0

I have created a small registration sticky form. Everything is working fine, but if I input any wrong value,like numbers in name, letters in age or even wrong email format, then still the data is saved in the database, I cannot figure out the validation problem. And another 1 is search option. Whenever I input any FirstName or lastname in the search box, it should display the name that is in the database or it will show an error message. Any 1 can suggest me what should I do.. Please see my coding below.

sticky_form codes...

<html>
<head>


<?php
global $fname,$lname,$gender,$age,$course,$email;

if(isset($_POST['register']))
{

    $fname=$_POST['fname'];
    $lname=$_POST['lname'];
    $gender=$_POST['gender'];
    $age=$_POST['age'];
    $course=$_POST['course'];
    $email=$_POST['email']; 

        if (preg_match("/[a-zA-Z ]+$/", $_POST['fname']))  {
            $fname = trim($_POST['fname']);
        }
         else 
        {
        echo '<p>The First name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
        //$error = true;
        }


        if (preg_match("/[a-zA-Z ]+$/", $_POST['lname']))  {
            $lname = trim($_POST['lname']);
        }
         else 
        {
        echo '<p>The last name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
        $error = true;
        }

        if(isset($_POST['gender']))
        {   
            $gender = $_POST['gender']; 
        }
        else
        {
            echo "<p>No gender found!</p>";
        }

        if (preg_match("/[a-zA-Z ]+$/", $_POST['age']))  {
            $age = trim($_POST['age']);
        }
         else 
        {
        echo '<p>Please enter age. Or your age contains illegal characters</p>';
        //$error = true;
        }

        if(isset($_POST['course']))
        {
             $course = $_POST['course'];
        }
        else
        {
            echo "<p>Please Select Course!</p>";

        }

        // Validate the email:
        if (preg_match("/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/", $_POST['email'] )){
        $email = trim($_POST['email']);
        }
        else 
        {
        echo '<p>The email is empty or has illegal characters! To edit please go the link Display Data Information</p>';
        //$error = false;
        }
        echo "<br/>";
        echo "<br/>";
        echo "<br/>";



}

    if($fname&&$lname&&$gender&&$age&&$email&&$course)
    {
    require_once('connection.php');
    $query = mysql_query("INSERT INTO members SET FirstName='$fname', LastName='$lname', Gender='$gender', Age='$age',          Email='$email', Course='$course'") or die(mysql_error());

        if($query){
            echo"Your Data Successfully Saved"; 
        }
        else
        {
            echo "Please recheck your Data!";
        }


}


?>
</head>

<body id="body">
<h2><strong>Register Student Account</strong></h2>
<form action="student_form.php" method="post" >
<table border="1" id="container">


  <tr>
    <td>First Name</td>
    <td>:</td>
    <td><input type="text" name="fname"  size="30" maxlength="50"/></td>
  </tr>

 <tr>
    <td>Last Name</td>
    <td>:</td>
    <td><input type="text" name="lname" size="30" maxlength="50"/></td>
  </tr>

  <tr>
    <td>Age</td>
    <td>:</td>
    <td><input type="text" name="age"  size="3" /></td>
  </tr>

    <tr>
    <td >Gender </td>
    <td> : </td>
    <td> Male
    <input type="radio" name="gender" value="Male"/>

    Female
    <input type="radio" name="gender" value="Female"/></td>

  </tr>


  <tr>
    <td valign="top">Course</td>
    <td valign="top"> : </td>
    <td> <input type="radio" name="course" value="Bachelor Of Computing"/>Bachelor Of Computing<br/>
   <input type="radio" name="course" value="Bachelor Of Science"/>Bachelor Of Science<br/> 
   <input type="radio" name="course" value="Bachelor Of Software Engineering"/>Bachelor Of Software Engineering<br/>
    <input type="radio" name="course" value="Bachelor Of Networking"/>Bachelor Of Networking<br/>
    <input type="radio" name="course" value="Bacelor Of IT"/>Bacelor Of IT <br/>
    <input type="radio" name="course" value="Bachelor Of Computer Science"/>Bachelor Of Computer Science<br/></td>

  </tr>

 <tr>
    <td>Email Address</td>
    <td>:</td>
    <td><input type="text" name="email"  size="30" maxlength="50"/></td>
</tr>


</table>
    <input type="submit" name="register" value="REGISTER"/>

</form><br>
<p><a href="student_form.php" >Home</a></p>
<p><a href="display_data.php">Display Data Information</a>
<p><a href="search.php">To search for Members</a>
</body>
</html>

and this is the search_form codes......

<html>
<head>
<?php
//require_once('student_form.php');
if(isset($_POST['s1'])){ 
$id=$_REQUEST['id']; 
$fname=$_POST['fname'];
    //connect  to the database 
include('connection.php');
//-query  the database table 
$sql=mysql_query("SELECT  * FROM members WHERE (FirstName LIKE '". $fname ."%' OR LastName LIKE '". $lname ."%'");
    //-run  the query against the mysql query function 
    $result=mysql_query($sql); 

    if($row=mysql_fetch_array($result)){ 
                $fname=$row['FirstName']; 
                $lname=$row['LastName']; 
                /*$email=$row['Email'];
                $age =$row['Age'];
                $gender=$row['Gender'];
                $course = $row['Course'];*/
    }
    //-display  the result of the array 
    else
    {
    <?php echo $rows['FirstName']; ?>
    <?php echo $rows['LastName']; ?>
    } 
} 
?>
</head>
<body>
<form action="search.php" method="post">
<table>
    <tr>
    <td><strong>search box</strong></td>
    <td><strong>:</strong></td>
    <td><input type="text" name="search" value=""size="30"/><input type="submit" name="s1" value="Search"/></td>

</table>
</form>
</body>
</html>
4

2 回答 2

1

你的变量就像$fname $lname $gender $age $email $course在 if 条件之后放在 if 条件 for 中isset($_POST['register'])。现在,即使您的验证有效,数据仍将输入数据库。因为你有条件

if($fname&&$lname&&$gender&&$age&&$email&&$course)

现在,当您在所有这些变量中只有一个值时,控制将进入该块。必须发生的是,您输入了错误的值,这些值正在得到验证,将显示消息,但是当第一个 if 块完成时,因为 $_POST 变量仍然有一些值,无论它们是否无效,第二个 if 块将被输入并且查询将被触发。

您可以做的是,无论您在哪里回显错误消息,都将相应的变量清空。像这样的东西:

if (preg_match("/[a-zA-Z ]+$/", $_POST['fname']))  {
    $fname = trim($_POST['fname']);
}
else 
{
    echo '<p>The First name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
    $fname = "";
}
于 2012-07-02T12:38:10.807 回答
0

至于你的第一个问题,不要检查$var,检查!empty($var)

第二个问题:我不确定我是否理解您要做什么。但是你不是说$row$rows你展示一些东西的时候吗?另外,如果您有多个搜索结果怎么办?你想要的是:

while($row=mysql_fetch_assoc($result)){
   echo $row['Firstname'], ' ', $row['LastName'];
}

而不是你的 if-else 结构。

于 2012-07-02T12:37:29.227 回答