堆栈内存溢出
  繁体   English   中英

PHP:即使未单击“提交”按钮,变量也会显示值

[英]PHP: Variable showing value, even when submit button hasn't been clicked

 原文  2016-07-28 12:18:26       php/ mysql

问题描述

方案是必须搜索代码,如果代码存在,结果将从MySQL DB中出现,否则显示一条消息“对不起,但未找到结果”。 也许重新输入您的EVR编号:或再次检查您的输入。”

但是,甚至在进行搜索之前,错误消息已经显示。

我究竟做错了什么? 

<?php
    $no_results = NULL;
    $query = (isset($_POST['query']) ? $_POST['query'] : null);

    $raw_results = mysql_query("SELECT * FROM evrdata WHERE evr_no = '$query'") or die(mysql_error());

    if(mysql_num_rows($raw_results) > 0){ // if one or more rows are returned do following

        while($results = mysql_fetch_array($raw_results)){            
          $evr_no ='<br/>EVR No. :  '.'<b>'.$results['evr_no'].'</b>';
          $surname ='<br/>Surname :  '.'<b>'.$results['surname'].'</b>';
          $othername ='<br/>First Names :  '.'<b>'.$results['othername'].'</b>';
          $ps_code ='<br/>PS Code :  '.'<b>'.$results['ps_code'].'</b>';

        }
    }
    else { // if there is no matching rows do following
        $no_results = '<br/>Sorry, but there were no results found. Perhaps re-enter your EVR No.: or double check your entry.</b>';        
    }

?>

并在同一文件中以HTML形式显示结果: 

<form action="index.php" method="POST" class="search">
       <div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
            <div class="form-group">
                <input type="text" name="query" class="form-control" placeholder="Enter Your EVR No." required/>
                 <button type="submit" id="form-submit" value="Search" class="btn-submit btn btn-big dark-blue-bordered-btn">Submit</button>
            </div>
        </div>
        <div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
            <?php 
                 if($no_results!="") // Two times Doule Quotation marks that is, and != means "not equal to". So we mean to say if $code is not equal to empty
                 {
                     echo $no_results;
                 }
                 else { echo " "; }

我尝试过isset(),empty(),但即使未进行搜索,仍然会显示错误消息。

我想念什么?

3 个解决方案

解决方案1
 0 已采纳  2016-07-28 12:25:04

它很粗糙,但是可以。 原因是加载页面时,您的搜索框为空,并且正在执行查询,其中NULL返回0行。 

<?php
$no_results = NULL;
$query = (isset($_POST['query']) ? $_POST['query'] : null);

if ($query) {
     $raw_results = mysql_query("SELECT * FROM evrdata WHERE evr_no = '$query'") or die(mysql_error());

     if(mysql_num_rows($raw_results) > 0){ // if one or more rows are returned do following

     while($results = mysql_fetch_array($raw_results)){            
      $evr_no ='<br/>EVR No. :  '.'<b>'.$results['evr_no'].'</b>';
      $surname ='<br/>Surname :  '.'<b>'.$results['surname'].'</b>';
      $othername ='<br/>First Names :  '.'<b>'.$results['othername'].'</b>';
      $ps_code ='<br/>PS Code :  '.'<b>'.$results['ps_code'].'</b>';

    }
  }
  else{ // if there is no matching rows do following
    $no_results = '<br/>Sorry, but there were no results found. Perhaps re-enter your EVR No.: or double check your entry.</b>';        
}
}

?>

解决方案2
 0  2016-07-28 12:25:31

<?php
$no_results = NULL;
if (isset($_POST['query']) && strlen($_POST['query']) > 0) {
$query = (isset($_POST['query']) ? $_POST['query'] : null);

$raw_results = mysql_query("SELECT * FROM evrdata WHERE evr_no = '$query'") or die(mysql_error());

if(mysql_num_rows($raw_results) > 0){ // if one or more rows are returned do following

    while($results = mysql_fetch_array($raw_results)){            
      $evr_no ='<br/>EVR No. :  '.'<b>'.$results['evr_no'].'</b>';
      $surname ='<br/>Surname :  '.'<b>'.$results['surname'].'</b>';
      $othername ='<br/>First Names :  '.'<b>'.$results['othername'].'</b>';
      $ps_code ='<br/>PS Code :  '.'<b>'.$results['ps_code'].'</b>';

    }
}
else{ // if there is no matching rows do following
    $no_results = '<br/>Sorry, but there were no results found. Perhaps re-enter your EVR No.: or double check your entry.</b>';        
}
} else {
     //no query value
}

?>

解决方案3
 0  2016-07-28 12:26:56

<?php
if(isset($_POST['query'])) {
$no_results = '';
$query = mysql_real_escape_string($_POST['query']);//added some security

    $raw_results = mysql_query("SELECT * FROM evrdata WHERE evr_no = '$query'") or die(mysql_error());

    if(mysql_num_rows($raw_results) > 0){ // if one or more rows are returned do following

        while($results = mysql_fetch_array($raw_results)){            
          $evr_no ='<br/>EVR No. :  '.'<b>'.$results['evr_no'].'</b>';
          $surname ='<br/>Surname :  '.'<b>'.$results['surname'].'</b>';
          $othername ='<br/>First Names :  '.'<b>'.$results['othername'].'</b>';
          $ps_code ='<br/>PS Code :  '.'<b>'.$results['ps_code'].'</b>';

        }
    }
    else{ // if there is no matching rows do following
        $no_results = '<br/>Sorry, but there were no results found. Perhaps re-enter your EVR No.: or double check your entry.</b>';        
    }
}
?>

这应该是最好的选择...停止使用mysql_ *函数,请使用PDO或MySQLi。 您的代码对sql-injection很脆弱

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如果单击提交按钮,则在PHP代码中更新变量的值 当尚未在任何地方使用PHP时,为什么PHP会假定此变量为字符串? 单击提交按钮时隐藏隐藏的输入值(php / jquery) 单击类型提交按钮时如何传递隐藏值? PHP 单击提交按钮时,php会话无法与表单一起使用 如何检查PHP中是否已单击提交按钮 单击提交按钮时的PHP排序表 单击提交按钮时,PHP 会话结束 当值是变量时,php获取提交按钮的值 单击提交按钮时如何传递被单击按钮的值?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM