[英]Is there a way to make selection form don't do anything when it's empty?
我正在尝试制作一个提交给数据库的选择表单,但问题是当未选择选择时,它仍会将空值提交给数据库。 当单击提交按钮或重新加载页面时空白选择表单为空时,有没有办法忽略它?
这是我一直在研究的代码
<?php
//DB Connection
$mysqli = new MySQLi('localhost','root','','mrbs');
$resultSet = $mysqli->query("SELECT * FROM mrbs_users");
//White board Current PIC
$wb_current_pic = $mysqli->query("SELECT * FROM mrbs_room_pic WHERE id='1'");
$wb_search_pic = $wb_current_pic->fetch_assoc();
$wb_pic = $wb_search_pic['name'];
?>
<form action="" method="post">
<div>
White Board (Current PIC : <?php echo("$wb_pic");?>)
<div>
<select name="white_board">
<?php
//echo "<option value=''>--set---</option>";
echo "<option value='' disabled selected>---set---</option>";
while($rows = $resultSet->fetch_assoc()){
$username = $rows['name'];
$user_email = $rows['email'];
echo "<option value='$user_email $username'>$username</option>";
}
?>
</select><br>
</div>
</div>
<input type="submit" name="button" value="Submit"/>
</form>
<?php
$wb_str = $_POST['white_board'];
//string processing
$wb_arr = explode(" ",$wb_str);
$wb_pic_email = $wb_arr['0'];
$wb_pic_name = $wb_arr['1'];
echo '<b>The PIC Adresses:</b>' .'<br>' .
$wb_pic_email . " " .$wb_pic_name .'<br>';
//UPDATE DB
$ex_query_wb = "UPDATE mrbs_room_pic SET name = '$wb_pic_name', email = '$wb_pic_email' WHERE id ='1'";
mysqli_query($mysqli,$ex_query_wb);
?>
根据代码,我做错了什么吗? 或者有没有更好的方法来做到这一点?
您应该将数据库查询包装在检查字符串不为空的子句中,例如
// Use trim to remove any whitespace
if (trim($_POST['white_board']) === '') {
// Tell the user to check their data
} else {
// Do query...
}
在相关说明中,我还建议查看清理和验证用户输入,并考虑使用PDO而不是 mysqli_query,因为它可以更好地防止 SQL 注入。 您的查询极易受到攻击。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.