stackoom
  简体   繁体   中英

mysql query executed even though fields are empty

 原文  2013-10-13 18:02:19       javascript/ php/ html/ mysql/ ajax

Question

I have created a simple tagging system for my schools websites for the students. Now the tagging system is working perfectly now i also have to save tags in a notifications table with respective article id to later notify the students which article they have been tagged in even that i managed to do. But now if by chance you want to remove the tags sometime realizing while typing the article you don't need to tag that person, then the first put tag also gets updated in the db.

//ajax code (attach.php) 

<?php
include('config.php');
if(isset($_POST))
{
$u=$_POST['v'];

mysql_query("INSERT INTO `notify` (`not_e`) VALUES ('$u')");
}

?>

// tagsystem js code 

<script type="text/javascript">
var id = '<?php echo $id ?>';
$(document).ready(function()
{

var start=/%/ig;
var word=/%(\w+)/ig;

$("#story").live("keyup",function() 
{
var content=$(this).text();
var go= content.match(start);
var name= content.match(word);
var dataString = 'searchword='+ name;

if(go.length>0)
{
$("#msgbox").slideDown('show');
$("#display").slideUp('show');
$("#msgbox").html("Type the name of someone or something...");
if(name.length>0)

{
$.ajax({
type: "POST",
url: "boxsearch.php",
data: dataString,
cache: false,
success: function(html)
{
$("#msgbox").hide();
$("#display").html(html).show();
}
});

}
}
return false();
});

$(".addname").live("click",function() 
{
var username=$(this).attr('title');
$.ajax({
type: "POST",
url: "attach.php",
data: {'v': username},
});
var old=$("#story").html();
var content=old.replace(word,""); 
$("#story").html(content);
var E="<a class='blue' contenteditable='false' href='profile2.php?id="+username+"'>"+username+"</a>";
$("#story").append(E);
$("#display").hide(); 
$("#msgbox").hide();
$("#story").focus();
});
});
</script>

2 answers

solution1
 0  2013-10-13 18:14:29

Looks like your problem appears on the if statement in php code: even though $_POST['v'] is empty and the sql still get excuted.

There is the quote from another thread:

" Use !empty instead of isset. isset return true for $_POST because $_POST array is superglobal and always exists (set).

Or better use $_SERVER['REQUEST_METHOD'] == 'POST' "

Or in my opinion. Just put 

if ($_POST['v']){
    //sql query
}

Hope it helps;)

solution2
 0  2013-10-14 10:03:30

 <?php
include('config.php');

 $u = $_POST["v"];

 //echo $a;


  if($u != '')
   {

    mysql_query("your insert query");
  }
   else
       {
       }



 ?>

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question FORM won't submit even though input fields are not empty Instance is executed even though not invoked '$set' is empty even though it's not Function keyup executed even though its not called Submit button calls the javascript function even though the fields are empty and not followed the pattern Parse.com Query is empty even though I have data on the server findindex return -1 Even though the array is not empty IMPORTXML(): Empty content even though xpath works JavaScript says array is empty even though there are strings in it jqGrid is empty, even though pager shows results
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM