代码区项目交易流程

PHP form validation for a store does not work


So I tried to make aphp form for my online shop, where a customer can enter their name, adress, email..., but the validation doesn't seem to work properly. It always stays on the same page(instead of going to the insert.php file) as if the entered data was wrong, even if it isn't.

<?php $nameErr = $emailErr = $codeErr = $cityErr = $streetErr = $fakturaErr = ""; $name_ok = $email_ok = $code_ok = $city_ok = $street_ok = 0; $name = $email = $code = $city = $street = $info = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["name"])) { $nameErr = "Pole wymagane"; } else{ $name = test_input($_POST["name"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$name)) { $nameErr = "Dozwolone tylko litery"; } else{ $name_ok=1; } } if (empty($_POST["code"])) { $codeErr = "Pole wymagane"; } else { $code = test_input($_POST["code"]); // check if name only contains letters and whitespace if (!preg_match("/^[0-9 ]*$/",$code)) { $codeErr = "Niewaciwy format kodu"; } else{ $code_ok=1; } } if (empty($_POST["city"])) { $cityErr = "Pole wymagane"; } else{ $city = test_input($_POST["city"]); // check if city only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$city)) { $cityErr = "Dozwolone tylko litery"; } else{ $city_ok=1; } } if (empty($_POST["street"])) { $streetErr = "Pole wymagane"; } else { $street = test_input($_POST["street"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$street)) { $streetErr = "Dozwolone tylko litery"; } else{ $street_ok=1; } } if (empty($_POST["email"])) { $emailErr = "Email is required"; } else { $email = test_input($_POST["email"]); // check if e-mail address is well-formed if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Niewaciwy format adresu e-mail"; } else{ $email_ok=1; } } $action = ""; if($name_ok==1 && $code_ok==1 && $city_ok==1 && $street_ok==1 && $email_ok==1) { $action = "insert.php"; } else { $action = "#"; } /*if (empty($_POST["comment"])) { $comment = ""; } else { $comment = test_input($_POST["comment"]); } if (empty($_POST["gender"])) { $genderErr = "Gender is required"; } else { $gender = test_input($_POST["gender"]); } */ } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } ?> <div class="all"> <form action="<?php echo $action; ?>" method="post"> <font color="#A20B0B">*Pola wymagane</font><br><br> Imi i nazwisko: <input type="text" name="name"> <span class="error"><font color="#A20B0B">* <?php echo $nameErr;?></font></span> <br><br> Kod pocztowy: <input type="text" name="code"> <span class="error"><font color="#A20B0B">* <?php echo $codeErr;?></font></span> <br><br> Miasto: <input type="text" name="city"> <span class="error"><font color="#A20B0B">* <?php echo $cityErr;?></font></span> <br><br> Ulica: <input type="text" name="street"> <span class="error"><font color="#A20B0B">* <?php echo $streetErr;?></font></span> <br><br> E-mail: <input type="text" name="email"> <span class="error"><font color="#A20B0B">* <?php echo $emailErr;?></font></span> <br><br> <label>Dodatkowe informacje: <textarea name="info" rows="5" cols="40"></textarea> <br><br> Faktura: <input type="radio" name="faktura" value="tak">Tak <input type="radio" name="faktura" value="nie">Nie <span class="error"><font color="#A20B0B">* <?php echo $fakturaErr;?></font></span> <br><br> <input type="submit" name="submit" value="Submit" id="register" disabled> </form> </div>

You submit the input values, after you check whether the inputs are valid or not If no redirect to next index page.

As per your code $action will get empty value. Thats why Its not redirected

insert.php

function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } if (empty($_POST["name"])) { $nameErr = "Pole wymagane"; } else{ $name = test_input($_POST["name"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$name)) { $nameErr = "Dozwolone tylko litery"; } else{ $name_ok=1; } } // Paste you other post values code here if($name_ok==1 && $code_ok==1 && $city_ok==1 && $street_ok==1 && $email_ok==1) { // Do INSERT } else { header('Location:index.php'); }

HTML

<form action="insert.php" method="post">

本文开发(php)相关术语:php代码审计工具 php开发工程师 移动开发者大会 移动互联网开发 web开发工程师 软件开发流程 软件开发工程师

点击收藏

LAST Serverless PHP on AWS Lamda PHP安全新闻早八点-高级持续渗透-第六季关于后门 NEXT