I am trying to create a working registration validation however I have a problem. The validations work but there is an error, even if the user enters the correct information the INSERT statement is not executed. However, when the "elseif" statement is removed then the error is echoed on the interface but the data is still INSERTED even if there is an error in the user form; such as the password only having letters. I Would be grateful if anyone could fix this error. The complete validation is below. Thanks Wasim
我正在尝试创建一个工作注册验证,但我有一个问题。验证有效,但是存在错误,即使用户输入了正确的信息,也没有执行INSERT语句。但是,当删除“elseif”语句时,错误将在接口上回显,但即使用户表单中存在错误,数据仍然是INSERTED;比如密码只有字母。如果有人能解决这个错误,我将不胜感激。完整的验证如下。谢谢Wasim
<?php include "connection2.php" ?>
<?php
session_start();
if (empty($errors)) {
if(isset($_POST['submitted'])) {
$firstname=$_POST['Firstname'];
$lastname=$_POST['Lastname'];
$username=$_POST['Username'];
$password= $_POST['Password'];
$email=$_POST['Email'];
if ($username&&$password&&$email) {
if (strlen($username)>10) {
echo "Username is too long (Max 10 Characters)";
}
else {
//check password length
if (strlen($password)>15||strlen($password)<5) {
echo "Password must be 5 to 15 characters<br>";
}
if (!preg_match("#[0-9]+#", $password)) {
echo "Password must include at least one number!<br>";
}
if (!preg_match("#[a-zA-Z]+#", $password)) {
echo "Password must include at least one letter!<br>";
}
elseif ((!strlen($username) >10) and
(!strlen($password)>15||!strlen($password)<5) and
(preg_match("#[0-9]+#", $password)) and
(preg_match("#[a-zA-Z]+#", $password))) {
$sql = mysql_query
("INSERT INTO users(firstname, lastname,username, password, email)
VALUES ('$firstname','$lastname','$username',
'$password','$email')");
md5($password);
//register the user!
echo "Your Are Now a Member";
}
}
}
mysql_close();
}}
else { ?>
<?php }
?>
3 个解决方案
#1
Your elseif
is only attached to the last if
. And I'm not sure if you got all the inverted logic correct in it. But a simpler solution is to just set a variable that indicates whether any of the validation checks failed, and test this.
你的elseif只附加到最后一个if。而且我不确定你是否将所有反转逻辑都正确。但更简单的解决方案是只设置一个变量,指示是否有任何验证检查失败,并对此进行测试。
if ($username && $password && $email) {
if (strlen($username)>10) {
echo "Username is too long (Max 10 Characters)";
}
else {
$error = false;
//check password length
if (strlen($password)>15||strlen($password)<5) {
echo "Password must be 5 to 15 characters<br>";
$error = true;
}
if (!preg_match("#[0-9]+#", $password)) {
echo "Password must include at least one number!<br>";
$error = true;
}
if (!preg_match("#[a-zA-Z]+#", $password)) {
echo "Password must include at least one letter!<br>";
$error = true;
}
if (!$error) {
// insert new users
}
}
}
#2
In PHP the elseif and 'else if' constructs may need more braces, see the note on http://php.net/manual/en/control-structures.elseif.php
在PHP中,elseif和'else if'构造可能需要更多大括号,请参阅http://php.net/manual/en/control-structures.elseif.php上的注释。
Additionaly check operator precedence. Using the keywords 'and' and 'or' to have have the same weight as using '||' or '&&'. I would recommend adding additional braces and parenthesis to make the conditionals even more clear.
另外检查运算符优先级。使用关键字'和'和'或'与使用'||'具有相同的权重要么 '&&'。我建议添加额外的括号和括号,以使条件更清晰。
#3
Hey I think your structure is wrong a little.
嘿,我觉得你的结构有点不对劲。
<?php include "connection2.php" ?>
<?php
session_start();
if (empty($errors)) {
if(isset($_POST['submitted'])) {
$firstname=$_POST['Firstname'];
$lastname=$_POST['Lastname'];
$username=$_POST['Username'];
$password= $_POST['Password'];
$email=$_POST['Email'];
if ($username&&$password&&$email)
{
if (strlen($username)>10)
{
echo "Username is too long (Max 10 Characters)";
}
elseif(strlen($password)>15||strlen($password)<5)
{
echo "Password must be 5 to 15 characters<br>";
}
elseif (!preg_match("#[0-9]+#", $password)) {
echo "Password must include at least one number!<br>";
}
elseif (!preg_match("#[a-zA-Z]+#", $password)) {
echo "Password must include at least one letter!<br>";
}
else ((!strlen($username) >10) and
(!strlen($password)>15||!strlen($password)<5) and
(preg_match("#[0-9]+#", $password)) and
(preg_match("#[a-zA-Z]+#", $password)))
{
$sql = mysql_query
("INSERT INTO users(firstname, lastname,username, password, email)
VALUES ('$firstname','$lastname','$username',
'$password','$email')");
md5($password);
//register the user!
echo "Your Are Now a Member";
}
}
}
mysql_close();
}}
else { ?>
<?php }
?>
Hope that helps. but I would also save each error in array and display in the end.
希望有所帮助。但我也会在阵列中保存每个错误并最终显示。
#1
Your elseif
is only attached to the last if
. And I'm not sure if you got all the inverted logic correct in it. But a simpler solution is to just set a variable that indicates whether any of the validation checks failed, and test this.
你的elseif只附加到最后一个if。而且我不确定你是否将所有反转逻辑都正确。但更简单的解决方案是只设置一个变量,指示是否有任何验证检查失败,并对此进行测试。
if ($username && $password && $email) {
if (strlen($username)>10) {
echo "Username is too long (Max 10 Characters)";
}
else {
$error = false;
//check password length
if (strlen($password)>15||strlen($password)<5) {
echo "Password must be 5 to 15 characters<br>";
$error = true;
}
if (!preg_match("#[0-9]+#", $password)) {
echo "Password must include at least one number!<br>";
$error = true;
}
if (!preg_match("#[a-zA-Z]+#", $password)) {
echo "Password must include at least one letter!<br>";
$error = true;
}
if (!$error) {
// insert new users
}
}
}
#2
In PHP the elseif and 'else if' constructs may need more braces, see the note on http://php.net/manual/en/control-structures.elseif.php
在PHP中,elseif和'else if'构造可能需要更多大括号,请参阅http://php.net/manual/en/control-structures.elseif.php上的注释。
Additionaly check operator precedence. Using the keywords 'and' and 'or' to have have the same weight as using '||' or '&&'. I would recommend adding additional braces and parenthesis to make the conditionals even more clear.
另外检查运算符优先级。使用关键字'和'和'或'与使用'||'具有相同的权重要么 '&&'。我建议添加额外的括号和括号,以使条件更清晰。
#3
Hey I think your structure is wrong a little.
嘿,我觉得你的结构有点不对劲。
<?php include "connection2.php" ?>
<?php
session_start();
if (empty($errors)) {
if(isset($_POST['submitted'])) {
$firstname=$_POST['Firstname'];
$lastname=$_POST['Lastname'];
$username=$_POST['Username'];
$password= $_POST['Password'];
$email=$_POST['Email'];
if ($username&&$password&&$email)
{
if (strlen($username)>10)
{
echo "Username is too long (Max 10 Characters)";
}
elseif(strlen($password)>15||strlen($password)<5)
{
echo "Password must be 5 to 15 characters<br>";
}
elseif (!preg_match("#[0-9]+#", $password)) {
echo "Password must include at least one number!<br>";
}
elseif (!preg_match("#[a-zA-Z]+#", $password)) {
echo "Password must include at least one letter!<br>";
}
else ((!strlen($username) >10) and
(!strlen($password)>15||!strlen($password)<5) and
(preg_match("#[0-9]+#", $password)) and
(preg_match("#[a-zA-Z]+#", $password)))
{
$sql = mysql_query
("INSERT INTO users(firstname, lastname,username, password, email)
VALUES ('$firstname','$lastname','$username',
'$password','$email')");
md5($password);
//register the user!
echo "Your Are Now a Member";
}
}
}
mysql_close();
}}
else { ?>
<?php }
?>
Hope that helps. but I would also save each error in array and display in the end.
希望有所帮助。但我也会在阵列中保存每个错误并最终显示。