是否可以在提交表单并刷新页面之前使用PHP验证?

是否可以在提交表单并刷新页面之前使用PHP验证?

问题描述:

I have created a user registration form using PHP, a password must be entered and entered again to check they both match. I have my conditional checks which are run when the form is submitted, if they fail, the form is reloaded empty for the user to fill in. I wanted to do a real time check against the password, and repeatPassword fields, so if they were both entered and did not match a warning displayed instantly, not after the whole form was filled in and submitted.

I have tried doing this using only PHP, I was using JavaScript before but I want to do it all in PHP as I think it will be better and more reliable.

Here is the code I have for my form checking condition:

$firstname=$_POST['fName'];
$surname=$_POST['sName'];
$email=$_POST['emailad'];
$password= md5($_POST['password']);
$repeatpassword= md5($_POST['repeatPassword']);
$secretquestion=$_POST['sQuestion'];
$secretanswer=$_POST['sAnswer'];
$address1=$_POST['address1'];
$address2=$_POST['address2'];
$address3=$_POST['address3'];
$address4=$_POST['address4'];
$city=$_POST['city'];
$postcode=$_POST['postcode'];
$phone=$_POST['phone'];
$mobile=$_POST['mobile'];

if(!empty($password)
&& !empty($repeatpassword)
&& !empty($firstname)
&& !empty($surname)
&& !empty($email)
&& ($repeatpassword == $password)
&& !empty($secretquestion)
&& !empty($secretanswer)
&& !empty($address1)
&& !empty($city)
&& !empty($postcode)
&& !empty($phone))
 {


$reg =true;
$sql = "INSERT INTO cryptuser (firstname,surname,email,password, secretq, secreta,
                               address1,address2,address3,address4,city,postcode,phone,mobile)
        VALUES     ('$firstname','$surname','$email','$password','$secretquestion','$secretquestion',
            '$address1','$address2','$address3','$address4','$city','$postcode','$phone','$mobile')"; 

I had code written which I deleted because it was definitely wrong, but I was trying to perform a PHP function, if the password and repeatPassword fields are not empty, check both values are the same, if they are do nothing, else display warning text.

I felt this would work, but I am still trying to get used to php being a server side language.

Any advice would be appreciated.

我已经使用PHP创建了一个用户注册表单,必须输入密码并再次输入以检查它们是否匹配。 我有条件检查,在提交表单时运行,如果它们失败,表单将重新加载为空以供用户填写。我想对密码和repeatPassword字段进行实时检查,所以如果它们是 两者都输入并且不匹配立即显示的警告,而不是在整个表单填写并提交之后。 p>

我尝试仅使用PHP执行此操作,之前我使用的是JavaScript但我想要 在PHP中完成这一切,因为我认为它会更好,更可靠。 p>

这是我的表单检查条件的代码: p>

  $ firstname = $ _ POST ['fName']; 
 $ surname = $ _ POST ['sName']; 
 $ email = $ _ POST ['emailad']; 
 $ password = md5($ _ POST  ['password']); 
 $ repeatpassword = md5($ _ POST ['repeatPassword']); 
 $ secretquestion = $ _ POST ['sQuestion']; 
 $ secretanswer = $ _ POST ['sAnswer']; \  N $地址1 = $ _ POST [ '地址1']; 
 $的地址2 = $ _ POST [ '地址2']; 
 $的地址3 = $ _ POST [ '地址3']; 
 $的地址4 = $ _ POST [ '地址4']  ; 
 $的城市= $ _ POST [ '城市']; 
 $的邮政编码= $ _ POST [” 邮编 ']; \ N $电话= $ _ POST [' 电话 ']; \ N $移动= $ _ POST [' 移动']; 
 
如果(空($密码)
&安培;!&安培;  !空($ repeatpassword)
&安培;&安培;  !空($名字)
&安培;&安培;  !空($姓)
&安培;&安培;  !空($电子邮件)
&安培;&安培;  ($ repeatpassword == $ password)
&&  !空($ secretquestion)
&安培;&安培;  !空($ secretanswer)
&安培;&安培;  !空($地址1)
&安培;&安培;  !空($市)
&安培;&安培;  !空($邮编)
&安培;&安培;  !empty($ phone))
 {
 
 
 $ reg = true; 
 $ sql =“INSERT INTO cryptuser(名字,姓氏,电子邮件,密码,secretq,secreta,
地址1,地址2,地址3  ,地址4,城市,邮政编码,电话,手机)
 VALUES('$ firstname','$ surname','$ email','$ password','$ secretquestion','$ secretquestion',
'$ address1  ”, '$地址2', '$ 2地址', '$地址4', '$城市', '$邮政编码', '$电话', '$移动')“;  
  code>  pre> 
 
 

我编写的代码已被删除,因为它肯定是错的,但我试图执行PHP函数,如果密码和repeatPassword字段不为空, 检查两个值是否相同,如果它们什么也不做,否则显示警告文本。 p>

我觉得这会起作用,但我仍然习惯于习惯将php作为服务器端语言 。 p>

任何建议都将不胜感激。 p> div>

First off, it won't be "better and more reliable" in PHP than in Javascript. Both languages are Turing-complete and there's little you can do in one realm you can't do in the other. You're only limited by your ability as a coder.

That said, if you want to do the validation in PHP before the form is submitted, you're going to have to get the data to the server somehow. Of course, that process is much like submitting a form...

One means would be to have JS which scrapes the information from the form and makes an AJAX request to the server. If the server says "OK", then the JS sets the client location to the new page (since the server already received all the contents as part of the validation process, you shouldn't need to POST them again).

Moving on, your validation code as you've written it above is a very bad idea. See this comic for a fast-and-decent explanation why ( http://bobby-tables.com appears to be down) - imagine what the SQL query would look like if you had that as $_POST['fName'].

YES! there are casses where you want to do server side as well as client side validation though in most cases you need only do client side BEFORE submitting then client side on submit. If you need to do both before and after submit a quick google search game me this nice looking tutorial

and as always I recommend using jQuery validate which has a function to compare two passwords

PHP will only run on the server, not in the browser. Use javascript to do the client side validation. Keep your server side validation, and add SQL injection protection. If you don't know what that is, Google it and look at the mysql_escape_string() PHP function to start.