驗證我的PHP形式提交到數據庫

Question

基本上我一個審查表上的工作中，用戶填寫有關特定產品項目，並提交表單時，它調用process.php這驗證表格，當一個人會發郵件給我提交沒有錯誤。然後，它將用戶返回到表單頁面，並顯示已提交的錯誤或者說它已成功提交，這一切都很好，但我現在需要做的是在表單填寫正確時我仍然希望電子郵件和返回到表單的頁面，但也插入數據到我的數據庫。我的表單驗證的偉大工程，直到我嘗試在彈出一些代碼插入到數據庫，然後我得到這些錯誤......

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/XZXZ/support/database.inc:16) in /home/XZXZ/public_html/Reviews/process.php on line 113 

Warning: Cannot modify header information - headers already sent by (output started at /home/XZXZ/support/database.inc:16) in /home/XZXZ/public_html/Reviews/process.php on line 117 

我只需要知道在哪裏可以在彈出這個以避免這些錯誤仍然有一切正常工作。下面來看看在process.php文件：

<?php 

    if(isset($_POST)){ 

     //form validation vars 
     $formok = true; 
     $errors = array(); 

     //sumbission data 
     $ipaddress = $_SERVER['REMOTE_ADDR']; 
     $sub_date = date('d/m/Y'); 
     $sub_time = date('H:i:s'); 

     //form data 
     $sub_date = $_POST['sub_date']; 
     $sub_time = $_POST['sub_time']; 
     $review_title = $_POST['review_title']; 
     $rating = $_POST['rating']; 
     $pros = $_POST['pros']; 
     $cons = $_POST['cons']; 
     $best_uses = $_POST['best_uses']; 
     $comments = $_POST['comments']; 
     $upload = $_POST['upload']; 
     $recommend = $_POST['recommend']; 
     $reviewer_name = $_POST['reviewer_name']; 
     $reviewer_desc = $_POST['reviewer_desc']; 
     $reviewer_loc = $_POST['reviewer_loc']; 



     //form validation to go here.... 

    } 

     //validate review title is not empty 
    if(empty($review_title)){ 
     $formok = false; 
     $errors[] = "You have not entered a title for this review"; 
    } 

     //validate rating is selected 
    if (isset ($_POST['rating']) && ($_POST['rating'] == '')) { 
     $formok = FALSE; 
     $errors[] = "You have not selected a rating for the product"; 
    } 

     //validate pros is not empty 
    if(empty($pros)){ 
     $formok = false; 
     $errors[] = "You have not entered any pros"; 
    } 

     //validate cons is not empty 
    if(empty($cons)){ 
     $formok = false; 
     $errors[] = "You have not entered any cons"; 
    } 

     //validate name is not empty 
    if(empty($reviewer_name)){ 
     $formok = false; 
     $errors[] = "You have not entered your name"; 
    } 

     //validate desc is not empty 
    if(empty($reviewer_desc)){ 
     $formok = false; 
     $errors[] = "You have not entered your description"; 
    } 

     //validate location is not empty 
    if(empty($reviewer_loc)){ 
     $formok = false; 
     $errors[] = "You have not entered your location"; 
    } 

     //send email if all is ok 
    if($formok){ 

     $headers = "From: reviews@XZXZ.com" . "\r\n"; 
     $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; 

     $emailbody = "<p>You have received a new product review pending approval from XZXZ.com</p> 
         <p><strong>Review Title: </strong> {$review_title} </p> 
         <p><strong>Rating: </strong> {rating} </p> 
         <p><strong>Pros: </strong> {$pros} </p> 
         <p><strong>Cons: </strong> {$cons} </p> 
         <p><strong>Best Uses: </strong> {$best_uses} </p> 
         <p><strong>Comments: </strong> {$comments} </p> 
         <p><strong>Upload: </strong> {$upload} </p> 
         <p><strong>Recommend: </strong> {$recommend} </p> 
         <p><strong>Name: </strong> {$reviewer_name} </p> 
         <p><strong>Description: </strong> {$reviewer_desc} </p> 
         <p><strong>Location: </strong> {$reviewer_loc} </p> 
         <p>This message was sent from the IP Address: {$ipaddress} on {$date} at {$time}</p>"; 

     mail("XX@XZXZ.com","New Pending Review",$emailbody,$headers); 

     //insert to database  

     require("/home/XZXZ/support/database.inc"); 

     $SQL="INSERT INTO 'XZXZ_rvs'.'reviews_prod' (sub_date, sub_time, review_title, rating, pros, cons, best_uses, comments, upload, recommend, reviewer_name, reviewer_desc, reviewer_loc) VALUES ('$_POST[$sub_date]','$_POST[$sub_time]','$_POST[$review_title]','$_POST[$rating]','$_POST[$pros]','$_POST[$cons]','$_POST[$best_uses]','$_POST[$comments]','$_POST[$upload]','$_POST[$recommend]','$_POST[$reviewer_name]','$_POST[$reviewer_desc]','$_POST[$reviewer_loc]')"; 

    } 
     //what we need to return back to our form 
    $returndata = array( 
     'posted_form_data' => array( 
      'review_title' => $review_title, 
      'rating' => $rating, 
      'pros' => $pros, 
      'cons' => $cons, 
      'best_uses' => $best_uses, 
      'comments' => $comments, 
      'upload' => $upload, 
      'recommend' => $recommend, 
      'reviewer_name' => $reviewer_name, 
      'reviewer_desc' => $reviewer_desc, 
      'reviewer_loc' => $reviewer_loc 
     ), 
     'form_ok' => $formok, 
     'errors' => $errors 
    ); 
    //if this is not an ajax request 
if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest'){ 

    //set session variables 
    session_start(); 
    $_SESSION['cf_returndata'] = $returndata; 

    //redirect back to form 
    header('location: ' . $_SERVER['HTTP_REFERER']); 

} 

Answer 1

您必須添加腳本以前什麼發送到包括空行或空格，瀏覽器。如果您關閉這個腳本之前包含你的PHP腳本文件（?>），和你的編輯器，FTP客戶端或其他應用程序添加一個空行到文件末尾（這是常見的），這可能會發生事故。爲防止這種情況發生，只需將PHP腳本保留爲開放式（如果整個文件都是PHP，則不需要使用?>）。它也可能是一個流浪echo（或類似的，例如print，print_var等）引起的問題。

在你的警告，它看起來像這樣在/home/XZXZ/support/database.inc發生的事情就行16。

此外，在SAURABH爲感動，你必須把每die();後header("Location: ...");作爲header()功能不會將用戶重定向 - 它僅發送Location: ...作爲頭添加到瀏覽器中，並讓它到瀏覽器完成剩下的工作 - 然而，服務器並不知道你正在重定向用戶，所以它會繼續運行腳本。因此，您必須終止腳本以防止執行任何其他代碼。

Answer 2

你能不能也請分享一下你在/home/XZXZ/support/database.inc。我沒有看到你正在執行查詢。但看看這些錯誤，我覺得/home/XZXZ/support/database.inc正試圖設置重定向。此外它的一個很好的做法，把一個die()重定向使用header

Answer 3

後，所有的HTML標籤