0
私はcustomer_display.phpを書いてデータを検証しましたが、First Nameフィールドが空であっても、Webページはcustomer_search.phpにジャンプします。&はデータベース内の情報を変更しませんでした。どうして?なぜ検証がうまくいかず、別のページにジャンプしますか?
<?php include '../view/header.php';
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// Initialize variables and set to empty strings
$firstName=$lastName="";
$firstNameErr=$lastNameErr="";
// Control variables
$app_state = "empty"; //empty, processed, logged in
$valid = 0;
// Validate input and sanitize
if ($_SERVER['REQUEST_METHOD']== "POST") {
if(isset($_POST["first_name"]))
{
if (empty($_POST["first_name"])) {
$firstNameErr = "First name is required";
}
else {
$firstName = test_input($_POST["firstName"]);
if(strlen($firstName)>5){
$firstNameErr = "First name is too long";
}
else{
$valid++;
}
}
}
if (empty($_POST["lastName"])) {
$lastNameErr = "Last name is required";
}
else {
$lastName = test_input($_POST["lastName"]);
$valid++;
}
if ($valid >= 2) {
$app_state = "processed";
}
}
// Sanitize data
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if ($app_state == "empty") {
?>
<!-- display a table of customer information -->
<h2>View/Update Customer</h2>
<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>" method="POST" id="aligned">
<input type="hidden" value="update_customer">
<input type="hidden" name="customer_id"
value="<?php echo htmlspecialchars($customer['customerID']); ?>">
<label>First Name:</label>
<input type="text" name="first_name"
value="<?php echo htmlspecialchars($customer['firstName']); ?>">
<span class="error"><?php echo $firstNameErr;?></span><br>
<label>Last Name:</label>
<input type="text" name="last_name"
value="<?php echo htmlspecialchars($customer['lastName']); ?>"><br>
<label>Address:</label>
<input type="text" name="address"
value="<?php echo htmlspecialchars($customer['address']); ?>"
size="50"><br>
<label>City:</label>
<input type="text" name="city"
value="<?php echo htmlspecialchars($customer['city']); ?>"><br>
<label>State:</label>
<input type="text" name="state"
value="<?php echo htmlspecialchars($customer['state']); ?>"><br>
<label>Postal Code:</label>
<input type="text" name="postal_code"
value="<?php echo htmlspecialchars($customer['postalCode']); ?>"><br>
<label>Country:</label>
<select name="selected">
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass ='';
$db = 'tech_support';
$conn = new mysqli($dbhost, $dbuser, $dbpass, $db);
if($conn->connect_error)
die('Could not connect: '. $conn->connect_error);
$selected= $conn->query("select * from countries where countryCode = '" .$customer['countryCode']. "'");
$sql = $conn->query("select * from countries order by countryName");
if($selectedrow = $selected->fetch_assoc()){
echo "<option selected value='" . $selectedrow['countryName']."'>". $selectedrow['countryName']."</option>";
}
//echo "<select>";
while ($row = $sql->fetch_assoc()) {
echo "<option value ='". $row['countryName']."'>". $row['countryName']."</option>";
}
//echo "</select>";
$conn->close();
?>
</select><br>
<label>Phone:</label>
<input type="text" name="phone"
value="<?php echo htmlspecialchars($customer['phone']); ?>"><br>
<label>Email:</label>
<input type="text" name="email"
value="<?php echo htmlspecialchars($customer['email']); ?>"
size="50"><br>
<label>Password:</label>
<input type="text" name="password"
value="<?php echo htmlspecialchars($customer['password']); ?>"><br>
<label> </label>
<input type="submit" value="Update Customer"><br>
</form>
<p><a href="">Search Customers</a></p>
</body>
</html>
<?php
}
elseif ($app_state == "processed") {
if ($firstName == "Vincent") {
$app_state = "Logged in";
}
}
if ($app_state == "Logged in") {
echo("Logged in<br> Hello Vincent</body></html>");
}
?>
<?php include '../view/footer.php'; ?>
のindex.php(データを処理する):
<?php
require('../model/database.php');
require('../model/customer_db.php');
$action = filter_input(INPUT_POST, 'action');
if ($action === NULL) {
$action = filter_input(INPUT_GET, 'action');
if ($action === NULL) {
$action = 'search_customers';
}
}
//instantiate variable(s)
$last_name = '';
$customers = array();
if ($action == 'search_customers') {
include('customer_search.php');
} else if ($action == 'display_customers') {
$last_name = filter_input(INPUT_POST, 'last_name');
if (empty($last_name)) {
$message = 'You must enter a last name.';
} else {
$customers = get_customers_by_last_name($last_name);
}
include('customer_search.php');
} else if ($action == 'display_customer') {
$customer_id = filter_input(INPUT_POST, 'customer_id', FILTER_VALIDATE_INT);
$customer = get_customer($customer_id);
include('customer_display.php');
} else if ($action == 'update_customer') {
$customer_id = filter_input(INPUT_POST, 'customer_id', FILTER_VALIDATE_INT);
$first_name = filter_input(INPUT_POST, 'first_name');
//echo $first_name;
$last_name = filter_input(INPUT_POST, 'last_name');
$address = filter_input(INPUT_POST, 'address');
$city = filter_input(INPUT_POST, 'city');
$state = filter_input(INPUT_POST, 'state');
$postal_code = filter_input(INPUT_POST, 'postal_code');
$country_name = $_POST["selected"];
$phone = filter_input(INPUT_POST, 'phone');
$email = filter_input(INPUT_POST, 'email');
$password = filter_input(INPUT_POST, 'password');
//if(!$valid_fname == null){require ('customer_display.php');};
//echo $country_name;
$country_code = get_countryCode($country_name);
update_customer($customer_id, $first_name, $last_name,
$address, $city, $state, $postal_code, $country_code,
$phone, $email, $password);
include('customer_search.php');
}
?>
すべてのコードではなく、関連するものだけを投稿する –