1

我想制作一个简单的表单,如果未输入字段,则显示错误。我不知道该怎么做。这是我的代码:php代码:

<?php

    //include the connection file

    require_once('connection.php');

    //save the data on the DB and send the email

    if(isset($_POST['action']) && $_POST['action'] == 'submitform')
    {
        //recieve the variables

        $name = $_POST['name'];
        $email = $_POST['email'];
        $message = $_POST['message'];
        $ip = gethostbyname($_SERVER['REMOTE_ADDR']);

        //save the data on the DB

        mysql_select_db($database_connection, $connection);

        $insert_query = sprintf("INSERT INTO feedback (name, email, message, date, ip) VALUES (%s, %s, %s, NOW(), %s)",
                                sanitize($name, "text"),
                                sanitize($email, "text"),
                                sanitize($message, "text"),
                                sanitize($ip, "text"));

        $result = mysql_query($insert_query, $connection) or die(mysql_error());

        if($result)
        {
            //send the email

            $to = "abc@xyz.com";
            $subject = "New message from the website";

            //headers and subject
            $headers  = "MIME-Version: 1.0\r\n";
            $headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
            $headers .= "From: ".$name." <".$email.">\r\n";

            $body = "New contact<br />";
            $body .= "Name: ".$name."<br />";
            $body .= "Email: ".$email."<br />";
            $body .= "Message: ".$message."<br />";
            $body .= "IP: ".$ip."<br />";

            mail($to, $subject, $body, $headers);

            //ok message

            echo "Your message has been sent";
        }
    }

    function sanitize($value, $type) 
    {
      $value = (!get_magic_quotes_gpc()) ? addslashes($value) : $value;

      switch ($type) {
        case "text":
          $value = ($value != "") ? "'" . $value . "'" : "NULL";
          break;    
        case "long":
        case "int":
          $value = ($value != "") ? intval($value) : "NULL";
          break;
        case "double":
          $value = ($value != "") ? "'" . doubleval($value) . "'" : "NULL";
          break;
        case "date":
          $value = ($value != "") ? "'" . $value . "'" : "NULL";
          break;
      }

      return $value;
    }
    ?>

<form id="ContactForm" method="post" action="mail.php">
                            <div class="wrapper"><input class="input" name="name" id="name" type="text" value="Name:" onBlur="if(this.value=='') this.value='Name:'" onFocus="if(this.value =='Name:' ) this.value=''" ></div>
                            <div class="wrapper"><input class="input" name="email" id="email" type="text" value="E-mail:" onBlur="if(this.value=='') this.value='E-mail:'" onFocus="if(this.value =='E-mail:' ) this.value=''" ></div>
                            <div class="textarea_box"><textarea cols="1" rows="1" onBlur="if(this.value=='') this.value='Message:'" onFocus="if(this.value =='Message:' ) this.value=''" >Message:</textarea></div>
                            <input type="hidden" id="action" name="action" value="submitform" />
                            <input type="submit" class="button" id="submit" name="submit" value="Submit" /> <input type="reset" class="button" id="reset" name="reset" value="Reset" />
                        </form>
4

2 回答 2

1

在将信息保存到数据库之前,请检查每个提交的值是否包含有效数据。如果没有,请将字段名称放入数组中。验证完成后,检查数组是否为空。如果它为空,请将信息保存到您的数据库中。如果它被填充,则重新显示表单,填充提交的数据,以及他们犯了什么错误的易于阅读的通知,以便他们知道要修复什么。

需要研究的一些 PHP 函数是:filter_var()、、ctype_*empty()

仅供参考,您应该考虑从 mysql_* 函数迁移,因为它们很快就会消失。

于 2012-05-31T14:00:22.903 回答
0

为此,您应该创建一个执行空检查的代码块(因为这是您要检查的唯一内容)。下面给出一个简单的代码片段:

function checkFormErrors($name,$email,$message){
    //now we define a function to check for errors
    $errors = array();
    //define an error container
    if(empty($name)){
        //check the name field
        $errors[] = "You need to enter a name";
    }
    if(empty($email)){
        //check the email field
        $errors[] = "You need to enter an email address";
    }
    .... //do more checks for all fields here
    return $errors;
}
if(isset($_POST['action']) && $_POST['action'] == 'submitform'){
    //recieve the variables
    $name = $_POST['name'];
    $email = $_POST['email'];
    $message = $_POST['message'];
    $ip = gethostbyname($_SERVER['REMOTE_ADDR']);

    $errors = checkFormErrors($name,$email,$message);
    //check for errors
    if(empty($errors)){
        //continue with the processing you did above
        .....
    }
}


In you HTML file/page, you then need to put this above the form (feel free to style it
with css)
<?php
    if(isset($errors)){
        //the variable exists
        echo implode("<br />", $errors);
    }
?>

我在这里发表了一篇博文,还有一些有助于表单验证的脚本

希望这可以帮助!

于 2012-05-31T14:07:13.713 回答