我试图将自定义验证消息添加到此表单中,但无法弄清楚我的一生。任何帮助/建议不胜感激...谢谢。
我已经尝试了一些教程,但似乎没有什么适合我,我确信它很简单,但我似乎无法弄清楚。
谢谢
验证表格:
<?php
if (isset($_POST['insert'])) {
require_once('connection.php');
$OK = false;
$sql = 'INSERT INTO students (studentTitle, studentFirstName, studentLastName)
VALUES(:studentTitle, :studentFirstName, :studentLastName)';
$stmt = $conn->prepare($sql);
$stmt->bindParam(':studentTitle', $_POST['studentTitle'], PDO::PARAM_STR);
$stmt->bindParam(':studentFirstName', $_POST['studentFirstName'], PDO::PARAM_STR);
$stmt->bindParam(':studentLastName', $_POST['studentLastName'], PDO::PARAM_STR);
$stmt->execute();
$OK = $stmt->rowCount();
if ($OK) {
header('Location: http://localhost/mysqlquiz/student.php');
exit;
} else {
$error = $stmt->errorInfo();
if (isset($error[2])) {
$error = $error[2];
}
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Add Student Details</title>
<link href="css/style.css" rel="stylesheet" type="text/css">
</head>
<body>
<h1 class="header">New student details</h1>
<p><a href="student.php">Student Listing </a></p>
<?php
if (isset($error)) {
echo "<p class='warning'>Error: $error</p>";
}
?>
<?php
// define variables and set to empty values
$studentTitleErr = $studentFirstNameErr = $studentLastNameErr = "";
$studentTitle = $studentFirstName = $studentLastName = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["studentTitle"])) {
$studentTitleErr = "A title is required";
} else {
$studentTitle = test_input($_POST["studentTitle"]);
}
if (empty($_POST["studentFirstName"])) {
$studentFirstNameErr = "First name is required";
} else {
$studentFirstName = test_input($_POST["studentFirstName"]);
}
if (empty($_POST["studentLastName"])) {
$studentLastNameErr = "Last name is required";
} else {
$studentLastName = test_input($_POST["studentLastName"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<p>
<label for="studentTitle">Title:</label>
<select name="studentTitle" id="studentTitle" ><span class="error">* <?php echo $studentTitleErr;?></span>
<option value="Mr">Mr.</option>
<option value="Mrs">Mrs.</option>
<option value="Ms">Ms.</option>
<option value="Miss">Miss.</option>
</select>
</p>
<p>
<label for="studentFirstName">First Name:</label>
<input type="text" name="studentFirstName" id="studentFirstName" ><span class="error">* <?php echo $studentFirstNameErr;?></span>
</p>
<p>
<label for="studentLastName">Last Name:</label>
<input type="text" name="studentLastName" id="studentLastName" ><span class="error">* <?php echo $studentLastNameErr;?></span>
</p>
<p>
<input type="submit" name="insert" value="Add Details" id="insert">
<input type="reset" name="clear" value="Clear" id="clear">
<input name="studentID" type="hidden" value="<?php echo $studentID; ?>">
</p>
</form>
</body>
</html>
我已经更新了你的代码。 您应该先检查验证,然后插入。
<?php
// define variables and set to empty values
$studentTitleErr = $studentFirstNameErr = $studentLastNameErr = "";
$studentTitle = $studentFirstName = $studentLastName = "";
if (isset($_POST['insert'])) {
require_once('connection.php');
$error = $OK = false;
if (empty($_POST["studentTitle"])) {
$studentTitleErr = "A title is required";
$error = true;
} else {
$studentTitle = test_input($_POST["studentTitle"]);
}
if (empty($_POST["studentFirstName"])) {
$studentFirstNameErr = "First name is required";
$error = true;
} else {
$studentFirstName = test_input($_POST["studentFirstName"]);
}
if (empty($_POST["studentLastName"])) {
$studentLastNameErr = "Last name is required";
$error = true;
} else {
$studentLastName = test_input($_POST["studentLastName"]);
}
if($error == false)
{
$sql = 'INSERT INTO students (studentTitle, studentFirstName, studentLastName)
VALUES(:studentTitle, :studentFirstName, :studentLastName)';
$stmt = $conn->prepare($sql);
$stmt->bindParam(':studentTitle', $_POST['studentTitle'], PDO::PARAM_STR);
$stmt->bindParam(':studentFirstName', $_POST['studentFirstName'], PDO::PARAM_STR);
$stmt->bindParam(':studentLastName', $_POST['studentLastName'], PDO::PARAM_STR);
$stmt->execute();
$OK = $stmt->rowCount();
if ($OK) {
header('Location: http://localhost/mysqlquiz/student.php');
exit;
} else {
$error = $stmt->errorInfo();
if (isset($error[2])) {
$error = $error[2];
}
}
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Add Student Details</title>
<link href="css/style.css" rel="stylesheet" type="text/css">
</head>
<body>
<h1 class="header">New student details</h1>
<p><a href="student.php">Student Listing </a></p>
<?php
if (isset($error)) {
echo "<p class='warning'>Error: $error</p>";
}
?>
<?php
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<p>
<label for="studentTitle">Title:</label>
<select name="studentTitle" id="studentTitle" ><span class="error">* <?php echo $studentTitleErr;?></span>
<option value="Mr">Mr.</option>
<option value="Mrs">Mrs.</option>
<option value="Ms">Ms.</option>
<option value="Miss">Miss.</option>
</select>
</p>
<p>
<label for="studentFirstName">First Name:</label>
<input type="text" name="studentFirstName" id="studentFirstName" ><span class="error">* <?php echo $studentFirstNameErr;?></span>
</p>
<p>
<label for="studentLastName">Last Name:</label>
<input type="text" name="studentLastName" id="studentLastName" ><span class="error">* <?php echo $studentLastNameErr;?></span>
</p>
<p>
<input type="submit" name="insert" value="Add Details" id="insert">
<input type="reset" name="clear" value="Clear" id="clear">
<input name="studentID" type="hidden" value="<?php echo $studentID; ?>">
</p>
</form>
</body>
</html>
因为您的数据库插入操作首先运行,并且没有检查所需的字段数据以运行或不运行。因此,它会运行,成功后它会重定向并退出:
header('Location: http://localhost/mysqlquiz/student.php');
exit;
这将清除POST并且所需的字段逻辑永远不会运行。