[英]If my post is empty, how do i block the update with my database?
I have this problem with mysql on phpmyadmin databases that I want to update my database, for instance change the username, but with the current code I have, if I leave something empty, it updates the database with empty value, I wanted to change this that IF the post is empty it doesnt update the database to empty space我在 phpmyadmin 数据库上的 mysql 有这个问题,我想更新我的数据库,例如更改用户名,但是使用我当前的代码,如果我将某些内容留空,它会用空值更新数据库,我想更改它如果帖子为空,则不会将数据库更新为空白空间
here is my code:这是我的代码:
<!doctype html>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "eerstedatabase";
//create connection
$connection = new mysqli($servername, $username, $password, $dbname);
if ($_POST) {
//check connection
if ($connection->connect_error) {
die("Connection failed: " . $connection->connect_error);
}
//if these posts are empty it updates them to empty in the database aswell
$sql = "UPDATE gebruikers SET Gebruikersnaam='" . $_POST['Gebruikersnaam'] . "',
Wachtwoord='" . $_POST['Wachtwoord'] . "',
Email='" . $_POST['Email'] . "'
WHERE ID='" . $_POST['ID'] . "' ";
if ($connection->query($sql) === TRUE) {
echo "Record updated successfully";
include 'Opdracht1.php';
} else {
echo "Error updating record: " . $conn->error;
}
}
else
{
?>
<html>
<head>
<meta charset="utf-8">
<title>Naamloos document</title>
</head>
<body>
<center>
<table>
<form name="update" action="OpdrachtDW6.php" method="POST">
<tr>
<td>ID</td>
<td><input type="text" name="ID" rquired /></td>
</tr>
<tr>
<td>Gebruikersnaam</td>
<td><input type="text" name="Gebruikersnaam" required /></td>
</tr>
<tr>
<td>Wachtwoord</td>
<td><input type="text" name="Wachtwoord" required /></td>
</tr>
<tr>
<td>Email</td>
<td><input type="text" name="Email" required /></td>
</tr>
<tr>
<td><input type="submit" value="Updaten" /></td>
</tr>
</td>
</form>
</center>
</body>
</html>
<?php
}
?>
You need to check the value of the $_POST fields on the server side.您需要检查服务器端的 $_POST 字段的值。
$errs = false;
if ($_POST['ID'] == "") {
$errs = true;
echo "ID Field Missing";
}
if ($_POST['Gebruikersnaam'] == "") {
$errs = true;
echo "Gebruikersnaam Field Missing";
}
/* And so on... */
if (!$errs) {
//check connection
if ($connection->connect_error) {
die("Connection failed: " . $connection->connect_error);
}
$sql = "UPDATE gebruikers SET Gebruikersnaam='" . $_POST['Gebruikersnaam'] . "',
Wachtwoord='" . $_POST['Wachtwoord'] . "',
Email='" . $_POST['Email'] . "'
WHERE ID='" . $_POST['ID'] . "' ";
if ($connection->query($sql) === TRUE) {
echo "Record updated successfully";
include 'Opdracht1.php';
} else {
echo "Error updating record: " . $conn->error;
}
}
you can check if the POST values are empty or not:您可以检查 POST 值是否为空:
if(empty($_POST['Email'])
// Do something
There are other options like check the length of string, if the name is too short, maybe it is not acceptable.还有其他选项,例如检查字符串的长度,如果名称太短,可能无法接受。 Hope this help.
希望这有帮助。
You can use this logic你可以使用这个逻辑
if(isset($_POST['Email'])){
//post email is not empty! and you can insert in database!
if ($connection->query($sql) === TRUE) {
echo "Record updated successfully";
include 'Opdracht1.php';
} else {
echo "Error updating record: " . $conn->error;
}
}
Here is the (basic) logic to check against (not) empty fields.这是检查(非)空字段的(基本)逻辑。
Sidenote: See comments in code to process as desired.旁注:请参阅代码中的注释以根据需要进行处理。
if( !empty($_POST['ID'])
&& !empty($_POST['Gebruikersnaam'])
&& !empty($_POST['Wachtwoord'])
&& !empty($_POST['Email'])
)
{
// Execute the query
}
else {
// kill the process or do something else
}
If you only want to perform the UPDATE if only the email is empty, then simply do:如果您只想在电子邮件为空时执行 UPDATE,则只需执行以下操作:
if(!empty($_POST['Email'])) {
$sql = "UPDATE gebruikers ...
// Rest of your code
}
Consult the following on PHP's logical operators:有关 PHP 的逻辑运算符,请参阅以下内容:
and empty()
:和
empty()
:
Footnotes:脚注:
Your present code is open to SQL injection .您当前的代码对SQL 注入是开放的。 Use prepared statements , or PDO with prepared statements .
使用准备好的语句,或带有准备好的语句的PDO 。
Also on doing an UPDATE and to check if it truly was successful, use mysqli_affected_rows()
:同样在执行 UPDATE 并检查它是否真的成功时,请使用
mysqli_affected_rows()
:
as if ($connection->query($sql) === TRUE)
could give you a false positive. if ($connection->query($sql) === TRUE)
会给你一个误报。
You can also alter your column(s) to not accept NULL values.您还可以更改列以不接受 NULL 值。
Consult http://dev.mysql.com/doc/refman/5.7/en/working-with-null.html查阅http://dev.mysql.com/doc/refman/5.7/en/working-with-null.html
and making it/them as NOT NULL.并将其/它们设为 NOT NULL。
On an added note, this if ($_POST) {
could be changed to if(isset($_POST['submit'])){
and adding the submit
name attribute to your submit button.在附加说明中,此
if ($_POST) {
可以更改为if(isset($_POST['submit'])){
并将submit
名称属性添加到您的提交按钮。
<input type="submit" name="submit" value="Updaten" />
What I've done before is build my query into variables, then if a variable is empty it will skip that bit of the query.我之前所做的是将我的查询构建到变量中,然后如果变量为空,它将跳过查询的那一点。
For example例如
if($_POST['fielda']) {
$fieldasql = "fielda = '".$_POST['fielda']."',";
} else {
$fieldasql = "";
}
if($_POST['fieldb']) {
$fieldbsql = "fieldb = '".$_POST['fieldb']."',";
} else {
$fieldbsql = "";
}
then your query would be:那么您的查询将是:
$sql = "UPDATE gebruikers SET " . $fieldasql . " " . $fieldbsql;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.