所以我的php驗證有兩個檢查函數,首先檢查一個空的名稱或密碼項,其次如果用戶在輸入他的名字時輸入不需要的字符,問題是如果用戶輸入不需要的字符或數字在'名稱'條目中,表單仍然保存到數據庫中,如果用戶將名稱和密碼字段留空並顯示錯誤,則不會將任何內容保存到數據庫,這意味着一半我的驗證檢查工作正常。誰能幫我嗎 ?php/mysql表單驗證問題
<?php
// Connect to data base
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "myDB";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// define variables and set to empty values
$nameErr = $userpasswordErr = "";
$name = $userpassword = "";
//check for error
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//validate name and password
if (
empty($_POST["name"]) ||
empty($_POST["userpassword"] ||
!preg_match("/^[a-zA-Z ]*$/",$name))
) {
$nameErr= "* Incorrect username or password ";
} else {
$name = test_input($_POST["name"]);
$userpassword = test_input($_POST["userpassword"]);
$sql = "INSERT INTO users(name,email)
VALUES ('$name','$userpassword')";
if ($conn->query($sql) === true) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<span class="error"></span>
<form method="post" action="<?php echo htmlspecialchars ($_SERVER["PHP_SELF"]);?>">
name : <input type="text" name="name" value="<?php echo $name;?>"/>
<span class="error"><?php echo $nameErr ;?> </span>
<br/><br/>
password : <input type="text" name="userpassword" value="<?php echo $userpassword ; ?>">
<span class="error"><?php echo $userpasswordErr ;?> </span>
<br/><br/>
<input type="submit" name="submit" value="Submit"/>
</form>
我想你想改變'!的preg_match( 「/^[A-ZA-Z] * $ /」,$名字)'''preg_match(「/^[a-zA-Z] * $ /」,$ _ POST ['name'])'''''''''''''''現在你不會運行正在運行的正則表達式,你的空的$ name變量。 – Drew
我建議你看看[Respect Validator](http://respect.github.io/Validation/)。您可以節省大量時間,而不是再次發明輪子。 – Sanoob