PHP 验证问题 - 即使必填字段为空也提交表单

【问题标题】:PHP validation issue - form submitting even when required fields emptyPHP 验证问题 - 即使必填字段为空也提交表单
【发布时间】:2013-06-29 02:52:45
【问题描述】:

我是 PHP 新手,正在尝试创建一个包含所有必填字段的表单,包括必须选择文件的表单。这是我想要实现的目标:

  • 用户必须填写 4 个字段 + 上传文件
  • 文件只能是特定类型+在特定大小下
  • 如果用户未完成其中一项要求并单击提交,则空白字段旁边会显示“必填”字样
  • 如果所选文件不符合条件,则会显示不同的消息
  • 如果用户将某些内容留空并且必须返回填写,则数据会保留在已填写的字段中。
  • 当表单提交时,信息进入数据库 + 进入电子邮件

我很接近但缺少一些东西。如果我选择了符合要求的文件,即使其他字段为空,表单也会提交。只要表单字段为空,其他字段就会正常运行。我错过了什么?我将不胜感激任何帮助。谢谢。

        <?php require_once('../scripts/lcoa.php'); ?>
        <?php 
        if (isset($_GET['jobid'])) {
        $jobid = $_GET['jobid'];
        }
        if (isset($_GET['jobtitle'])) {
        $jobtitle = $_GET['jobtitle'];
        }
         //This is the directory where resumes will be saved 
        $timestamp = time();
        $folder = "../careers/resumes/"; 
        $resume = ($_FILES['resume']['name']);
        $target = $folder.basename($timestamp.$_FILES['resume']['name']); 
        $type = ($_FILES['resume']['type']);
        $extension = strtolower(substr($resume, strpos($resume, '.') + 1)); 
        $size = ($_FILES['resume']['size']);
        $max_size = 3145728;
        $name  = ($_POST['name']);
        $email  = ($_POST['email']);
        $phone  = ($_POST['phone']);
        $jobid = ($_POST['jobid']);
        $jobtitle = ($_POST['jobtitle']);
        $cover = ($_POST['coverletter']);
        $error=array();


            if(isset($name)){
                if (empty ($name)){
             $error['name']="<p class='error'>Required </p>";

                }
            }
            if(isset($email)){
                if (empty ($email)){
             $error['email']="<p class='error'>Required </p>";
                }
            }
            if(isset($phone)){
                    if (empty ($phone)){
                 $error['phone']="<p class='error'>Required </p>";
                    }
                }
            if(isset($cover)){
                    if (empty ($cover)){
                 $error['coverletter']="<p class='error'>Required </p>";
                    }
                }
        //Writes the resume to the server 
        if (isset ($resume)) {

            if (empty ($resume)){
                 $error['resume']="<p class='error'>Resume Required </p>";
                }

