PHP form $_POST传递数据但变量偶尔为空
PHP form $_POST passes data but the variables are empty once in a while
我有一个基于这个简单代码的表单。它在 999/1000 的情况下工作得很好,但昨天我在数据库中得到了空白行,在电子邮件中得到了空白变量。它以前从未发生过。我发现,那个填写表格的客户是在手机上填写的,android,填写正确,但后来出现了空白变量。真的不知道,问题出在哪里,因为每次我测试它,它都有效。有什么想法吗?
<?php
include 'dbconn.php';
require 'PHPMailerAutoload.php';
if(isset($_POST['submit'])) {
$username=$_POST['username'];
$email=$_POST['email'];
$resultSet = $con->query("INSERT INTO `contact` (`username`,`email`)
VALUES ('$username','$email')");
$message='Variable username:'.$username.', variable email: '.$email;
$mail = new PHPMailer;
$mail->CharSet = 'UTF-8';
$mail->addAddress($to);
$mail->Subject = 'Subject';
$mail->msgHTML($message);
$mail->WordWrap = 50;
$mail->send();
}
?>
表格是这样的:
<form method="post" action="">
Username: <input type="text" name="username" required>
Email: <input type="email" name="email" required>
<input type="submit">
</form>
看起来您依赖于很容易被绕过的客户端验证。
我建议检查 $_POST 数组中的用户名和电子邮件键是否有值,然后再将它们插入数据库并发送电子邮件。
例如:
if (isset($_POST['username']) && isset($_POST['email'])) {
// Insert and send email
}
并非所有浏览器都会尊重 required 属性,因此您应该在服务器端验证您的 $_POST 值。
类似于:
<?php
include 'dbconn.php';
require 'PHPMailerAutoload.php';
if(isset($_POST['submit'])) {
$username=$_POST['username'];
$email=$_POST['email'];
if(isset($username) && isset($email)){
$resultSet = $con->query("INSERT INTO `contact` (`username`,`email`) VALUES ('$username','$email')");
$message='Variable username:'.$username.', variable email: '.$email;
$mail = new PHPMailer;
$mail->CharSet = 'UTF-8';
$mail->addAddress($to);
$mail->Subject = 'Subject';
$mail->msgHTML($message);
$mail->WordWrap = 50;
$mail->send();
}
} else {
// echo fail response
}
?>
您可以检查它们是否为空,如果为空则不处理它
<?php
include 'dbconn.php';
require 'PHPMailerAutoload.php';
if(isset($_POST['submit'])) {
$username=$_POST['username'];
$email=$_POST['email'];
if(!is_null(trim($email))&& !is_null(trim($username))){
$resultSet = $con->query("INSERT INTO `contact` (`username`,`email`) VALUES ('$username','$email')");
$message='Variable username:'.$username.', variable email: '.$email;
$mail = new PHPMailer;
$mail->CharSet = 'UTF-8';
$mail->addAddress($to);
$mail->Subject = 'Subject';
$mail->msgHTML($message);
$mail->WordWrap = 50;
$mail->send();
}
}
?>
我有一个基于这个简单代码的表单。它在 999/1000 的情况下工作得很好,但昨天我在数据库中得到了空白行,在电子邮件中得到了空白变量。它以前从未发生过。我发现,那个填写表格的客户是在手机上填写的,android,填写正确,但后来出现了空白变量。真的不知道,问题出在哪里,因为每次我测试它,它都有效。有什么想法吗?
<?php
include 'dbconn.php';
require 'PHPMailerAutoload.php';
if(isset($_POST['submit'])) {
$username=$_POST['username'];
$email=$_POST['email'];
$resultSet = $con->query("INSERT INTO `contact` (`username`,`email`)
VALUES ('$username','$email')");
$message='Variable username:'.$username.', variable email: '.$email;
$mail = new PHPMailer;
$mail->CharSet = 'UTF-8';
$mail->addAddress($to);
$mail->Subject = 'Subject';
$mail->msgHTML($message);
$mail->WordWrap = 50;
$mail->send();
}
?>
表格是这样的:
<form method="post" action="">
Username: <input type="text" name="username" required>
Email: <input type="email" name="email" required>
<input type="submit">
</form>
看起来您依赖于很容易被绕过的客户端验证。
我建议检查 $_POST 数组中的用户名和电子邮件键是否有值,然后再将它们插入数据库并发送电子邮件。
例如:
if (isset($_POST['username']) && isset($_POST['email'])) {
// Insert and send email
}
并非所有浏览器都会尊重 required 属性,因此您应该在服务器端验证您的 $_POST 值。
类似于:
<?php
include 'dbconn.php';
require 'PHPMailerAutoload.php';
if(isset($_POST['submit'])) {
$username=$_POST['username'];
$email=$_POST['email'];
if(isset($username) && isset($email)){
$resultSet = $con->query("INSERT INTO `contact` (`username`,`email`) VALUES ('$username','$email')");
$message='Variable username:'.$username.', variable email: '.$email;
$mail = new PHPMailer;
$mail->CharSet = 'UTF-8';
$mail->addAddress($to);
$mail->Subject = 'Subject';
$mail->msgHTML($message);
$mail->WordWrap = 50;
$mail->send();
}
} else {
// echo fail response
}
?>
您可以检查它们是否为空,如果为空则不处理它
<?php
include 'dbconn.php';
require 'PHPMailerAutoload.php';
if(isset($_POST['submit'])) {
$username=$_POST['username'];
$email=$_POST['email'];
if(!is_null(trim($email))&& !is_null(trim($username))){
$resultSet = $con->query("INSERT INTO `contact` (`username`,`email`) VALUES ('$username','$email')");
$message='Variable username:'.$username.', variable email: '.$email;
$mail = new PHPMailer;
$mail->CharSet = 'UTF-8';
$mail->addAddress($to);
$mail->Subject = 'Subject';
$mail->msgHTML($message);
$mail->WordWrap = 50;
$mail->send();
}
}
?>