时间戳

首页 > 解决方案 > PHP表单验证:表单将提交,无论它是否通过验证

php - PHP表单验证:表单将提交,无论它是否通过验证

问题描述

所以我问了一个类似的问题,但在评论中,有人告诉我一个可能的答案,但它没有用,所以我发布了另一个。情况略有不同,所以我不知道是编辑和更新另一个还是制作一个新的。

无论如何,我有一个表单和一个 PHP 脚本,它应该在用户提交时验证表单数据,现在(测试目的)如果它没有通过验证,则应该打印一个带有字符串的数组。

在我继续之前是html:

<form method="post" action="mail3.php" class="col-12" id="form-book">
            <div class="row">
              <div class=" form-group col-12">
                <p>Fill out the form below to tell me about your problem. <strong>Any problems to do with technology, all the solutions.</strong> Just tell me what you can, however the more info you give the better.</p>
              </div>
              <div class="form-group col-6">
                <label></label>
                <input id="name" name="name" placeholder="Name" type="text" required="required" class="form-control here bottom"> <span class="error">
              </div>
              <div class="form-group col-6">
                <label></label>
                <input id="phone" name="phone" placeholder="Phone#" type="text" required="required" class="form-control here bottom"> <span class="error">
              </div>
              <div class="form-group col-12">
                <label></label>
                <input id="email" name="email" placeholder="Email (Optional)" type="text" class="form-control here bottom"> <span class="error">
              </div>
              <div class="form-group col-6">
                <input data-provide="datepicker" id="date" name="date" placeholder="Pick a date" required="required" class="form-control here bottom">
              </div>
              <div class="form-group col-6">
                <input type="text" id="time" name="time" placeholder="Choose the best time" required="required" class="form-control here bottom timepicker">
              </div>
              <div class="form-group col-12">
                <label></label>
                <textarea id="message" name="message" cols="40" rows="5" class="form-control" required="required" aria-describedby="messageHelpBlock"></textarea>
                <span id="messageHelpBlock" class="form-text text-muted">Tell me a little about whats going on or what you need help with.</span>
              </div>
              <div class="form-group col-12">
                <button name="submit" type="submit" class="btn btn-primary">Send your message</button>
              </div>
            </div>
            <!--row-->
          </form>

PHP:

                <?php
    date_default_timezone_set("Pacific/Honolulu"); //set the DateTimeZone

    function test_input($data) { //test input func that checks data
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;
    }

    if (isset($_POST['submit'])) {
    $name = $_POST['name'];
    $phone = $_POST['phone'];
    $email = $_POST['email'];
    $date = $_POST['date'];
    $time = $_POST['time'];
    $message = $_POST['message'];
    $subject = "Appointment Booked";
    $email = filter_var($email, FILTER_SANITIZE_EMAIL); //clean email
    $mailTo = "itguy@johnpuaoi.com";
    $dateTested = test_input($date);
    $timeTested = test_input($time);

    $errors = []; //set errors arrray

    //funcs will check each input and if an error is detected it will add a string to errors array
    //if no errors are found the input is then passed into xTested variable
    function validateName($input) {
      if (empty($input)) { //check if empty
        return $errors[] = "Your name is required."; //if empty add string to errors array
      } elseif (is_int($input)) { //check if input is an interger
        return $errors[] = "That is not a valid name."; //if is interger add string to errors array
      } else {
        return $nameTested = test_input($input); //return tested input variable
      }
    }
    function validatePhone($input) {
      if (empty($input)) { //check if empty
        return $errors[] = "Your phone number is required."; //add string to array if empty
      } elseif (!preg_match("/^[0-9]{3}-[0-9]{4}-[0-9]{4}$/", $input)) { //check if input does not match
        return $errors[] = "That is not a valid name."; //add string to array if no match
      } else {
        return $phoneTested = test_input($input); //return tested input variable
      }
    }
    function validateEmail($input) {
      if (empty($input)) { //check if empty
        return $errors[] = "Your email is required.";//add string to array if empty
      } elseif (filter_var($email, FILTER_VALIDATE_EMAIL)) {
        return $errors[] = "That is not a valid email.";
      } else {
        return $emailTested = test_input($input); //return tested input variable
      }
    }
    function validateMessage($input) {
      if (empty($input)) { //check if empty
        return $errors[] = "Your message can't be empty.";//add string to array if empty
      } else {
        return $messageTested = test_input($input); //return tested input variable
      }
    }
    validateName($name); //call validate funcs
    validatePhone($phone);
    validateEmail($email);
    validateMessage($message);

    $headers = "From: ".$emailTested;
    $txt = "An appointment was booked by ".$nameTested.".\n\n".$dateTested." @".$timeTested.".\n\n".$messageTested;

     if ($errors == null) { //if errors array is empty
       mail($mailTo, $subject, $txt, $headers); //mail data
       header("Location: index.php?mailsend"); //redirect to home
     } else {
       print $errors; //print errors to test if validate funcs work
     }
    }
 ?>

现在我已经为一组数据类型创建了验证函数——姓名、电子邮件、电话和消息。它检查输入,如果发生错误,则将字符串添加到错误数组中。如果没有发现错误,则将输入传递给一个变量,告诉 php 它已经过错误测试。

重要在我问的最后一个问题中,有人在评论中指出,即使数据没有通过验证,我也没有任何东西阻止邮件功能。因此,为了解决这个问题,我在底部添加了一个 if 语句来检查错误数组是否为空。如果是,则调用邮件函数,如果不是,则出于测试目的打印错误数组。

我通过故意输入无效数据来测试脚本,但表单仍然提交。是什么允许脚本仍然邮寄表单数据?

现在,如果您还不能告诉我,我是 php 新手,所以如果我很简单,请原谅我。如果我应该刚刚编辑第一个问题,我也提前道歉。

标签: phpformsvalidationif-statement

解决方案

推荐阅读