如何针对特定数据执行 if/else 语句

Question

Hi im trying to learn vanilla PHP with PDO to load and edit mySQL database, I am trying to create an example of a form validation where a student selects which module they want and a lab session afterwards followed by their name and email. Hi im trying to learn vanilla PHP with PDO to load and edit mySQL database, I am trying to create an example of a form validation where a student selects which module they want and a lab session afterwards followed by their name and email.

I want to include a capacity to the form so if so many students choose lab session 2 and lab session 2 has a max capacity of 3 students, for example.我想在表格中包含一个容量，例如，如果有这么多学生选择实验室 session 2 和实验室 session 2 的最大容量为 3 名学生。 Then that lab session is fully booked and the student cant sign up to the session if they do they get an error message to say the session is fully booked.然后，该实验室 session 已订满，学生无法注册 session，如果他们这样做，他们会收到一条错误消息，指出 session 已订满。

I attemped to do this and it seemed bad and messy, it also didnt work as eventhough it gave the error message to say the session is fully booked, it still inserts the data into mysql.我试图这样做，它看起来很糟糕而且很乱，它也没有工作，因为即使它给出了错误消息说 session 已完全预订，它仍然将数据插入 mysql。

Part of my code below:我的部分代码如下：

if (isset($_POST['submit'])){
              if(filter_var($_POST['email'],FILTER_VALIDATE_EMAIL)){
                    $module=$_POST['MODCOD'];//drop down menu
                    $lab=$_POST['LabTime'];//drop down menu student selects session they want
                    $first=$_POST['firstName'];//enter manually
                    $last=$_POST['lastName'];
                    $email=$_POST['email'];
                    
                    echo '<p> user registered</p>';
                    echo "<h2>Lab booking table </h2>\n";
                    $checkLab517 =$pdo->query("select count(*) from meetings WHERE Lab='11:00, Lab 2'") ->fetchColumn();
                    $checkLab518 =$pdo->query("select count(*) from meetings WHERE Lab='11:00, Lab 3'") ->fetchColumn();
                    }
                }  
                else{
                    echo 'Invalid';
                }

            
            if($checkLab517==3){
                    echo 'COMP517:<br>';
                    echo '11:00, Lab 2','<font color="red"> FULLY BOOKED</font><br>';
                }
            if($checkLab518==2){
                echo 'COMP518:<br>';
                echo '11:00, Lab 3','<font color="red"> FULLY BOOKED</font>';
            }
            else{
                $sql = "INSERT INTO meetings (Module, Lab, Email,firstName,lastName)
                    VALUES ('$module', '$lab', '$email','$first','$last')";
                    $pdo->exec($sql);
            }

Any help would be appreciated thanks for your time任何帮助将不胜感激感谢您的时间

Answer 1

Even though you are right by your own admission that your code is messy, thats OK - we all have to start somewhere!即使你自己承认你的代码很混乱是对的，没关系——我们都必须从某个地方开始！

You just need to chain your if/else conditions together.您只需要将 if/else 条件链接在一起。 When this is not in place and $checkLab517 == 3 the insert will always be executed.当这不合适并且$checkLab517 == 3将始终执行插入。

Change this...改变这个...

if($checkLab517==3){
    echo 'COMP517:<br>';
    echo '11:00, Lab 2','<font color="red"> FULLY BOOKED</font><br>';
}
if($checkLab518==2){
    echo 'COMP518:<br>';
    echo '11:00, Lab 3','<font color="red"> FULLY BOOKED</font>';
} else {
    $sql = "INSERT INTO meetings (Module, Lab, Email,firstName,lastName)
        VALUES ('$module', '$lab', '$email','$first','$last')";
    $pdo->exec($sql);
}

To this...对此...

if($checkLab517==3){
    echo 'COMP517:<br>';
    echo '11:00, Lab 2','<font color="red"> FULLY BOOKED</font><br>';
} elseif($checkLab518==2){ // This is where the magic happens!
    echo 'COMP518:<br>';
    echo '11:00, Lab 3','<font color="red"> FULLY BOOKED</font>';
} else {
    $sql = "INSERT INTO meetings (Module, Lab, Email,firstName,lastName)
        VALUES ('$module', '$lab', '$email','$first','$last')";
    $pdo->exec($sql);
}

ps your code is very vulernable to an attack called a SQL injection which you should definitely look at preventing. ps 您的代码很容易受到称为 SQL 注入的攻击，您绝对应该注意防止这种攻击。 Do a search on how to prevent SQL injection with PHP here on StackOverflow.在 StackOverflow 上搜索如何使用 PHP 防止 SQL 注入。

Answer 2

Using prepared statements will protect your data.使用准备好的语句将保护您的数据。 A single quote will come up in data more than you think.数据中出现的单引号比您想象的要多。

User imputed and computer calculated.用户估算和计算机计算。

I assume you also want to add an exit;我假设您还想添加一个出口； after the invalid message to stop it from trying to book the room.在无效消息之后阻止它尝试预订房间。

if($checkLab517==3){
    echo 'COMP517:<br>';
    echo '11:00, Lab 2','<font color="red"> FULLY BOOKED</font><br>';
}else {
  bookLabSpot($module, $lab, $email, $first, $last);
}
if($checkLab518==2){
    echo 'COMP518:<br>';
    echo '11:00, Lab 3','<font color="red"> FULLY BOOKED</font>';
} else {
  bookLabSpot($module, $lab, $email, $first, $last);
}
function bookLabSpot($iModule, $iLab, $iEmail, $iFirst, $iLast){
  global $pdo;
  $stmt = $pdo->prepare('INSERT INTO meetings (Module, Lab, Email,firstName,lastName)
        VALUES (:module, :lab, :email, :first, :last)');
  $pdo->execute([
    ':module'=>$iModule,
    ':lab'=>$iLab,
    ':email'=>$iEmail,
    ':first'=>$iFirst,
    ':idxid'=>$iLast,
  ]);
}

I have not compiled this so there may be syntax errors.我没有编译这个，所以可能有语法错误。

如何针对特定数据执行 if/else 语句

问题描述

2 个解决方案

解决方案1
0 2020-12-17 15:45:25

解决方案2
0 2020-12-17 16:01:54

如何针对特定数据执行 if/else 语句

问题描述

2 个解决方案

解决方案1 0 2020-12-17 15:45:25

解决方案2 0 2020-12-17 16:01:54

解决方案1
0 2020-12-17 15:45:25

解决方案2
0 2020-12-17 16:01:54