[英]Inserting data into database with PHP
問題是:在將數據由filter_input過濾並保存到關聯數組之后,如何將用戶輸入的數據發送到數據庫。 我嘗試執行此操作的方式是,即使我使用過濾的,經過過濾的輸入填充了數組,也會收到錯誤消息,指出了filter_inputs數組的每個字段的未定義索引。 另外,如果有人知道替代方法或更好的方法,請告知。 有問題的數據庫是MariaDB mySQL方言。 一切都放置在啟動並運行的服務器上,並使用分配給該服務器的phpmyadmin。
<?php require_once("Filtering.php");
$filter = new Filtering();
$filter->connect();
if (isset($_POST['submit'])){
$filter->insertAll();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<body>
<div class="container-fluid">
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="POST" name="order" novalidate>
<fieldset>
<legend>Order Summary</legend>
<br>
<div class="row">
<div class="col-12 d-flex flex-row">
<div class="col-4">
<span><strong>Product Name</strong></span>
</div>
<div class="col-2 justify-content-center">
<span><strong>Quantity</strong></span>
</div>
<div class="col-3 justify-content-center">
<span><strong>Price</strong></span>
</div>
</div>
</div>
<br>
<div class="row">
<div class="col-12 d-flex flex-row">
<div class="col-4">
<span>Gigabyte GTX1060 G1 Gaming 3GB GDDR5</span>
</div>
<div class="col-2 justify-content-center">
<select class="form-control col-3" id="quantity">
</select>
</div>
<div class="col-3 justify-content-center">
<span id="price">$ 349.99</span>
</div>
</div>
</div>
</fieldset>
<br>
<fieldset>
<legend>Customer Information</legend>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-2">
<label class="col-form-label">First Name<span class="required">*</span></label>
</div>
<div class="col-auto">
<input class="form-control" placeholder="Enter your first name" type="text" name="firstName">
</div>
</div>
</div>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!$filter->filterFirstName()) {
echo "<div class='row'>
<div class='col-5'>
<small class='text-muted ml-3 warning'>! Field must not be empty.</small>
</div>
</div>";
}
}
?>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-2">
<label class="col-form-label">Last Name<span class="required">*</span></label>
</div>
<div class="col-auto">
<input class="form-control" placeholder="Enter your last name" type="text" name="lastName">
</div>
</div>
</div>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!$filter->filterLastName()) {
echo "<div class='row'>
<div class='col-5'>
<small class='text-muted ml-3 warning'>! Field must not be empty.</small>
</div>
</div>";
}
}
?>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-2">
<label class="col-form-label">E-mail<span class="required">*</span></label>
</div>
<div class="col-auto">
<input class="form-control" placeholder="Enter your e-mail" type="text" name="email">
</div>
</div>
</div>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!$filter->filterEmail()) {
echo "<div class='row'>
<div class='col-5'>
<small class='text-muted ml-3 warning'>! Field must not be empty.</small>
</div>
</div>";
}
}
?>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-2">
<label class="col-form-label">Number<span class="required">*</span></label>
</div>
<div class="col-auto">
<input class="form-control noButton" placeholder="Enter your number" type="number"
name="number">
</div>
</div>
</div>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!$filter->filterNumber()) {
echo "<div class='row'>
<div class='col-5'>
<small class='text-muted ml-3 warning'>! Field must not be empty.</small>
</div>
</div>";
}
}
?>
</fieldset>
<br>
<br>
<fieldset>
<legend>Payment Information</legend>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-3">
<label class="col-form-label">Card Number<span class="required">*</span></label>
</div>
<div class="col-auto">
<input class="form-control noButton" placeholder="xxxx-xxxx-xxxx-xxxx" type="number"
name="cardNum">
</div>
</div>
</div>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!$filter->filterCard()) {
echo "<div class='row'>
<div class='col-5'>
<small class='text-muted ml-3 warning'>! Field must not be empty. Must not be longer than 16 digits</small>
</div>
</div>";
}
}
?>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-3">
