1. 首頁
  2. 問答
  3. PHP,MySQL驗證故障和搜索不起作用?

PHP,MySQL驗證故障和搜索不起作用?

2012-07-02 57 views
0

我創建了一個小型註冊粘性表單。一切工作正常,但如果我輸入任何錯誤的值,如姓名中的數字,年齡的字母,甚至錯誤的電子郵件格式,然後數據仍保存在數據庫中,我無法弄清楚驗證問題。 另一個是搜索選項。每當我在搜索框中輸入任何名字或姓氏時,它應該顯示數據庫中的名稱或它將顯示一條錯誤消息。 任何1可以建議我該怎麼辦..請參閱下面我的代碼。PHP,MySQL驗證故障和搜索不起作用?

sticky_form代碼...

<html> 
<head> 


<?php 
global $fname,$lname,$gender,$age,$course,$email; 

if(isset($_POST['register'])) 
{ 

    $fname=$_POST['fname']; 
    $lname=$_POST['lname']; 
    $gender=$_POST['gender']; 
    $age=$_POST['age']; 
    $course=$_POST['course']; 
    $email=$_POST['email']; 

     if (preg_match("/[a-zA-Z ]+$/", $_POST['fname'])) { 
      $fname = trim($_POST['fname']); 
     } 
     else 
     { 
     echo '<p>The First name is empty or has illegal characters! To edit please go the link Display Data Information</p>'; 
     //$error = true; 
     } 


     if (preg_match("/[a-zA-Z ]+$/", $_POST['lname'])) { 
      $lname = trim($_POST['lname']); 
     } 
     else 
     { 
     echo '<p>The last name is empty or has illegal characters! To edit please go the link Display Data Information</p>'; 
     $error = true; 
     } 

     if(isset($_POST['gender'])) 
     { 
      $gender = $_POST['gender']; 
     } 
     else 
     { 
      echo "<p>No gender found!</p>"; 
     } 

     if (preg_match("/[a-zA-Z ]+$/", $_POST['age'])) { 
      $age = trim($_POST['age']); 
     } 
     else 
     { 
     echo '<p>Please enter age. Or your age contains illegal characters</p>'; 
     //$error = true; 
     } 

     if(isset($_POST['course'])) 
     { 
      $course = $_POST['course']; 
     } 
     else 
     { 
      echo "<p>Please Select Course!</p>"; 

     } 

     // Validate the email: 
     if (preg_match("/^[\w.-][email protected][\w.-]+\.[A-Za-z]{2,6}$/", $_POST['email'])){ 
     $email = trim($_POST['email']); 
     } 
     else 
     { 
     echo '<p>The email is empty or has illegal characters! To edit please go the link Display Data Information</p>'; 
     //$error = false; 
     } 
     echo "<br/>"; 
     echo "<br/>"; 
     echo "<br/>"; 



} 

    if($fname&&$lname&&$gender&&$age&&$email&&$course) 
    { 
    require_once('connection.php'); 
    $query = mysql_query("INSERT INTO members SET FirstName='$fname', LastName='$lname', Gender='$gender', Age='$age',   Email='$email', Course='$course'") or die(mysql_error()); 

     if($query){ 
      echo"Your Data Successfully Saved"; 
     } 
     else 
     { 
      echo "Please recheck your Data!"; 
     } 


} 


?> 
</head> 

<body id="body"> 
<h2><strong>Register Student Account</strong></h2> 
<form action="student_form.php" method="post" > 
<table border="1" id="container"> 


    <tr> 
    <td>First Name</td> 
    <td>:</td> 
    <td><input type="text" name="fname" size="30" maxlength="50"/></td> 
    </tr> 

<tr> 
    <td>Last Name</td> 
    <td>:</td> 
    <td><input type="text" name="lname" size="30" maxlength="50"/></td> 
    </tr> 

    <tr> 
    <td>Age</td> 
    <td>:</td> 
    <td><input type="text" name="age" size="3" /></td> 
    </tr> 

    <tr> 
    <td >Gender </td> 
    <td> : </td> 
    <td> Male 
    <input type="radio" name="gender" value="Male"/> 

