So I have a form that looks so.
Company Name |
// and so on
I have the validation by javascript. But the problem is that when I go directly to thanks.php from localhost/mysite/form/thanks.php I have an empty row that is inserted when I look at phpmyadmin. Thanks.php looks like so.
// open the connection
$conn = mysql_connect("localhost", "root", "password");
// pick the database to use
mysql_select_db("company_register",$conn);
$sql = "INSERT INTO `tblsignups` VALUES ('NULL', '$_POST[company]', '$_POST[email]', '$_POST[phone]', '$_POST[address]', '$_POST[comments]', '$_POST[contact_person]')";
$result = mysql_query($sql, $conn) or die(mysql_error());
mysql_close($conn);
?>
// And I have a thank you msg I display
How do I check that if some one should directly go to thanks.php I tell them to go fill the form first and do not put anything on the database
解决方案
here is a sketch example
after receiving POST data you have to check it and raise error flag
in case of some errors show the form back instead of saving it
if ($_SERVER['REQUEST_METHOD']=='POST') {
$err = array();
//performing all validations and raising corresponding errors
if (empty($_POST['name']) $err[] = "Username field is required";
if (empty($_POST['text']) $err[] = "Comments field is required";
if (!$err) {
// if no errors - saving data
// and then redirect:
header("Location: ".$_SERVER['PHP_SELF']);
exit;
} else {
// all field values should be escaped according to HTML standard
foreach ($_POST as $key => $val) {
$form[$key] = htmlspecialchars($val);
}
} else {
$form['name'] = $form['comments'] = '';
}
include 'form.tpl.php';
?>
and modify your form to make it possible to show errors
if ($err): ?>
foreach($err as $e): ?>
endforeach ?>
endif ?>
=$form['comments']?>