<label class="col-form-label">Expiration Date<span class="required">*</span></label>
</div>
<div class="col-2">
<input class="form-control" placeholder="MM/YY" type="text" name="expDate">
</div>
</div>
</div>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!$filter->filterExpDate()) {
echo "<div class='row'>
<div class='col-5'>
<small class='text-muted ml-3 warning'>! Field must not be empty. Enter a valid date format: 'MM/YY'</small>
</div>
</div>";
}
}
?>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-3">
<label class="col-form-label">Security Number<span class="required">*</span></label>
</div>
<div class="col-2">
<input class="form-control noButton" placeholder="xxxz" type="number" name="secNum">
</div>
</div>
</div>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!$filter->filterSecurityNum()) {
echo "<div class='row'>
<div class='col-5'>
<small class='text-muted ml-3 warning'>! Field must not be empty. Must be at most 4 digits long</small>
</div>
</div>";
}
}
?>
</fieldset>
<br>
<br>
<fieldset>
<legend>Delivery Information</legend>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<label class="form-check-label">
<strong>Delivery Option</strong>
</label>
</div>
</div>
<div class="row">
<div class="col-8 d-flex flex-row">
<label class="form-check-label">
<input class="form-check-input" type="radio" name="exampleRadios" id="exampleRadios1"
value="option1" checked>
Standard Delivery - Free of charge
</label>
</div>
<div class="col-8 d-flex flex-row">
<label class="form-check-label">
<input class="form-check-input" type="radio" name="exampleRadios" id="exampleRadios1"
value="option1">
Express Delivery - $ 5.99
</label>
</div>
</div>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-3">
<label class="col-form-label">Address Line 1<span class="required">*</span></label>
</div>
<div class="col-auto">
<input class="form-control" placeholder="Enter your address" type="text" name="address">
</div>
</div>
</div>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!$filter->filterAddress()) {
echo "<div class='row'>
<div class='col-5'>
<small class='text-muted ml-3 warning'>! Field must not be empty.</small>
</div>
</div>";
}
}
?>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-3">
<label class="col-form-label">Address Line 2</label>
</div>
<div class="col-auto">
<input class="form-control" placeholder="Optional" type="text" name="address2">
</div>
</div>
</div>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-3">
<label class="col-form-label">Country</label>
</div>
<div class="col-auto">
<input class="form-control" value="Croatia" type="text" name="country" disabled>
</div>
</div>
</div>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-3">
<label class="col-form-label">County</label>
</div>
<div class="col-auto">
<select class="custom-select" id="county">
</select>
</div>
</div>
</div>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-3">
<label class="col-form-label">City<span class="required">*</span></label>
</div>
<div class="col-auto">
<input class="form-control" placeholder="Enter your city" type="text" name="city">
</div>
</div>
</div>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!$filter->filterCity()) {
echo "<div class='row'>
<div class='col-5'>
<small class='text-muted ml-3 warning'>! Field must not be empty.</small>
</div>
</div>";
}
}
?>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-3">
<label class="col-form-label">Zipcode<span class="required">*</span></label>
</div>
<div class="col-auto">
<input class="form-control noButton" placeholder="Enter your zipcode" type="number" name="zip">
</div>
</div>
</div>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!$filter->filterZip()) {
echo "<div class='row'>
<div class='col-5'>
<small class='text-muted ml-3 warning'>! Field must not be empty. Must be at most 5 digits long</small>
</div>
</div>";
}
}
?>
<br>
<div class="col-auto">
<label class="custom-control custom-checkbox mb-2 mr-sm-2 mb-sm-0">
<input type="checkbox" class="custom-control-input">
<span class="custom-control-indicator"></span>
