1

我的注册表单和验证它的脚本有问题(检查它是否有空白)。具体来说,如果注册表单中有一个或多个字段留空,则我的注册表单中的提交按钮的值会不断弹出错误消息。

以下是我用来检查注册表单中的空白的代码的摘录。

case "Register":
    //Checks for blank fields
    var_dump($_POST);
    foreach($_POST as $fields=>$rvalue)
    {
        if($rvalue=="Button")
                {       
                    continue;
                }
        //Checks if fields other than rdesc are empty
        if($fields!=="rdesc")
        {

            if(empty($rvalue))
            {
                //stores the empty field into an array
                $blanks[]=$rvalue;
            }
            else
            {
                $good_data[$fields]=strip_tags(trim($rvalue));
            }
        }
    }
    //If there are bank fields, the following code will execute.
    if(isset($blanks))
    {
        $errormsg="The fields below cannot be blank.Please fill all the fields: ";
        extract($good_data);
        $errormsg.="$rvalue ";
        include("Register.php");
        exit();
    }

include("LoginPage.php");

?>

这是我的注册表

<?php
$regfields=array("remail"=>"Email","remail2"=>"Re-enter Email","rusername"=>"Username","rpassword"=>"Password","rpassword2"=>"Re-enter Password","rbiz"=>"BizName","rdesc"=>"Desc");
?>

<html>
<body>
<h3>Registration</h3>
<form action="Login.php" name="RegisterForm" method="post" >
<table border="0">

<?php

if(isset($errormsg))
{
    echo"$errormsg";
}

foreach($regfields as $field=>$value)
{

    if($field=="rdesc")
    {
        echo"<tr>";
        echo"<td>";
        echo"<label for='$field'>$value: </label>";
        echo"</td>";
        echo"<td>";
        echo"<input type='text' name='$field' size='300' maxlength='300' style='width:400px;height:100px; \n' /></td></tr>";
        echo"<tr>";
        echo"<td>";
This Register value keeps showing up--->echo"<input type='submit' name='Button' value='Register'/>";
        echo"</td>";
        echo"<tr>";
    }
    else if($field=="remail"||$field=="remail2")
    {
        echo"<tr>";
        echo"<td>";
        echo"<label for='$field'>$value: </label>";
        echo"</td>";
        echo"<td>";
        echo"<input type='text' name='$field' size='40' maxlength='50' /></td></tr>";

    }
    else if($field=="rpassword"||$field=="rpassword2")
    {
        echo"<tr>";
        echo"<td>";
        echo"<label for='$field'>$value: </label>";
        echo"</td>";
        echo"<td>";
        echo"<input type='password' name='$field' size='40' maxlength='50' /></td></tr>";

    }
    else
    {
        echo"<tr>";
        echo"<td>";
        echo"<label for=$field>$value: </label>";
        echo"</td>";
        echo"<td>";
        echo"<input type='text' name='$field' size='40' maxlength='50'/>";
        echo"</td>";
        echo"</tr>";
    }
}

?>

我尝试使用 var dump 来查看里面有什么$_POST,我得到了:

array(8) { ["remail"]=> string(5) "Email" ["remail2"]=> string(5) "Email" ["rusername"]=> string(0) "" ["rpassword"]=> string(6) "Testpw" ["rpassword2"]=> string(6) "Testpw" ["rbiz"]=> string(8) "Testname" ["rdesc"]=> string(8) "TestDesc" ["Button"]=> string(8) "Register" } **Register***<---This is the register value i was talking about that is outside of the array.

和错误信息

以下字段不能为空。请填写所有字段:注册

但是,当我填写没有任何空白的注册表单时,var dump 给了我:

array(8) { ["remail"]=> string(5) "Email" ["remail2"]=> string(5) "Email" ["rusername"]=> string(8) "TestUser" ["rpassword"]=> string(6) "Testpw" ["rpassword2"]=> string(6) "Testpw" ["rbiz"]=> string(8) "Testname" ["rdesc"]=> string(8) "TestDesc" ["Button"]=> string(8) "Register" }

数组外部的“寄存器”消失了。

我已经添加了代码

if($rvalue=="Button")
{       
    continue;
}

尝试跳过提交按钮的“注册”值,但它似乎不起作用。

有人可以告诉我如何从错误消息中删除“注册”值,以便正确显示留空的字段吗?

