基本上我一個審查表上的工作中,用戶填寫有關特定產品項目,並提交表單時,它調用process.php這驗證表格,當一個人會發郵件給我提交沒有錯誤。然後,它將用戶返回到表單頁面,並顯示已提交的錯誤或者說它已成功提交,這一切都很好,但我現在需要做的是在表單填寫正確時我仍然希望電子郵件和返回到表單的頁面,但也插入數據到我的數據庫。我的表單驗證的偉大工程,直到我嘗試在彈出一些代碼插入到數據庫,然後我得到這些錯誤......驗證我的PHP形式提交到數據庫
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/XZXZ/support/database.inc:16) in /home/XZXZ/public_html/Reviews/process.php on line 113
Warning: Cannot modify header information - headers already sent by (output started at /home/XZXZ/support/database.inc:16) in /home/XZXZ/public_html/Reviews/process.php on line 117
我只需要知道在哪裏可以在彈出這個以避免這些錯誤仍然有一切正常工作。下面來看看在process.php文件:
<?php
if(isset($_POST)){
//form validation vars
$formok = true;
$errors = array();
//sumbission data
$ipaddress = $_SERVER['REMOTE_ADDR'];
$sub_date = date('d/m/Y');
$sub_time = date('H:i:s');
//form data
$sub_date = $_POST['sub_date'];
$sub_time = $_POST['sub_time'];
$review_title = $_POST['review_title'];
$rating = $_POST['rating'];
$pros = $_POST['pros'];
$cons = $_POST['cons'];
$best_uses = $_POST['best_uses'];
$comments = $_POST['comments'];
$upload = $_POST['upload'];
$recommend = $_POST['recommend'];
$reviewer_name = $_POST['reviewer_name'];
$reviewer_desc = $_POST['reviewer_desc'];
$reviewer_loc = $_POST['reviewer_loc'];
//form validation to go here....
}
//validate review title is not empty
if(empty($review_title)){
$formok = false;
$errors[] = "You have not entered a title for this review";
}
//validate rating is selected
if (isset ($_POST['rating']) && ($_POST['rating'] == '')) {
$formok = FALSE;
$errors[] = "You have not selected a rating for the product";
}
//validate pros is not empty
if(empty($pros)){
$formok = false;
$errors[] = "You have not entered any pros";
}
//validate cons is not empty
if(empty($cons)){
$formok = false;
$errors[] = "You have not entered any cons";
}
//validate name is not empty
if(empty($reviewer_name)){
$formok = false;
$errors[] = "You have not entered your name";
}
//validate desc is not empty
if(empty($reviewer_desc)){
$formok = false;
$errors[] = "You have not entered your description";
}
//validate location is not empty
if(empty($reviewer_loc)){
$formok = false;
$errors[] = "You have not entered your location";
}
//send email if all is ok
if($formok){
$headers = "From: [email protected]" . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$emailbody = "<p>You have received a new product review pending approval from XZXZ.com</p>
<p><strong>Review Title: </strong> {$review_title} </p>
<p><strong>Rating: </strong> {rating} </p>
<p><strong>Pros: </strong> {$pros} </p>
<p><strong>Cons: </strong> {$cons} </p>
<p><strong>Best Uses: </strong> {$best_uses} </p>
<p><strong>Comments: </strong> {$comments} </p>
<p><strong>Upload: </strong> {$upload} </p>
<p><strong>Recommend: </strong> {$recommend} </p>
<p><strong>Name: </strong> {$reviewer_name} </p>
<p><strong>Description: </strong> {$reviewer_desc} </p>
<p><strong>Location: </strong> {$reviewer_loc} </p>
<p>This message was sent from the IP Address: {$ipaddress} on {$date} at {$time}</p>";
mail("[email protected]","New Pending Review",$emailbody,$headers);
//insert to database
require("/home/XZXZ/support/database.inc");
$SQL="INSERT INTO 'XZXZ_rvs'.'reviews_prod' (sub_date, sub_time, review_title, rating, pros, cons, best_uses, comments, upload, recommend, reviewer_name, reviewer_desc, reviewer_loc) VALUES ('$_POST[$sub_date]','$_POST[$sub_time]','$_POST[$review_title]','$_POST[$rating]','$_POST[$pros]','$_POST[$cons]','$_POST[$best_uses]','$_POST[$comments]','$_POST[$upload]','$_POST[$recommend]','$_POST[$reviewer_name]','$_POST[$reviewer_desc]','$_POST[$reviewer_loc]')";
}
//what we need to return back to our form
$returndata = array(
'posted_form_data' => array(
'review_title' => $review_title,
'rating' => $rating,
'pros' => $pros,
'cons' => $cons,
'best_uses' => $best_uses,
'comments' => $comments,
'upload' => $upload,
'recommend' => $recommend,
'reviewer_name' => $reviewer_name,
'reviewer_desc' => $reviewer_desc,
'reviewer_loc' => $reviewer_loc
),
'form_ok' => $formok,
'errors' => $errors
);
//if this is not an ajax request
if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest'){
//set session variables
session_start();
$_SESSION['cf_returndata'] = $returndata;
//redirect back to form
header('location: ' . $_SERVER['HTTP_REFERER']);
}
之前,你必須把會話開始請請請考慮將擴展'.php'您database.inc文件,如果有人在瀏覽器中導航到該文件,它將以計劃文本形式輸出,顯示所有數據庫連接參數! – Dale 2012-04-17 20:59:38
就做到了,謝謝你的提示,我繼承了這個項目,並通常與數據塊只編碼一切工作在同一個PHP文件時,而不是使用需要 – forevermetal02 2012-04-18 13:13:06
@Dale,這未必是真實的。設置'.inc'文件很容易被處理爲PHP(並且不向訪問者顯示源代碼)。但是,如果您將某個服務器移動到不支持'.htaccess'的服務器(或.htaccess文件未被傳輸),則將該擴展名保留爲默認值('.php')當使用FTP時,由於它被默認隱藏)。 – 0b10011 2012-04-18 15:55:40