            if (!empty ($resume)){
                if(($extension=='doc'||$extension=='docx'||$extension=='txt'||$extension=='pdf')&&($type=='application/pdf'||'application/msword'||'application/vnd.openxmlformats-officedocument.wordprocessingml.document'||'text/plain')&&$size<=$max_size) {
                if(move_uploaded_file($_FILES['resume']['tmp_name'], $target)) {
                     //Writes the information to the database 
                $insertSQL = "INSERT INTO applicants (id, name, email, phone, jobid, jobtitle, coverletter, resume) VALUES ('','".$_POST['name']."','".$_POST['email']."','".$_POST['phone']."','".$_POST['jobid']."','".$_POST['jobtitle']."','".$_POST['coverletter']."','".$resume."')";
                mysql_select_db($database_lcoa, $lcoa);
                $Result1 = mysql_query($insertSQL, $lcoa) or die(mysql_error());
                //Sends Email
                    $sendto   = "emailaddress";
                    $name  = nl2br($_POST['name']);
                    $email  = nl2br($_POST['email']);
                    $phone  = nl2br($_POST['phone']);
                    $jobid = nl2br($_POST['jobid']);
                    $jobtitle = nl2br($_POST['jobtitle']);
                    $cover = nl2br($_POST['coverletter']);
                    $subject  = "Submitted Job Application";
                    $headers .= "Content-Type: text/html;charset=utf-8 \r\n";
                    $headers  = "From: " . strip_tags($email) . "\r\n";
                    $headers .= "Reply-To: ". strip_tags($email) . "\r\n";
                    $headers .= "MIME-Version: 1.0\r\n";
                    $headers .= "Content-Type: text/html;charset=utf-8 \r\n";
                    $msg  = "<html><body style='font-family:Arial,sans-serif;'>";
                    $msg .= "<h2 style='font-weight:bold;border-bottom:1px dotted #ccc;'>Job Application Submitted</h2>\r\n";
                    $msg .= "<p><strong>Applied for:</strong> ".$jobtitle."</p>\r\n";
                    $msg .= "<p><strong>Job ID:</strong> ".$jobid."</p>\r\n";
                    $msg .= "<p><strong>Applicant Name:</strong> ".$name."</p>\r\n";
                    $msg .= "<p><strong>Email:</strong> ".$email."</p>\r\n";
                    $msg .= "<p><strong>Phone:</strong> ".$phone."</p>\r\n";
                    $msg .= "<p><strong>Cover Letter:</strong> ".$cover."</p>\r\n";
                    $msg .= "<a href='http://domain.com/".$target."'>Download Resume</a>\r\n";
                    $msg .= "</body></html>";
                    if(@mail($sendto, $subject, $msg, $headers)) {
                        echo "";
                    } else {
                        echo "false";
                    }
                     //Tells you if its all ok 
                     echo "<div id='confirm-app'><p>Thank you for submitting your application.  Resumes submitted will be reviewed to determine qualifications that match our hiring needs.<br /><br />  If you are selected you will be contacted by a member of our recruiting team.</p><br /><br /><a href='../careers/job-postings.php'>Return to current opportunities</a></div>"; 
                     }
                }       
                     else { 
                     //Gives and error if its not 
                     echo "<p style='color: #6D6E71; font-family: Arial,Helvetica,sans-serif; font-size: 13px;'>We accept resumes in <strong>.doc</strong>, <strong>.docx</strong>, <strong>.pdf</strong>, or <strong>.txt</strong> formats, 3MB or less. Please <a href='javascript:history.back(-1);'>go back</a> to upload a file that meets these requirements.<br /><br />If you continue to experience errors, please report them.</p>"; 
                     die();
                     } 
                }
        }       
         ?>

【问题讨论】:

  • 您在代码中添加了错误,但您何时检查$error 是否为空?
  • OMG... 嗯,首先,您需要将 HTML 模板与 PHP 逻辑分开。第二:mail() 现在可能会按照您期望的方式工作,只要您移动到另一台主机即可。应该改用phpMailerswiftMailer。第三:您需要明确区分职责(编写一个处理上传的类,另一个用于数据验证等)。您正在编写无法维护的代码,并且其中充满了不良做法。说真的。

标签: php forms validation


【解决方案1】:

您必须在 if (!empty ($resume)) 附近再添加一个条件,检查您的 $error 数组是否为空,如果不为空,则打印错误,否则插入或发送电子邮件等

    if (!empty ($resume) && empty($error)){
      //do your stuff
    }else{
    //display errors
    }

【讨论】:

    【解决方案2】:

    您只是在执行数据库插入和电子邮件发送之前测试if (!empty ($resume)){ 和文件要求。您还必须测试其他元素是否正确。由于您正在构建一个名为 $error 的数组,因此您可以在执行数据库插入和电子邮件之前测试是否有 empty($error)

    【讨论】:

      猜你喜欢
      • 2017-08-15
      • 2013-06-14
      • 1970-01-01
      • 2015-04-30
      • 1970-01-01
      • 1970-01-01
      • 2021-05-25
      • 1970-01-01
      • 2014-03-07
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode