PHP-通过回显通过表单发送不正确的POST数据?
我正在编写一个简单的注册表格,以将用户添加到数据库中.代码如下.
I'm writing a simple registration form to add users to a database. The code is below.
<?php
include 'header.php';
$tag = randomString();
?>
<html>
<head>
<title>Register an Account</title>
</head>
<body>
<b>Register an account</b><br><br>
<form method="post" action="add_user.php?tag=<?echo $tag;?>">
Username: <br><input type="text" name="username" size=25/><br /><br>
Password: <br><input type="password" name="password" size=25/><br /><br>
Confirm Password: <br><input type="password" name="confirm" size=25/><br /><br>
Email Address: <br><input type="text" name="email" size=25/><br /><br><br>
Additional Info: <br><input type="text" name="info" size=50/><br>
<input type="submit" name="Submit" />
</form>
</body>
</html>
该表格似乎工作正常.但是,当我尝试在下一页上阅读此帖子数据时,即使所有条目都已填满,某些条目也是正确的,而其他条目则是不正确的.例如:
The form seems to work fine. However, when I attempt to read this post data on the next page, some entries are correct, and others are not, even when all entries are filled. For example:
echo mysql_real_escape_string(htmlentities($_POST['username'])); --> outputs what was in the info field
echo mysql_real_escape_string(htmlentities($_POST['password'])); --> output is what was entered in "confirm"
echo mysql_real_escape_string(htmlentities($_POST['confirm'])); --> no output
echo mysql_real_escape_string(htmlentities($_POST['email'])); --> email is outputted, this is correct.
echo mysql_real_escape_string(htmlentities($_POST['info'])); --> No output.
对于为什么会发生这种情况感到非常困惑,我写了很多没有这种问题的表格.
Very confused as to why this is happening, I've written many forms with no such problems.
这是var_dump(输入的数据:用户名,Pass1,Pass2,email@address.com和信息以正确的顺序):
Here's the var_dump (data entered: username, Pass1, Pass2, email@address.com, and info in the proper order):
array(4) { ["username"]=> string(4) "info" ["password"]=> string(5) "Pass2" ["email"]=> string(17) "email@address.com" ["Submit"]=> string(6) "Submit" }
添加了整个页面的代码
Added entire page's code
add_user.php (未完成-当我尝试比较两个密码时出现了这个问题.从来没有被评估为true,主要是因为我没有比较自己的想法)
add_user.php (Not finished-- the issue came up when I was trying to compare the two passwords. That never evaluated as true, mainly because I wasn't comparing what I thought I was)
<?php
//var_dump($_POST);
echo mysql_real_escape_string(htmlentities($_POST['username'])); echo "<br>";
echo mysql_real_escape_string(htmlentities($_POST['password'])); echo "<br>";
echo mysql_real_escape_string(htmlentities($_POST['confirm'])); echo "<br>";
echo mysql_real_escape_string(htmlentities($_POST['email'])); echo "<br>";
echo mysql_real_escape_string(htmlentities($_POST['info'])); echo "<br>";
if ($_POST['password'] != $_POST['confirm']) {
die("Passwords do not match. Please go back and try again.");
}
$tag = $_GET['tag'];
?>
因为$ _POST根本不是值"confirm"和"info".这就是为什么他们什么都不输出的原因.
In that $_POST is not values "confirm" and "info" at all. That’s why they don’t output anything.
我建议打开PHP的通知,他们会立即告知.
I suggest to switch PHP’s notices on, they would tell this instantly.
我想不到,但您填写的表格有误.由于"info"是"username"的值.
I can’t think but that you have filled the form wrong. Since "info" is value of "username".