[英]Nothing is being displayed after form is submitted (PHP)
I have been trying to secure my web page for a while now by preventing sql injection. 我一直在尝试通过防止sql注入来保护我的网页一段时间。 However, now nothing is being displayed on the page at all after I submit my form. 但是,现在提交表单后,页面上什么都没有显示。 Here is my complete code because I don't know where my error is occurring. 这是我完整的代码,因为我不知道发生错误的位置。
<?php
require_once 'db_connect.php';
?>
<head>
<title> Data </title>
<link href = "ss2.css" type = "text/css" rel = "stylesheet" >
</head>
<body>
<h1> Research Center </h1>
<a href = "home.php"> Data Home Page </a>
<ol class = 'instructions'>
<li> Step 1: Please select your first year you want to gather data from. </li>
<li> Step 2: Next, select a second year to create a time interval. </li>
<li> Step 3: Then, select the time of year you want to retrieve data from. </li>
<li> Step 4: Finally, specify a specific regional location. </li>
</ol>
<form action="unemployed2.php" method ="post">
<input type="hidden" name="submitted" value="true" />
<fieldset>
<legend>
Specify Date, Month, and County
</legend>
<p class = 'year'>
<label for="year">
Please Select years: From
</label>
<select name= 'year'>
<option value= ''> </option>
<?php
$query = "select distinct year from unemployed";
$result = $conn->query($query);
while($row = $result->fetch_object()) {
echo "<option value='".$row->year."'>".$row->year."</option>";
}
?>
</select>
</p>
<p class = 'year'>
<label for="year">
To
</label>
<select name= 'year2'>
<option value= ''> </option>
<?php
$query = "select distinct year from unemployed";
$result = $conn->query($query);
while($row = $result->fetch_object()) {
echo "<option value='".$row->year."'>".$row->year."</option>";
}
?>
</select>
</p>
<p>
<label for="month">
Please select a month
<label>
<select name= 'month'>
<option value= ''> </option>
<?php
$query = "select distinct month from unemployed";
$result = $conn->query($query);
while($row = $result->fetch_object()) {
echo "<option value='".$row->month."'>".$row->month."</option>";
}
?>
<option value = "All Months"> All Months </option>
</select>
</p>
<p>
<label for="location">
Please specify a location
</label>
<select name='location'>
<option value= ''> </option>
<option value = 'Fayette'> Fayette County (IN) </option>
<option value = 'Henry'> Henry County (IN) </option>
<option value = 'Randolph'> Randolph County (IN) </option>
<option value = 'Rush'> Rush County (IN) </option>
<option value = 'Union'> Union County (IN) </option>
<option value = 'Wayne'> Wayne County (IN) </option>
<option value = 'INCounties'> Local Indiana Counties </option>
<option value = 'Indiana'> Indiana </option>
<option value = 'Butler'> Butler County (OH) </option>
<option value = 'Darke'> Darke County (OH) </option>
<option value = 'Mercer'> Mercer County (OH) </option>
<option value = 'Preble'> Preble County (OH) </option>
<option value = 'OHCounties'> Local Ohio Counties </option>
<option value = 'Ohio'> Ohio </option>
<option value = 'US'> United States </option>
</select>
</p>
<input type ="submit" />
</fieldset>
</form>
<?php
if (isset($_POST['submitted'])) {
$gYear = $_POST["year"];
$gYear2 = $_POST["year2"];
$gMonth = $_POST["month"];
$array = array('loc1' => 'Fayette', 'loc2' => 'Henry', 'loc3' => 'Randolph',
'loc4' => 'Rush', 'loc5' => 'Union', 'loc6' => 'Wayne',
'loc7' => 'INCounties','loc8' => 'Indiana', 'loc9' => 'Butler', 'loc10' => 'Darke',
'loc11' => 'Mercer', 'loc12' => 'Preble', 'loc13' => 'OHCounties',
'loc14' => 'Ohio', 'loc15' => 'US');
if ($gYear > $gYear2) {
die('ERROR: Your second year cant be a time period before the first year you selected');
}
else {
if (array_key_exists($_POST["location"], $array)) {
$column = $_POST["location"];
}
else {
echo "ERROR";
}
$sql = "SELECT `$column`, `Year`, `Month` FROM unemployed WHERE year BETWEEN ? AND ? and month= ?";
$query = $conn->prepare($sql);
$query->bind_param('sss', $gyear, $gYear2, $gMonth);
$query->execute();
$result = $query->get_result();
echo "<table>";
echo "<tr><th>Year</th><th>Month</th><th>$column</th></tr>";