<span class="custom-control-description">Receive mails about news and special offers</span>
</label>
</div>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-auto">
<label class="col-form-label">Additional Information</label>
</div>
</div>
</div>
<div class="row">
<div class="col-8 d-flex flex-row">
<div class="col-5">
<textarea class="form-control" id="txtarea" rows="5" name="additionalInfo"></textarea>
</div>
</div>
</div>
<br>
<div class="row">
<div class="col-8 d-flex flex-row">
<input class="btn btn-primary col-2 ml-3" type="submit" name="submit" value="Submit">
</div>
</div>
</fieldset>
</form>
</div>
<script src="js/script.js"></script>
</body>
</html>
這是PHP類:(我使用相同的函數來過濾幾乎每個輸入字段,但是我刪除了它們,所以這里的代碼更少。基本上,每個過濾器方法都會向數組添加一個具有關聯名稱的新元素:firstName,lastName ,電子郵件等。)由於某種原因,當我嘗試插入應該將數據發送到數據庫的insertAll()時,數組似乎為空。
<?php
class Filtering {
public $filtered_inputs = array();
public $error = array();
var $tableName = "contact";
var $connection;
public function connect() {
$this->connection= mysqli_connect($this->DBHostName, $this->DBUserName, $this->DBPassword, $this->DBName);
if(!$this->connection) {
print("Failed to connect to DB");
die("Connection to database failed. " . mysqli_error($this->connection));
}
else {
print("Connected to DB");
}
}
public function filterFirstName() {
global $filtered_inputs;
global $error;
$check = false;
if (filter_has_var(INPUT_POST, 'firstName')) {
if (strlen($_POST['firstName']) == 0) {
$check = false;
} else {
$filtered_inputs['firstName'] = filter_input(INPUT_POST, 'firstName', FILTER_SANITIZE_STRING);
$check = true;
}
}
$error['firstName'] = $check;
return $check;
}
public function insertAll(){
var_dump($this->filtered_inputs);
$firstName = $this->filtered_inputs['firstName'];
$lastName = $this->filtered_inputs['lastName'];
$eMail = $this->filtered_inputs['email'];
$number = $this->filtered_inputs['number'];
$cardNum = $this->filtered_inputs['cardNum'];
$secNum = $this->filtered_inputs['secNum'];
$address = $this->filtered_inputs['address'];
$city = $this->filtered_inputs['city'];
$zip = $this->filtered_inputs['zip'];;
$query = "INSERT INTO contact (firstName, lastName, eMail, number, cardNum, secNum, address, city, zip) VALUES ($firstName, $lastName, $eMail, $number, $cardNum, $secNum, $address, $city, $zip);";
print(mysqli_error($this->connection));
}
}
有幾個問題(請參閱注釋),但是這里的主要問題是調用函數的順序。
各個過濾器函數都嵌入在表單本身中,因此在此行之后被調用:
$filter->insertAll();
因此,實際上數組仍然是空的,並且該函數正在嘗試插入空值。
您需要重新排列,以便在嘗試插入值之前調用各個函數。
您的第一個問題在這里:
class Filtering {
...
var $connection;
public function connect() {
$this->connection= mysqli_connect($this->DBHostName, $this->DBUserName, $this->DBPassword, $this->DBName);
您會看到$this->
表示正在此變量的當前類內部 ,因此Database連接正在尋找:
class Filtering {
var $connection = "something"; // var is optional and not really needed.
$DBHostName = "host";
$DBUserName = "user";
$DBPassword = "pass";
// Etc.
您尚未顯示已設置這些連接詳細信息,因此您的腳本將永遠不會連接到數據庫。
接下來,您將全局使用。 作為由tereško引用 ,這是不明智的使用global
的,你根本不需要在所有在此代碼。
您引用的是類中已經建立的值; 因此,只需使用神奇的$this->
功能調用它( 令人驚訝的是,我找不到專門針對$this
任何體面的參考資料 ),這樣您就不會破壞所有可用的東西,而是保持整潔。
例:
public function filterFirstName() {
$this->filtered_inputs['firstName'] = "something";
下一個; 您的問題與var_dump($this->filtered_inputs);
不輸出數據,您是在給變量賦任何值之前調用並轉儲該變量。
閱讀您的表單/ HTML代碼; 您正在調用$filter->insertAll();
在頁面的稍后部分之前 ,調用filterFirstName()
函數,該函數實際上將任何值保存到該變量中。
將表單提交到表單所來自的同一頁面是不好的形式; 如果我刷新頁面,則$_POST
ed數據將每次重新提交。 (此代碼庫還有很多其他問題)
另外,您似乎沒有任何代碼可以將數據發送到MySQL數據庫,也許您只是沒有顯示它,但是您確實具有SQL 字符串 ( $query
),但是應該使用該字符串進行指令:
$this->connection->query($query);
這是上面的一個非常基本的示例, 強烈建議您瀏覽和使用Prepared Statements 。
改進是持續不斷的努力,您的問題似乎是您正在為表單提供給PHP的每個輸入編寫hardcode
代碼。 報廢 這是重復的和浪費的。
public function processFilter() {
$check = false;
foreach($_POST as $key=>$value){
if (strlen($_POST[$key]) == 0 && $key == 'firstName') {
$check = false;
}
else {
$this->filtered_inputs[$key] = filter_input(INPUT_POST, $key, FILTER_SANITIZE_STRING);
$check = true;
}
}
unset($key,$value);
return $check;
}
可以進一步減少此代碼並提高效率,但是我想給您一個起點。 現在,此函數將用每個POST語句無縫填充->filtered_inputs
數組,並檢查firstName
鍵不是零長度的字符串。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.