (empty($_POST['last_name'])){
                $errors['last_name1'] = "Please enter your name last name.";
                }
            if (empty($_POST['email'])){
                $errors['email1'] = "Please enter email address.";
                }
            if (empty($_POST['password'])){
                $errors['password1'] = "Please enter password.";
                }
            if (empty($_POST['password_verify'])){
                $errors['password_verify1'] = "Please enter password.";

                }
            if (strlen($_POST['password']) < 6){
                $errors['password2'] = 'Your password must be at least 6 characters';
                }   
            if ($_POST['password'] != $_POST['password_verify']){
                $errors['password_verify2'] = 'Your passwords do not match.';
                }

            $check_email = "select * from customer_info where Email='$email'";
            $run = mysql_query($check_email);

            if (mysql_num_rows($run) >0){
                $errors['email2'] = 'Email already exists.';
            }
            $query = "insert into customer_info (First_Name,Last_Name,Email, Password) values ('$fname', '$lname', '$email', '$pword')";

        if(mysql_query($query)){
            echo "<script>alert('Registration Successful!')</script>";
            }   
        }   
    }               
?>

3 个答案:

答案 0 :(得分:0)

您应该在此声明之前加上条件

$query = "insert into customer_info (First_Name,Last_Name,Email, Password) values ('$fname', '$lname', '$email', '$pword')";

应该是:

if(count($errors)>0){
    echo "<script>alert('Error!')</script>";
} else {
    $query = "insert into customer_info (First_Name,Last_Name,Email, Password) values ('$fname', '$lname', '$email', '$pword')";
    if(mysql_query($query)){
            echo "<script>alert('Registration Successful!')</script>";
            }   
        }   
}

答案 1 :(得分:0)

试试这个:

if(!isset($error)){
    $query = "insert into customer_info (First_Name,Last_Name,Email, Password) values ('$fname', '$lname', '$email', '$pword')";

    if(mysql_query($query)){
        echo "<script>alert('Registration Successful!')</script>";
        }

Anddd有人打败了我的拳头&gt;。&lt;的xD 我还建议避免使用mysql_ *函数,因为它们已被弃用。尝试使用mysqli_ *或Prepared Statements:

http://php.net/manual/en/pdo.prepared-statements.php

http://www.w3schools.com/php/php_mysql_prepared_statements.asp

答案 2 :(得分:0)

在将数据插入数据库之前。请检查$error数组是否为空。如果数组为空,则表示您的数据有效,否则无效。

if(empty($errors))
{
// insert into database and alert('Registration successful');
}
else
{
// alert('Error');
}
相关问题
最新问题