    Female 
    <input type="radio" name="gender" value="Female"/></td> 

    </tr> 


    <tr> 
    <td valign="top">Course</td> 
    <td valign="top"> : </td> 
    <td> <input type="radio" name="course" value="Bachelor Of Computing"/>Bachelor Of Computing<br/> 
    <input type="radio" name="course" value="Bachelor Of Science"/>Bachelor Of Science<br/> 
    <input type="radio" name="course" value="Bachelor Of Software Engineering"/>Bachelor Of Software Engineering<br/> 
    <input type="radio" name="course" value="Bachelor Of Networking"/>Bachelor Of Networking<br/> 
    <input type="radio" name="course" value="Bacelor Of IT"/>Bacelor Of IT <br/> 
    <input type="radio" name="course" value="Bachelor Of Computer Science"/>Bachelor Of Computer Science<br/></td> 

    </tr> 

<tr> 
    <td>Email Address</td> 
    <td>:</td> 
    <td><input type="text" name="email" size="30" maxlength="50"/></td> 
</tr> 


</table> 
    <input type="submit" name="register" value="REGISTER"/> 

</form><br> 
<p><a href="student_form.php" >Home</a></p> 
<p><a href="display_data.php">Display Data Information</a> 
<p><a href="search.php">To search for Members</a> 
</body> 
</html>

,這是search_form碼......

<html> 
<head> 
<?php 
//require_once('student_form.php'); 
if(isset($_POST['s1'])){ 
$id=$_REQUEST['id']; 
$fname=$_POST['fname']; 
    //connect to the database 
include('connection.php'); 
//-query the database table 
$sql=mysql_query("SELECT * FROM members WHERE (FirstName LIKE '". $fname ."%' OR LastName LIKE '". $lname ."%'"); 
    //-run the query against the mysql query function 
    $result=mysql_query($sql); 

    if($row=mysql_fetch_array($result)){ 
       $fname=$row['FirstName']; 
       $lname=$row['LastName']; 
       /*$email=$row['Email']; 
       $age =$row['Age']; 
       $gender=$row['Gender']; 
       $course = $row['Course'];*/ 
    } 
    //-display the result of the array 
    else 
    { 
    <?php echo $rows['FirstName']; ?> 
    <?php echo $rows['LastName']; ?> 
    } 
} 
?> 
</head> 
<body> 
<form action="search.php" method="post"> 
<table> 
    <tr> 
    <td><strong>search box</strong></td> 
    <td><strong>:</strong></td> 
    <td><input type="text" name="search" value=""size="30"/><input type="submit" name="s1" value="Search"/></td> 

</table> 
</form> 
</body> 
</html>

來源

2012-07-02 bleach64

回答

1

你的變量如$fname $lname $gender $age $email $course如果條件爲isset($_POST['register'])後條件如果條件。現在,即使您的驗證可行,數據仍將輸入到數據庫中。因爲你已經把條件

if($fname&&$lname&&$gender&&$age&&$email&&$course)

現在控制,當你在所有這些變量,甚至單個值將進入該塊。必須發生的事情是,你輸入錯誤的值,那些被驗證,消息將被顯示,但是當第一個塊如果完成時,因爲$ _POST變量仍然有一些值,不管它們是否無效,第二如果塊將被輸入並且查詢將被觸發。

你可以做的是,在哪裏你迴應錯誤消息,空白了各自的變量。像這樣:

if (preg_match("/[a-zA-Z ]+$/", $_POST['fname'])) { 
    $fname = trim($_POST['fname']); 
} 
else 
{ 
    echo '<p>The First name is empty or has illegal characters! To edit please go the link Display Data Information</p>'; 
    $fname = ""; 
}

來源

2012-07-02 12:38:10 Shades88

+0

Wowwwww!它的工作..謝謝很多...我真的很感激它..但你可以幫助我只有1件事情,我有一個搜索頁面,代碼在上面給出,例如:用戶輸入名稱或姓氏或電子郵件,然後按搜索,這將顯示所需成員從數據庫中的結果到頁面。 – bleach64

+0

你的sql查詢似乎有錯誤... WHERE子句後面有一個括號,不需要,請嘗試刪除它 – Shades88

0

關於你提到的第一個問題,不檢查$var,檢查!empty($var)

第二個問題:我不知道我明白你在做什麼。但是,當你顯示某些東西時,你是不是指$row而不是$rows?另外,如果你有多個搜索結果呢?你想要的是:

while($row=mysql_fetch_assoc($result)){ 
    echo $row['Firstname'], ' ', $row['LastName']; 
}

而不是你的if-else結構。

來源

2012-07-02 12:37:29 Doa

相關問題

 相關問題