0

请检查代码,我在哪里错了。表单没有提交值。页面正在刷新但没有发布值。我不知道发生了什么。请检查代码并找出错误。我也使用过此代码也在另一个应用程序上。它在那里工作但不在这里

<?php
    if ($username && $userid) {
        echo "you are already logged in as $dbuser.<a href='w-post.php'> Click here to go to Post area</a>";
    }

    else {
        $form = "<form method=post action=123.php autocomplete=off enctype=multipart/form-data>

    <table width=759 border=1>
        <tr>
            <td width=749>
                <table width=756 border=1>
                    <tr>
                        <td colspan=3 bgcolor=#d9d9d9>
                            <div align=center class=style1><font color=#003366>PERSONAL INFORMATION</font></div>
                        </td>
                    </tr>
                    <tr>
                        <td width=196>
                            <div class=label-text>Email Address</div>
                        </td>
                        <td width=297>
                            <div class=accountboxes><input type=text class=accounttextboxes id=txtemail name=txtemail
                                                           size=50/>
                            </div>
                        </td>
                        <td width=241>&nbsp;</td>
                    </tr>
                    <tr>
                        <td width=196>
                            <div class=label-text>Password</div>
                        </td>
                        <td width=297>
                            <div class=accountboxes><input type=password class=accounttextboxes id=txtpass name=txtpass
                                                           size=50/>
                            </div>
                        </td>
                        <td width=241>&nbsp;</td>
                    </tr>
                    <tr>
                        <td width=196></td>
                        <td width=297><input name=submit type=submit id=submit value=submit/>

                        <td width=241>&nbsp;</td>
                    </tr>
                </table>
            </td>
        </tr>
    </table>
    </td>
    </tr>
    </table>
</form>";

        if (isset($_POST['submit'])) {
            $user = $_POST['txtemail'];
            $pass = $_POST['txtpass'];
            if ($user) {
                if ($password) {
                    $password = md5($pass);
                    //echo $epassword;
                    $query   = mysql_query("SELECT * from users where email='$user'");
                    $numrows = mysql_num_rows($query);
                    if ($numrows == 1) {
                        $row      = mysql_fetch_assoc($query);
                        $id       = $row['id'];
                        $dbuser   = $row['name'];
                        $dbpass   = $row['password'];
                        $activate = $row['activation'];
                        if ($password == $dbpass) {
                            if ($activate == '1') {
                                $_SESSION['name']  = $dbuser;
                                $_SESSION['id']    = $id;
                                $_SESSION['email'] = $email;
                                header('location:forms.php');
                                exit();
                            }
                            else {
                                $error_account = 'Your Account is not activated yet';
                            }
                            echo $form;
                        }
                        else {
                            $error_pass = 'You entered an incorrect password';
                        }
                        echo $form;
                    }

                    else {
                        $error_email = 'Email Address not found';
                        echo $form;
                    }

                }

                else {
                    $enter_pass = 'Enter your password';
                    echo $form;
                }

            }
            else {
                $enter_email = 'Enter email address';
                echo $form;
            }

        }

        else {
            echo $form;
        }

    }
?>
4

2 回答 2

2

post为了安全起见,您应该123.php在整个 HTML 中引用所有属性值,例如等。否则(假设您使用的是 HTML 而不是 XHTML - 其中引用的字符串是强制性的)任何无效字符都会使 HTML 无效并且您的代码可能会中断,这肯定是您的代码可能发生的一件事。

使用 HEREDOC 语法:

$form = <<<EOD
<form method="post" action="123.php" autocomplete="off" enctype="multipart/form-data">
<table width="759" border="1">
  <tr>

<!-- Rest of HTML code -->

EOD;
于 2012-07-29T16:02:04.623 回答
0

如果你这样做,你的代码会简单得多:

if (isset($_POST['submit'])) {
 $error = 0;
 $errorMessages = array();
 $user = $_POST['txtemail'];
 $pass = $_POST['txtpass'];
 if (!$user) {
  $errors++;
  $errorMessages[] = "Please enter your email address";
 }
 ...//rest of the form check
 if($errors == 0) {
  //do what you want with the data
 }
}

所以你没有那么多括号等等。

于 2012-07-29T16:36:59.757 回答