点击提交时,我得到一个错误,但它仍然在数据库中插入数据 [英] While clicking submit i get an error but its still inserting data in the database
本文介绍了点击提交时,我得到一个错误,但它仍然在数据库中插入数据的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我做了一个表格,当我没有填写表格时,我得到了一个错误,只是我想要的。
我作出的错误示例:
所以现在如果你按回车你需要得到一个错误。它给了我错误,但它插入空的数据是错误的,它不应该插入数据。
这是我的代码:
<?php
//连接到数据库
require('config.php') ; $ _
$ b $ if(isset($ _ POST ['companyname'])&& isset($ _ POST ['name'])&& isset($ _ POST ['surname' ])&& isset($ _ POST ['email'])&& isset($ _ POST ['function'])&& isset($ _ POST ['password'])){
//插入
$ companyname = mysqli_real_escape_string($ con,$ _POST ['companyname']);
$ name = mysqli_real_escape_string($ con,$ _POST ['name']);
$ surname = mysqli_real_escape_string($ con,$ _POST ['surname']);
$ email = mysqli_real_escape_string($ con,$ _POST ['email']);
$ function = mysqli_real_escape_string($ con,$ _POST ['function']);
$ password = mysqli_real_escape_string($ con,$ _POST ['password']);
$ companyname_error =;
函数test_input($ data)
{
$ data = trim($ data);
$ data = stripslashes($ data);
$ data = htmlspecialchars($ data);
返回$ data;
$ b $ if($ _SERVER [REQUEST_METHOD] ==POST){
//空
if(empty($ _ POST ['companyname'])){
$ companyname_error =companyname is required!;
} else {
$ companyname = test_input($ _ POST [companyname]);
//检查字符验证
if(!preg_match(/ ^ [^ AZ] + $ /,$ companyname)){
$ companyname_error =只能使用小信件和白色空间!;
}
}
}
// voer insert uit
$ sql = $ con > prepare(INSERT INTO company(companyname)VALUES(?));
$ sql-> bind_param('s',$ companyname);
$ sql-> execute();
//结果
$ result = $ sql-> get_result();
// id
$ companyId = mysqli_insert_id($ con);
//插入INTO
$ sql = $ con> prepare(INSERT INTO employee(name,surname,email,function,password,companyid)VALUES(? ,?,?,?,?,?));
$ sql-> bind_param('ssssss',$ name,$ surname,$ email,$ function,$ password,$ companyId);
$ sql-> execute();
$ result = $ sql-> get_result();
}
?>
HTML表单:
< form class =form_register_pagemethod =postaction =<?php echo htmlspecialchars($ _ SERVER [PHP_SELF]);?>>
< div class =form-group>
< label class =register_headers>全名< / label> < input class =form-controlid =namename =nameplaceholder =输入您的全名type =text>
< / div>
< div class =form-group>
< label class =register_headers>完整姓氏< / label> < input class =form-controlid =lastnamename =surnameplaceholder =输入您的姓氏type =text>
< / div>
< div class =form-group>
< label class =register_headers>公司名称< / label> < input class =form-controlid =companyname =companynameplaceholder =Enter your companytype =text>
< span class =error> *<?php echo $ companyname_error;?>< / span>
< / div>
< div class =form-group>
< label class =register_headers>函数< / label> < input class =form-controlid =functionname =functionplaceholder =输入您的功能type =text>
< / div>
< div class =form-group>
< label class =register_headers>电子邮件地址< / label> < input class =form-controlid =emailname =emailplaceholder =输入您的电子邮件地址type =text>
< / div>
< div class =form-group>
< label class =register_headers>密码< / label> < input class =form-controlid =passwordname =passwordplaceholder =输入您的密码type =password>
< / div>
< div class =form-group>
< div class =form-check>
< label class =form-check-label>< input class =form-check-inputtype =checkbox>我同意< b>服务条款中的所有声明< / b>< / label>
< / div>
< / div>< button class =click_moretype =submit>注册< / button>
< span class =error>
<?php
echo $ companyname_error;
?>
< / span>
< / form>
解决方案
您的$ sql-> execute因为它们完全在测试错误条件的代码块之外运行,并且没有对引发的错误进行单独测试。如果您将插入内置于$ companyname_error为空的测试中,您将无法获得插入。例如
if(空($ comanyname_error))
{
在这里插入
}
I made a form and when i don't fill in the form i get an error just how i wanted. Example of the error i made:
Error if you dont fill in anything
error if you fill in capital letters
so now if you press enter you need to get a error. Its giving me the error but then its inserting empty data which is wrong, it should not insert data at all.
