我的表单正在提交多个数据库条目,但我不希望它提交
[英]My form is submitting multiple database entries and I don't want it to
问题描述
I have a simple html form and a php file to execute a database insertion. 
我有一个简单的html表单和一个php文件来执行数据库插入。 The problem I am having is that when I press the submit button, my database table receives 3 copies of the same submission and I only need one. 我遇到的问题是,当我按下“提交”按钮时,我的数据库表会收到3个相同提交的副本,而我只需要一个副本。 Below is the code. 下面是代码。
html: 的HTML:
<!DOCTYPE html>
<html>
<form action="demo.php" method="post">
<p>
Input 1: <input type="text" name="input1" />
<input type="submit" value="Submit" />
</p>
</form>
</html>
php: 的PHP:
<?php
define('DB_NAME', 'phpmyadminName');
define('DB_USER', 'phpmyadminUser');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link){
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected){
die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
}
$value = $_POST['input1'];
$sql = "INSERT INTO demo (input1) VALUES ('$values')";
if (!mysql_query($sql)){
die('Error: ' . mysql_error());
}
mysql_close();
?>
The DB_NAME, DB_USER, and DB_PASSWORD have all been changed for obvious reasons, but the code does work. 出于明显的原因,DB_NAME,DB_USER和DB_PASSWORD均已更改,但是代码确实起作用。
It just submits too many copies of the form data to the database table. 它只是将过多的表单数据副本提交到数据库表。 Way back when I was in school, I had this issue, but it seemed like the problem was on the server's end and not our code. 回到学校的时候,我遇到了这个问题,但是问题似乎出在服务器端,而不是我们的代码。 The server used here is mine and I do have full control over it. 这里使用的服务器是我的,我可以完全控制它。 If the server is the issue at fault, I need help correcting that (as I am doing this to learn how to admin these tools, I do not know much more than basic level administration). 如果服务器出问题了,我需要帮助纠正它(因为我这样做是为了学习如何管理这些工具,所以我不仅仅了解基本级别的管理)。
3 个解决方案
解决方案1
2 已采纳 2015-02-02 05:46:40
Kenneth, the code you have provided here honestly needs some work. 肯尼斯(Kenneth),您在这里提供的代码确实需要一些工作。 First of all, please don't use the mysql API anymore. 首先,请不要再使用mysql API。 It's deprecated, will no longer be supported in future PHP versions, and is insecure. 它已被弃用,在将来的PHP版本中将不再受支持,并且它是不安全的。 For all database operations use the mysqli or PDO API's, preferrably with prepared statements. 对于所有数据库操作,请使用mysqli或PDO API,最好使用已准备好的语句。
Secondly, do not ever INSERT $_POST or $_GET variables directly into the database without validating/sanitizing them first as someone could delete your data or even worse your whole database. 其次,不要老是INSERT $_POST或$_GET变量直接进入数据库,而无需验证/第一消毒他们有人能删除你的数据,甚至更坏你的整个数据库。 PHP has numerous functions to make this very easy such as ctype depending on the data type. PHP具有许多使它非常容易实现的功能,例如ctype取决于数据类型。
Maybe try something like this in your code: 也许在您的代码中尝试如下所示:
if (!empty($_POST['input1'])) { //checks if data was received//
$value = $_POST['input1'];
mysql_real_escape_string($value);
$sql = "INSERT INTO demo (input1) VALUES ('$value')";
} else {
echo "form was not received";
exit;
}
I also noticed that your variable names were different, which is corrected above. 我还注意到您的变量名不同,上面已更正。
EDIT : 编辑:
Mistakenly used wrong syntax for PHP ctype function. 错误地为PHP ctype函数使用了错误的语法。
解决方案2
0 2015-02-02 05:44:12
You are taking the POST input value in the variable named $value and in query you are sending $values 您将在名为$value的变量中获取POST输入值,并在查询中发送$values
I have corrected the code. 我已经更正了代码。
Can you please try the below code 你可以试试下面的代码吗
<?php
define('DB_NAME', 'phpmyadminName');
define('DB_USER', 'phpmyadminUser');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link){
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected){
die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
}
$value = $_POST['input1'];
if($value!=''){
$sql = "INSERT INTO demo (input1) VALUES ('".$value."')";
}
if (!mysql_query($sql)){
die('Error: ' . mysql_error());
}
mysql_close();
?>
解决方案3
0 2015-02-02 05:55:45
Below is correct code for the issue. 以下是该问题的正确代码。 I have checked that when you refresh your page it will create new blank entry in database and also the variable name is wrong. 我检查过,当您刷新页面时,它将在数据库中创建新的空白条目,并且变量名称错误。
You have to check for the Request method. 您必须检查Request方法。 This 这个
$_SERVER['REQUEST_METHOD'] === 'POST'
will check the form method and it will prevent the blank entries in database. 将检查表单方法,这将防止数据库中出现空白条目。
<?php
define('DB_NAME', 'test');
define('DB_USER', 'root');
define('DB_PASSWORD', 'mysqldba');
define('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link){
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected){
die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
}
//Test for request method
if($_SERVER['REQUEST_METHOD'] === 'POST') {
$value = $_POST['input1'];
$sql = "INSERT INTO demo (input1) VALUES ('$value')";
//echo $sql;die;
if (!mysql_query($sql)){
die('Error: ' . mysql_error());
}
}
mysql_close();
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.