开发者

php form submission-checking not being recognized

问答 作者:

I basically took in 3 pieces of data from a form, and before processing them, I just wanted to make sure that all fields were filled in. So the focus of this is the second to last IF statement, checking if the different variables are empty. It seems to only be working for the first variable and I can't figure out how to make it apply to all of them.

<?php



include ("account.php") ;
include ("connect.php") ;


$isdone = FALSE;
$un  =  $_REQUEST [ "un"] ; 
$pw   =  $_REQUEST [ "pw"] ;



$data = mysql_query("SELECT * FROM `auth` WHERE username = '$un'") or die(mysql_error());

$info = mysql_fetch_array($data);

$info['username']; 
$password = $info['pw'];

session_start();


if(trim($un) != '' && trim($pw) != '' && $password == $pw)
{

    $_SESSION['uze']=$un;


    include "problem.html";

}


elseif( !isset($_POST['submit1']) && $isdone == FALSE)
{
    echo "wrong password";
}



$selected =  $_REQUEST [ "type"] ; 


if($selected == 'afs')
{
    $typeinc = 'afs';
}
else if($selected == 'db')
{
    $typeinc = 'database';
}
else if($selected == 'cs')
{
    $typeinc = 'computer systems';
}
else if($selected == 'pw')
{
    $typeinc = 'password';
} 
else if($selected == 'hw')
{
    $typeinc = 'hardware';
}
else if($selected == 'other')
{
    $typeinc = 'other';
}

$text = $_REQUEST ["inc"];

$selected2 = $_REQUEST ["yesno"];

if($selected2 == 'yes')
{
    $email = 'yes';
}
else
{
    $email = 'no';
}



if(isset($_POST['submit1']))
{
    if(empty($typeinc) || empty($text) || empty($email))
    {
        print( '<a href="http://web.njit.edu/~swp5/assignment/auth.html">You have not filled in all fields, click to sign in and re-enter</a>' );
    }

}


else{
    mysql_query("INSERT INTO `swp5_proj`. `inci` (`type`, `date`, `time`, `reporter`, `desc`) VALUES ('$typeinc', CURDATE(), CURTIME(), '".$_SESSION['uze']."', '$text');") or die(mysql_error());

    mysql_query("DELETE FROM inci WHERE type = ' '");
$isdone = TRUE;

}

if(isset开发者_JAVA技巧($_POST['submit1']) && $isdone == TRUE)
{
    echo "session over";
}



?>

Make sure you clean your REQUEST variables before you put them in a MySQL query.

if((trim($un) !== '') && (trim($pw) !== '') && ($password == $pw))

You're setting $email to yes or no in the line just above.

In your if statement you are using the shortcut OR operator.... As soon as a single statement evaluates to true, the entire statement evaluates to true and there is no need to continue processing further.

继续阅读:formsphpsubmission

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9