在php中的注册表格
$error1='';
$error2='';
$error3='';
$error4='';
$error5='';
$error6='';
$yourname='';
$email='';
$email2='';
$password='';
$password2='';
$country='';
if (isset($_POST['Registerme']))
{
$_POST['yourname']=$yourname;
$_POST['email']=$email;
$_POST['email2']=$email2;
$_POST['password']=$password;
$_POST['password2']=$password2;
$_POST['country']=$country;
if($yourname==''){
$error1='name required';
}
if($email==''){
$error2='email required';
}
if($email2==''){
$error3='required field';
}
if($password==''){
$error4='password required';
}
if($password2==''){
$error5='required field';
}
if($country==''){
$error6='country required';
}
if(empty($error1) && empty($error2) && empty($error3) && empty($error4) && empty($error5) && empty($error6))
{echo 'mysql query goes here and add the user to database';}
}///main one
else {$error1='';
$error2='';
$error3='';
$error4='';
$error5='';
$error6='';}
这是一个注册验证脚本。在我的注册表单中有两个电子邮件和密码filelds.second字段用于确认。我想检查天气用户在这两个字段中键入相同的信息。如果我想在这个脚本中这样做,我应该使用另一个if语句吗?或者我应该使用其他如果?我对这一步感到困惑......在php中的注册表格
一些意见:
- 您必须清理输入!看看best method for sanitizing user input with php。
- 你的任务:取代“$ _POST ['yourname'] = $ yourname;”它应该是“$ yourname = $ _ POST ['yourname'];”。
- 您正在使用很多变量进行错误控制,之后如果一切顺利,您只需忘记最后一个else块中的错误消息。使用某种数组作为错误字符串,并使用它!
- 你确定你没有验证用户名/密码不包含空格或怪异字符,或电子邮件有效吗?
一些示例代码...:
// Simple sanitize function, complete it
function sanitize_input ($inputstr) {
return trim(mysql_real_escape_string($inputstr));
}
if (isset ($_POST['Registerme']) {
// array of error messages to report
$error_messages = array();
$isvalid = true;
// Assignment
$yourname = sanitize_input ($_POST['yourname']);
$email = sanitize_input ($_POST['email']);
$email2 = sanitize_input ($_POST['email2']);
$password = sanitize_input ($_POST['password']);
$password2 = sanitize_input ($_POST['password2']);
$country = sanitize_input ($_POST['country']);
// Validation
if (empty ($yourname)) {
$error_messages[] = "You must provide an username";
}
if (empty ($password)) {
$error_messages[] = "You must provide a password.";
}
elseif ($password !== $password2) {
$error_messages[] = "Passwords do not match.";
}
// Same for email, you caught the idea
// Finally, execute mysql code if all ok
if (empty($error_messages)) {
// Execute mysql code
isvalid = true;
}
}
// After form processing, use isvalid which is false if there are errors
// and the error_messages array to report errors
写了答案花费了太多的时间,在此期间很多答案! – roirodriguez 2011-06-08 11:51:56
为你的第二条if语句添加附加条件。 例如
if($email=='' || $email != $email2){
...
只需添加简单的检查。我不会把检查与一般密码检查结合起来 - 因为我可以想象你想告诉用户出了什么问题刚好是。
if ($password1 !== $password2) {
// Add an specific error saying the passwords do not match.
}
我将取代宽松错误的用户喜欢的数组:
$aErrors = array();
if ($password1 !== $password2) {
$aErrors[] = 'Another specific error!';
}
if (empty($password1) || empty($password2)) {
$aErrors[] = 'Another specific error';
}
if (empty($aErrors)) {
// Process the form!
}
有许多与你的代码问题。
1. You are assinging $_POST['key'] = $somevalue, while I think you mean $somevar = $_POST['key']
2. Use an array for all error messages as it'll make your life a bit easier ..
3. To compare password use something like
if ($password1 !== $password2) {
}
所以.....
$errors = array();
所以你最好检查类似的东西..
if ($password1 !== $password2) {
$errors[] = 'Password dont match';
}
if(count($errors) > 0) { //if there are errors
foreach($errors as $err) {
echo $err.' <br />';
}
} else {
// whatever you want to do if no error
}
,我也会推荐您使用前消毒$ _ POST值他们在你的查询。 我希望它有帮助。
我想你的意思要做到这一点:
$yourname = $_POST['yourname'];
$email = $_POST['email'];
$email2 = $_POST['email2'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$country = $_POST['country'];
二本作使用错误数组:
$errors = array();
三使用嵌套IFS(只是一个建议)
if (!empty($_POST['password1'])) {
if ($_POST['password1'] != $_POST['password2']) {
$errors[] = '<font color="red">The 2 passwords you have entered do not match.</font>';
} else {
$password = $_POST['password1'];
}
} else {
$errors[] = '<font color="red">Please provide a password.</font>';
}
哎呀!没有意识到答案已经发布...... – knurdy 2011-06-08 11:40:38
快速提示:以与阵列'$ aErrors'替换$ ERROR1〜6和检查'如果(空($ aErrors))'在端。 – 2011-06-08 11:19:19
就像一个小小的领导者一样,你的变量赋值是错误的,在'isset($ _ POST ['Registerme'])''后面给$ _POST'变量赋值,而不是局部变量。 – gnur 2011-06-08 11:20:47
编辑: - 也我想给每个验证 – 2011-06-08 11:21:17