THIS IS MY CODE:
<?php
// Connecting to database
require('config.php');
if (isset($_POST['companyname']) && isset($_POST['name']) && isset($_POST['surname']) && isset($_POST['email']) && isset($_POST['function']) && isset($_POST['password'])) {
// Values to insert
$companyname = mysqli_real_escape_string($con, $_POST['companyname']);
$name = mysqli_real_escape_string($con, $_POST['name']);
$surname = mysqli_real_escape_string($con, $_POST['surname']);
$email = mysqli_real_escape_string($con, $_POST['email']);
$function = mysqli_real_escape_string($con, $_POST['function']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$companyname_error = "";
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// empty
if (empty($_POST['companyname'])) {
$companyname_error = "companyname is required!";
} else {
$companyname = test_input($_POST["companyname"]);
//check characters validation
if (!preg_match("/^[^A-Z]+$/", $companyname)) {
$companyname_error = "Only use small letters and white spaces!";
}
}
}
// voer insert uit
$sql = $con->prepare("INSERT INTO company (companyname) VALUES (?)");
$sql->bind_param('s', $companyname);
$sql->execute();
//RESULT
$result = $sql->get_result();
// id
$companyId = mysqli_insert_id($con);
//insert INTO
$sql = $con->prepare("INSERT INTO employee (name, surname, email, function, password, companyid) VALUES (?, ?, ?, ?, ?, ?)");
$sql->bind_param('ssssss', $name, $surname, $email, $function, $password, $companyId);
$sql->execute();
$result = $sql->get_result();
}
?>
HTML form:
<form class="form_register_page" method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<div class="form-group">
<label class="register_headers">full name</label> <input class="form-control" id="name" name="name" placeholder="Enter your full name" type="text">
</div>
<div class="form-group">
<label class="register_headers">Full last name</label> <input class="form-control" id="lastname" name="surname" placeholder="Enter your last name" type="text">
</div>
<div class="form-group">
<label class="register_headers">company name</label> <input class="form-control" id="company" name="companyname" placeholder="Enter your company" type="text">
<span class="error">* <?php echo $companyname_error;?></span>
</div>
<div class="form-group">
<label class="register_headers">function</label> <input class="form-control" id="function" name="function" placeholder="Enter your function" type="text">
</div>
<div class="form-group">
<label class="register_headers">E-Mail adress</label> <input class="form-control" id="email" name="email" placeholder="Enter your E-Mail adress" type="text">
</div>
<div class="form-group">
<label class="register_headers">Password</label> <input class="form-control" id="password" name="password" placeholder="Enter your password" type="password">
</div>
<div class="form-group">
<div class="form-check">
<label class="form-check-label"><input class="form-check-input" type="checkbox"> I agree all statements in <b>terms of service</b></label>
</div>
</div><button class="click_more" type="submit">Register</button>
<span class="error">
<?php
echo $companyname_error;
?>
</span>
</form>
解决方案
Your $sql->execute() statements are always run because they are completely outside the code blocks which tests for the error conditions and there is no separate test for the errors having being raised. If you put the inserts inside a test for $companyname_error being empty you won't get the inserts. eg
if (empty($comanyname_error))
{
do your inserts here
}
这篇关于点击提交时,我得到一个错误,但它仍然在数据库中插入数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
