PHP表單提交時，表單爲空，並驗證到位

Question

你好，我有一個奇怪的問題。我有一個PHP驗證的表單，但即使表單域爲空，表單仍然會提交。以下是我的代碼...您可以告訴我這裏發生了什麼。

同樣在同一頁上也有兩種形式。都使用$_SERVER['PHP_SELF']操作。

工作流程是用戶使用第一個表單旋轉獎金輪（驗證在此表單上正常工作），然後在成功提交後出現微調框。

如果旋轉器着陸在勝出段上，出現第二個表單（如果我單擊第二個表單上的提交，將會提交空白表單）第一個表單再次出現並忽略第二個表單驗證。我確定它的安全，以爲這是因爲該頁面令人耳目一新。有沒有辦法解決這個問題？

$nameErr = $lNameErr = $pCodeErr = $successMessage = $errorMessage = ""; 
$name = $lName = $pCode = ""; 

$errors = 0; 
$regex = '^[a-zA-Z0-9]{3}()?[a-zA-Z0-9]{3}$^'; 

if ($_SERVER["REQUEST_METHOD"] == "POST") { 

    if (empty($_POST["name"])) { 
     $nameErr = "First Name is required"; 
     $errors++; 
    }else { 
     $name = test_input($_POST["name"]); 
    } 

    if (empty($_POST["lName"])) { 
     $lNameErr = "Last Name is required"; 
     $errors++; 
    }else { 
     $lName = test_input($_POST["lName"]); 
    } 

    if (empty($_POST["pCode"])) { 
     $pCodeErr = "Postal Code is required"; 
     $errors++; 
    }else { 
     $pCode = test_input($_POST["pCode"]); 

     // check if e-mail address is well-formed 
     if (!preg_match($regex, $_POST["pCode"])) { 
      $pCodeErr = "Invalid Postal Code format"; 
      $errors++; 
     } 
    } 

    if($errors == 0){ 
     $duplicate = $conn->prepare("SELECT `Pcode` FROM `winners` WHERE `Pcode` = ?"); 
     $query->bindValue(1, $email); 
     $query->execute(); 
     if($duplicate->rowCount() > 0) { 
      $errorMessage = "Sorry this user is already in our database!"; 
     } else { 
      $successMessage = "Form Submission Successful!"; 
      $sql = "INSERT INTO winners (Fname, Lname, Pcode) VALUES (:fName, :lName, :pCode)"; 
      $stmt = $conn->prepare($sql); 
      // $stmt->bindParam(':email', $email, PDO::PARAM_STR); 
      $stmt->bindParam(':fName', $name, PDO::PARAM_STR); 
      $stmt->bindParam(':lName', $lName, PDO::PARAM_STR); 
      $stmt->bindParam(':pCode', $pCode, PDO::PARAM_STR); 
      $stmt->execute(); 
     } 
    } 
} 

，這裏是我的形式

<form id="winner-form" class="spin-form" method = "post" action = "<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> 

    <p>To claim your prize please fill in the form below.</p> 
    <div class="form-group"> 
     <label>Name:</label> 
     <input class="form-control" placeholder="Please enter your First Name" value="<?php echo $name;?>" type = "text" name = "name"> 
     <span class = "error">* <?php echo $nameErr;?></span> 
    </div> 

    <div class="form-group"> 
     <label>Last Name:</label> 
     <input class="form-control" placeholder="Please enter your Last Name" value="<?php echo $lName;?>" type = "text" name = "lName"> 
     <span class="error">* <?php echo $lNameErr;?></span> 
    </div> 

    <div class="form-group"> 
     <label>Postal Code:</label> 
     <input class="form-control" placeholder="Please enter your Postal Code" value="<?php echo $pCode;?>" type = "text" name = "pCode"> 
     <span class="error">* <?php echo $pCodeErr;?></span> 
    </div> 

    <td> 
     <input class="btn btn-lg btn-success" type="submit" name="sub" value="Submit"> 
    </td> 

    <?php if($successMessage != "") { ?> 
     <span class ='alert alert-success'><?php echo $successMessage; ?></span> 
    <?php } ?> 

    <?php if($errorMessage != "") { ?> 
     <span class ='alert alert-danger'><?php echo $errorMessage; ?></span> 
    <?php } ?> 

</form> 

Answer 1

對不起，我不能發表評論，因爲我有較少的聲譽，去除毛刺，可以防止用戶從提交空值，如果你設置一個SQL空檢查NO。或在Php的結尾。

if ($_SERVER["REQUEST_METHOD"] == "POST") { 
    if (isset($_POST["name"]) == "") { 
     $nameErr = "First Name is required"; 
     $errors++; 
    } 
} 

或者

if ($_SERVER["REQUEST_METHOD"] == "POST") { 
    if ($_POST["name"]) == Null) { 
     $nameErr = "First Name is required"; 
     $errors++; 
    } 
} 

但通常最好寫使用JavaScript或jQuery的表單驗證功能。你喜歡哪一個。我希望我的評論有幫助。 :)