while ($row = $result->fetch_object()){
echo "<tr><td>";
echo $row->$column;
echo "</td><td>";
echo $row->Year;
echo "</td><td>";
echo $row->Month;
echo "</td></tr>";
}
$query->close();
echo "</table>";
}
} // end of main if statement
?>
</body>
If I had to guess, my error lies within these lines of code because the web page shows ERROR after I push the submit button: 如果我不得不猜测,我的错误就在这些代码行之内,因为按下提交按钮后网页显示错误:
$array = array('loc1' => 'Fayette', 'loc2' => 'Henry', 'loc3' => 'Randolph',
'loc4' => 'Rush', 'loc5' => 'Union', 'loc6' => 'Wayne',
'loc7' => 'INCounties','loc8' => 'Indiana', 'loc9' => 'Butler', 'loc10' => 'Darke',
'loc11' => 'Mercer', 'loc12' => 'Preble', 'loc13' => 'OHCounties',
'loc14' => 'Ohio', 'loc15' => 'US');
else {
if (array_key_exists($_POST["location"], $array)) {
$column = $_POST["location"];
}
else {
echo "ERROR";
}
Does anyone know what my error is? 有人知道我的错误是什么吗? Any help would be greatly appreciated. 任何帮助将不胜感激。
add error_reporting(E_ALL); 添加error_reporting(E_ALL); and ini_set("display_errors",1); 和ini_set(“ display_errors”,1); at the top of your code, and check for an error 在代码顶部,然后检查错误
One thing that I think is not working is this line of code in your second code block: 我认为不起作用的一件事是第二个代码块中的以下代码行:
if (array_key_exists($_POST["location"], $array)) {
This will never return true, because the values in your select input in your HTML code are not the keys of $array, but the values. 这将永远不会返回true,因为HTML代码中select输入中的值不是$ array的键,而是值。 So $_POST["location"] will always contain a value in $array, not a key. 因此$ _POST [“ location”]将始终包含$ array中的值,而不是键。 So array_key_exists
will always return false in that line of code. 因此, array_key_exists
将始终在该行代码中返回false。
That means the else-block will be executed, which will cause "ERROR" to be printed. 这意味着将执行else块,这将导致打印“ ERROR”。
Did you mean to use in_array($_POST["location"], $array)
( PHP Manual ) instead, maybe? 您是不是要使用in_array($_POST["location"], $array)
( PHP Manual )?
From your code ERROR
is printed in the else check of: array_key_exists($_POST["location"], $array)
. 从您的代码中, ERROR
将显示在else检查中: array_key_exists($_POST["location"], $array)
。 Check your database make sure there are no nulls and the values are exactly what is placed in your mapping array $array
, keys are case-sensitive. 检查您的数据库,确保没有空值,并且值恰好是映射数组$array
放置的值,键区分大小写。
Also, you don't need an else
after a die()
statement, as the program has stopped. 另外,由于程序已停止,因此在die()
语句之后不需要else
。 You can leave your structure like: 您可以像这样保留您的结构:
if (...) die();
//rest of code
Also try to format properly, or at least stick to a readable structure, eg: 也尝试正确格式化,或至少坚持可读的结构,例如:
function () {
if () {
...
} else {
...
}
return true;
}
You are checking your array of locations for a matching key, but your location is actually a value. 您正在检查位置数组中是否有匹配的键,但是您的位置实际上是一个值。 You are also repeating your locations twice. 您还将重复两次您的位置。 I would recommend creating a $locations array at the top of your file, use it to populate your option tags and then also use it for your validation test. 我建议您在文件顶部创建一个$ locations数组,使用它填充选项标签,然后再将其用于验证测试。 This will result in your "array_key_exists" test doing what you expect it to. 这将导致您的“ array_key_exists”测试按照您的预期进行。
<?php
// top
$locations = array(
'Fayette' => 'Fayette Counter (IN)',
'Henry' => 'Henry County (IN)',
'Randolph' => 'Randolph County (IN)',
'Rush' => 'Rush County (IN)',
'Union' => 'Union County (IN)',
'Wayne' => 'Wayne County (IN)',
'INCounties' => 'Local Indiana Counties (IN)',
'Indiana' => 'Indiana',
'Butler' => 'Butler County (OH)',
'Darke' => 'Darke County (OH)',
'Mercer' => 'Mercer County (OH)',
'Preble' => 'Preble County (OH)',
'OHCounties' => 'Local Ohio Counties',
'Ohio' => 'Ohio',
'US' => 'United States'
);
?>
<!-- middle -->
<select name='location'>
<option value= ""> </option>
<?php
foreach($locations as $k => $v){
echo "<option value=\"{$k}\">{$v}</option>";
}
?>
</select>
<?php
// bottom
if (array_key_exists($_POST["location"], $locations)){
$column = $_POST["location"];
} else {
echo "ERROR";
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.