[英]PHP - inserting record to mysql from form
該表未將所有數據寫入其中,但應插入數據:
members_posts
`screenname` varchar(255) DEFAULT NULL,
`id` int(11) NOT NULL AUTO_INCREMENT,
`images_id` int(11) DEFAULT NULL,
`item` varchar(25) DEFAULT NULL,
`noi` varchar(124) DEFAULT NULL,
`notes` varchar(255) DEFAULT NULL,
`posted` timestamp DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
KEY `screenname_idx` (`screenname`),
CONSTRAINT `screenname_posts` FOREIGN KEY (`screenname`) REFERENCES `members` (`screenname`) ON DELETE NO ACTION ON UPDATE NO ACTION)
當我嘗試打開postitem.php頁面時,它會加載頁面,但是已經在輸入任何數據之前插入了ID,NOTES和POSTED字段。
這是postitem.php表單:
<?php
// Connection data to the database
require("/config/common.php");
// Check to see whether the screen name is already in use.
$query = "SELECT 1 FROM members WHERE screenname = :screenname";
$query_params = array(
':screenname' => $_POST['screenname']);
try
{
// These two statements run the query against your database table.
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("This screen name is already in use");
}
$query = "INSERT INTO members_posts (screenname, item, noi, notes)
VALUES (:screenname, :item, :noi, :notes)";
$query_params = array(
':screenname' => $_POST['screenname'], ':item' => $_POST[$item], ':noi' => $_POST[$noi], ':notes' => $_POST['notes']);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
// Redirects the member back to the member's account page after posting an item.
//header("Location: myacct.php");
//die("Redirecting to myacct.php");
?>
<br />
<br />
<table align="center">
<th><h1>Post Item</h1></th>
<form enctype="multipart/form-data" action="postitem.php" method="post">
<tr><td>Screen Name:</td><td><b><?php echo htmlentities($_SESSION['user'] ['screenname'], ENT_QUOTES, 'UTF-8'); ?></b></td></tr>
<tr><td>Item:</td><td><select name="item">
<option VALUE='opt1'>Option 1</option>
<option VALUE='opt2'>Option 2</option>
<option VALUE='opt3'>Option 3/Computer</option>
</select></td></tr>
<tr><td>Name of item:</td><td><input type="text" name="noi" value="" /></td></tr>
<tr><td>Notes:</td><td><input type="text" name="notes" value="" /></td></tr>
<tr><td><input type="submit" src="/images/postit.png" value="Upload It" /></td></tr>
</form>
</table>
</body>
</html>
在此先感謝您提供的任何幫助!
PS:我確實將重定向到myacct.php只是為了進行測試,以使postitem頁面保持打開狀態,以便進行故障排除。
您應該始終檢查用戶是否首先提交表單,然后才能進行數據庫查詢,如下所示:
<?php
if(isset($_POST['submit_form']))
{
// Connection data to the database
require("/config/common.php");
// Check to see whether the screen name is already in use.
$query = "SELECT 1 FROM members WHERE screenname = :screenname";
$query_params = array(
':screenname' => $_POST['screenname']);
try
{
// These two statements run the query against your database table.
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("This screen name is already in use");
}
$query = "INSERT INTO members_posts (screenname, item, noi, notes)
VALUES (:screenname, :item, :noi, :notes)";
$query_params = array(
':screenname' => $_POST['screenname'], ':item' => $_POST['item'], ':noi' => $_POST['noi'], ':notes' => $_POST['notes']);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
// Redirects the member back to the member's account page after posting an item.
//header("Location: myacct.php");
//die("Redirecting to myacct.php");
}
?>
<br />
<br />
<table align="center">
<th><h1>Post Item</h1></th>
<form enctype="multipart/form-data" action="postitem.php" method="post">
<tr><td>Screen Name:</td><td><b><?php echo htmlentities($_SESSION['user'] ['screenname'], ENT_QUOTES, 'UTF-8'); ?></b></td></tr>
<tr><td>Item:</td><td><select name="item">
<option VALUE='opt1'>Option 1</option>
<option VALUE='opt2'>Option 2</option>
<option VALUE='opt3'>Option 3/Computer</option>
</select></td></tr>
<tr><td>Name of item:</td><td><input type="text" name="noi" value="" /></td></tr>
<tr><td>Notes:</td><td><input type="text" name="notes" value="" /></td></tr>
<tr><td><input type="submit" src="/images/postit.png" value="Upload It" name="submit_form" /></td></tr>
</form>
</table>
</body>
</html>
請注意,已在提交輸入標簽中添加了名稱屬性
將整個插入腳本放在一個
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// SQL-commands here
}
除此之外,您可能還需要檢查用戶是否輸入了有效的(非空)屏幕名稱等。
首先給您的“提交”按鈕命名(在本例中為“ submit”),然后查看_POST數組是否檢查了按鈕的名稱。
這里的代碼:
<?php
// Connection data to the database
require("/config/common.php");
if($_POST['submit']){
// Check to see whether the screen name is already in use.
$query = "SELECT 1 FROM members WHERE screenname = :screenname";
$query_params = array(
':screenname' => $_POST['screenname']);
try
{
// These two statements run the query against your database table.
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("This screen name is already in use");
}
$query = "INSERT INTO members_posts (screenname, item, noi, notes)
VALUES (:screenname, :item, :noi, :notes)";
$query_params = array(
':screenname' => $_POST['screenname'], ':item' => $_POST[$item], ':noi' => $_POST[$noi], ':notes' => $_POST['notes']);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
// Redirects the member back to the member's account page after posting an item.
//header("Location: myacct.php");
//die("Redirecting to myacct.php");
}
?>
<br />
<br />
<table align="center">
<th><h1>Post Item</h1></th>
<form enctype="multipart/form-data" action="postitem.php" method="post">
<tr><td>Screen Name:</td><td><b><?php echo htmlentities($_SESSION['user'] ['screenname'], ENT_QUOTES, 'UTF-8'); ?></b></td></tr>
<tr><td>Item:</td><td><select name="item">
<option VALUE='opt1'>Option 1</option>
<option VALUE='opt2'>Option 2</option>
<option VALUE='opt3'>Option 3/Computer</option>
</select></td></tr>
<tr><td>Name of item:</td><td><input type="text" name="noi" value="" /></td></tr>
<tr><td>Notes:</td><td><input type="text" name="notes" value="" /></td></tr>
<tr><td><input type="submit" name='submit' src="/images/postit.png" value="Upload It" /></td></tr>
</form>
</table>
</body>
</html>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.