编辑:这些是完整的代码

登录.php

session_start();

switch ($_POST["Button"]) { case "登录": include("cxn.inc"); $cxn=mysqli_connect($host,$user,$pw,$db) or die("无法连接数据库"); $query="SELECT * FROM Users WHERE username='$_POST[lusername]'"; $result=mysqli_query($cxn,$query) or die (" Cant find Username from Users table"); $num=mysqli_num_rows($result);

        if($num>0)//Username is found
        {
            $query="SELECT * FROM Users WHERE Password='$_POST[lpassword]'";
            $result2=mysqli_query($cxn,$query)or die("Cant find Password");
            $num2=mysqli_num_rows($result2);
            if($num2>0)//Password is found
            {
                $_SESSION['Auth']="Yes";
                $_SESSION['Type']="Admin";
                header("Location:AdminMain.php");
            }
            else
            {
                echo"Invalid Username and/or Password";
            }

        }
        elseif($num==0)//Executes when Username not found in Users table
        {
            $query="SELECT * FROM SubUsers WHERE Username='$_POST[lusername]'";
            $result3=mysqli_query($cxn,$query) or die(" Cant find Username from SubUsers table");
            $num3=mysqli_num_rows($result3);
            if($num3>0)//Username is found
            {
                $query="SELECT * FROM SubUsers WHERE Password='$_POST[lpassword]'";
                $result4=mysqli_query($cxn,$query);
                $num4=mysqli_num_rows($result4);
                if($num4>0)//Password is found
                {
                    $_SESSION['Auth']="Yes";
                    $_SESSION['Type']="Sub";
                    header("Location:SubMain.php");
                }
                else
                {
                    echo"Cant find Password";
                }
            }
            else
            {
                echo"Username and/or Password is non-existent";
            }
        }
        else
        {
            echo"Invalid Username and/or Password entered";
        }


    break;

case "Register":
    //Checks for blank fields
    var_dump($_POST);
    foreach($_POST as $fields=>$rvalue)
    {
        if($fields=="Button"&& $rvalue == "Register")
                {       
                    continue;
                }
        //Checks if fields other than rdesc are empty
        if($fields!=="rdesc")
        {

            if(!empty($rvalue))
            {
                //stores the empty field into an array
                $blanks[]=$fields;
            }
            else
            {
                $good_data[$fields]=strip_tags(trim($rvalue));
            }
        }
    }

    if(!empty($blanks))
    {
        $errormsg="The fields below cannot be blank.Please fill all the fields: ";
        extract($good_data);
        $errormsg.="$rvalue ";
        include("Register.php");
        exit();
    }

}

包括(“登录页面.php”);

?>

4

3 回答 3

2

您正在循环中测试 的字段Button但实际上它是您需要测试的字段名称。<input type="submit">发送它的值,Register这就是你在你的print_r().

// Skip the submit button by name, not value
if($fields == "Button")
{       
   continue;
}

如果您有更多名为 的提交输入Button,您还可以测试该值,因为只有被单击的那个会被提交给 中的 PHP $_POST,尽管这里没有必要。

if($fields == "Button" && $rvalue == "Register")
{       
   continue;
}

接下来,如果您已将数组$blanks显式声明为:

$blanks = array();

...而不是允许它在第一个空白字段上隐式声明

if(empty($rvalue))
{
    //stores the empty field into an array
    $blanks[]=$rvalue;
}

...那么您以后的检查isset($blanks)将始终为true,并且在 中迭代的最后一个元素foreach将附加到错误消息中。在这种情况下,它恰好是Register,即使它在循环体中被跳过。

相反,通过检查空数组empty()

if (!empty($blanks)) 
{
   $errormsg="The fields below cannot be blank.Please fill all the fields: ";
   // etc...
}

而不是$rvalue在错误消息中使用(它将始终保存循环中的最后一个数组元素,无论它在哪里失败),内爆$blanks.

if (!empty($blanks)) 
{
   $errormsg = "The fields below cannot be blank.Please fill all the fields: ";
   $errormsg .= implode(", ", $blanks);
}
于 2013-05-30T16:20:07.113 回答
1

尝试

if($fields=="Button")
{       
    continue;
}

$rvalue 是值,您需要密钥;)

于 2013-05-30T16:21:55.267 回答
1

这里的第一个逻辑问题:

if(empty($rvalue))
        {
            //stores the empty field into an array
            $blanks[]=$rvalue;
        }

您将空虚存储到$blanks[]:P 您的意思是存储$fields

这里的第二个问题: $errormsg.="$rvalue ";在 的所有迭代结束时foreach($_POST as $fields=>$rvalue)$rvalue将保存 $_POST 的最后一个元素的值,在这种情况下恰好是rdesc。因此,提交按钮的值每次都会弹出。

需要做的是这样的:

foreach($blanks as $field_left_blank)
{
 $errormsg.="$field_left_blank ,";
}
于 2013-05-30T16:56:55.773 回答