我对php场景还很陌生,但由于我已经搜索了几个小时关于这段代码可能有什么问题,我不知所措。由于某种原因,FILTER_VALIDATE_EMAIL和唯一电子邮件签入数据库不起作用,它们被完全跳过。我知道这一点,因为当提交表单时,它会在最后一个catch(PDOExceptions $ex)
(未显示,但在下面的最后一块代码之后)上弹出一个错误,而不是之前设置的任何其他错误(如图所示)。在尝试将表单数据插入数据库之前,不会发生(或显示)错误。由于电子邮件索引是唯一的,因此不允许重复插入。因此查询无法运行,并且die()
的。我正在尝试发布消息,说明电子邮件无效,或者它已经在没有die()
的表单上使用。
首先,我设置了提交空输入的条件,并对所有其他输入重复错误处理,如"fname"所示。
if (isset($_POST['submit'])) {
if(empty($_POST['fname']) ||
empty($_POST['lname']) ||
empty($_POST['email']) ||
empty($_POST['password']))
{
if(empty($_POST['fname']))
{
$fnamerr = "<font color='"red'">Please enter your first name</font>";
}
然后我验证!空:
}
else if (!empty($_POST['fname']) &&
!empty($_POST['lname']) &&
!empty($_POST['email']) &&
!empty($_POST['password']))
{
if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
{
$emailerr = "<font color='"red'">Please enter a valid email address</font>";
}
$query = "
SELECT
1
FROM users
WHERE
email = :email
";
$query_params = array(
':email' => $_POST['email']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die ("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
$emailerr = "<font color='"red'">This email address is already registered</font>";
}
这个代码出了什么问题?或者可能是FILTER_VALIDATE_EMAIL和唯一电子邮件签入数据库被完全跳过的原因?提前谢谢。
http://php.net/manual/en/function.filter-var.php返回过滤后的值,因此
$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
if(false !== $email) {
$query = "
SELECT
1
FROM users
WHERE
email = :email
";
$query_params = array(
':email' => $email
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die ("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row) {
$emailerr = "<font color='"red'">This email address is already registered</font>";
}
else {
// ...insert record...
}
}
else {
$emailerr = "<font color='"red'">Please enter a valid email address</font>";
}
我终于明白了,对于那些可能正在寻找相同信息的人来说。
if (isset($_POST['submit']))
{
if(empty($_POST['fname']) ||
empty($_POST['lname']) ||
empty($_POST['email']) ||
empty($_POST['password']))
{
if(empty($_POST['fname']))
{
$fnamerr = "<font color='"red'">Please enter your first name</font>";
}
同样,我对姓氏、电子邮件和密码做了同样的处理,如果它们是空的。然后:
} else if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
{
$emailerr = "<font color='"red'">Please enter a valid email address</font>";
$submitted_firstname = htmlentities($_POST['fname'], ENT_QUOTES, 'UTF-8');
$submitted_lastname = htmlentities($_POST['lname'], ENT_QUOTES, 'UTF-8');
$submitted_email = htmlentities($_POST['email'], ENT_QUOTES, 'UTF-8');
} else if (!empty($_POST['fname']) &&
!empty($_POST['lname']) &&
!empty($_POST['email']) &&
!empty($_POST['password']))
{
$query = "
SELECT
1
FROM users
WHERE
email = :email
";
$query_params = array(
':email' => $_POST['email']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die ("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if ($row)
{
$emailerr2 = "<font color='"red'">This email address is already registered</font>";
$submitted_firstname = htmlentities($_POST['fname'], ENT_QUOTES, 'UTF-8');
$submitted_lastname = htmlentities($_POST['lname'], ENT_QUOTES, 'UTF-8');
$submitted_email = htmlentities($_POST['email'], ENT_QUOTES, 'UTF-8');
} else
{
然后,我运行将信息插入数据库表的代码。这效果很好。希望没有其他事情发生。感谢您的评论和帮助。