如果我的帖子是空的,我如何阻止我的数据库更新?
[英]If my post is empty, how do i block the update with my database?
问题描述
I have this problem with mysql on phpmyadmin databases that I want to update my database, for instance change the username, but with the current code I have, if I leave something empty, it updates the database with empty value, I wanted to change this that IF the post is empty it doesnt update the database to empty space
我在 phpmyadmin 数据库上的 mysql 有这个问题,我想更新我的数据库,例如更改用户名,但是使用我当前的代码,如果我将某些内容留空,它会用空值更新数据库,我想更改它如果帖子为空,则不会将数据库更新为空白空间
here is my code:这是我的代码:
<!doctype html>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "eerstedatabase";
//create connection
$connection = new mysqli($servername, $username, $password, $dbname);
if ($_POST) {
//check connection
if ($connection->connect_error) {
die("Connection failed: " . $connection->connect_error);
}
//if these posts are empty it updates them to empty in the database aswell
$sql = "UPDATE gebruikers SET Gebruikersnaam='" . $_POST['Gebruikersnaam'] . "',
Wachtwoord='" . $_POST['Wachtwoord'] . "',
Email='" . $_POST['Email'] . "'
WHERE ID='" . $_POST['ID'] . "' ";
if ($connection->query($sql) === TRUE) {
echo "Record updated successfully";
include 'Opdracht1.php';
} else {
echo "Error updating record: " . $conn->error;
}
}
else
{
?>
<html>
<head>
<meta charset="utf-8">
<title>Naamloos document</title>
</head>
<body>
<center>
<table>
<form name="update" action="OpdrachtDW6.php" method="POST">
<tr>
<td>ID</td>
<td><input type="text" name="ID" rquired /></td>
</tr>
<tr>
<td>Gebruikersnaam</td>
<td><input type="text" name="Gebruikersnaam" required /></td>
</tr>
<tr>
<td>Wachtwoord</td>
<td><input type="text" name="Wachtwoord" required /></td>
</tr>
<tr>
<td>Email</td>
<td><input type="text" name="Email" required /></td>
</tr>
<tr>
<td><input type="submit" value="Updaten" /></td>
</tr>
</td>
</form>
</center>
</body>
</html>
<?php
}
?>
5 个解决方案
解决方案1
0 2016-03-31 15:40:09
You need to check the value of the $_POST fields on the server side.您需要检查服务器端的 $_POST 字段的值。
$errs = false;
if ($_POST['ID'] == "") {
$errs = true;
echo "ID Field Missing";
}
if ($_POST['Gebruikersnaam'] == "") {
$errs = true;
echo "Gebruikersnaam Field Missing";
}
/* And so on... */
if (!$errs) {
//check connection
if ($connection->connect_error) {
die("Connection failed: " . $connection->connect_error);
}
$sql = "UPDATE gebruikers SET Gebruikersnaam='" . $_POST['Gebruikersnaam'] . "',
Wachtwoord='" . $_POST['Wachtwoord'] . "',
Email='" . $_POST['Email'] . "'
WHERE ID='" . $_POST['ID'] . "' ";
if ($connection->query($sql) === TRUE) {
echo "Record updated successfully";
include 'Opdracht1.php';
} else {
echo "Error updating record: " . $conn->error;
}
}
解决方案2
0 2016-03-31 15:41:07
you can check if the POST values are empty or not:您可以检查 POST 值是否为空:
if(empty($_POST['Email'])
// Do something
There are other options like check the length of string, if the name is too short, maybe it is not acceptable.还有其他选项,例如检查字符串的长度,如果名称太短,可能无法接受。 Hope this help.希望这有帮助。
解决方案3
0 2016-03-31 15:59:59
You can use this logic你可以使用这个逻辑
if(isset($_POST['Email'])){
//post email is not empty! and you can insert in database!
if ($connection->query($sql) === TRUE) {
echo "Record updated successfully";
include 'Opdracht1.php';
} else {
echo "Error updating record: " . $conn->error;
}
}
解决方案4
0 2016-03-31 16:03:06
Here is the (basic) logic to check against (not) empty fields.这是检查(非)空字段的(基本)逻辑。
Sidenote: See comments in code to process as desired.旁注:请参阅代码中的注释以根据需要进行处理。
if( !empty($_POST['ID'])
&& !empty($_POST['Gebruikersnaam'])
&& !empty($_POST['Wachtwoord'])
&& !empty($_POST['Email'])
)
{
// Execute the query
}
else {
// kill the process or do something else
}
If you only want to perform the UPDATE if only the email is empty, then simply do:如果您只想在电子邮件为空时执行 UPDATE,则只需执行以下操作:
if(!empty($_POST['Email'])) {
$sql = "UPDATE gebruikers ...
// Rest of your code
}
Consult the following on PHP's logical operators:有关 PHP 的逻辑运算符,请参阅以下内容:
- http://php.net/manual/en/language.operators.logical.php http://php.net/manual/en/language.operators.logical.php
and empty() :和empty() :
Footnotes:脚注:
Your present code is open to SQL injection .您当前的代码对SQL 注入是开放的。 Use prepared statements , or PDO with prepared statements .使用准备好的语句,或带有准备好的语句的PDO 。
Also on doing an UPDATE and to check if it truly was successful, use mysqli_affected_rows() :同样在执行 UPDATE 并检查它是否真的成功时,请使用mysqli_affected_rows() :
as if ($connection->query($sql) === TRUE) could give you a false positive. if ($connection->query($sql) === TRUE)会给你一个误报。
You can also alter your column(s) to not accept NULL values.您还可以更改列以不接受 NULL 值。
Consult http://dev.mysql.com/doc/refman/5.7/en/working-with-null.html查阅http://dev.mysql.com/doc/refman/5.7/en/working-with-null.html
and making it/them as NOT NULL.并将其/它们设为 NOT NULL。
On an added note, this if ($_POST) { could be changed to if(isset($_POST['submit'])){ and adding the submit name attribute to your submit button.在附加说明中,此if ($_POST) {可以更改为if(isset($_POST['submit'])){并将submit名称属性添加到您的提交按钮。
<input type="submit" name="submit" value="Updaten" />
解决方案5
0 2016-03-31 16:11:32
What I've done before is build my query into variables, then if a variable is empty it will skip that bit of the query.我之前所做的是将我的查询构建到变量中,然后如果变量为空,它将跳过查询的那一点。
For example例如
if($_POST['fielda']) {
$fieldasql = "fielda = '".$_POST['fielda']."',";
} else {
$fieldasql = "";
}
if($_POST['fieldb']) {
$fieldbsql = "fieldb = '".$_POST['fieldb']."',";
} else {
$fieldbsql = "";
}
then your query would be:那么您的查询将是:
$sql = "UPDATE gebruikers SET " . $fieldasql . " " . $fieldbsql;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.