gpt4 book ai didi

php 编辑/添加新内容使用数据库中的 POST/GET 进行混淆

转载 作者:行者123 更新时间:2023-11-30 00:15:14 28 4
gpt4 key购买 nike

为了获得创建网站后端的帮助,我正在遵循本教程 -> http://www.killersites.com/community/index.php?/topic/3064-basic-php-system-view-edit-add-delete-records-with-mysqli/但我的编辑按钮无法正常工作;相反,当用户在现有行上单击它,重定向到更新表单并输入值时,新行将添加到表中,而不是编辑现有行。

我在同一个文件中编辑/添加 php 代码,如下所示:

<?php
/*
Allows the user to both create new records and edit existing records
*/

//connect to database
include ("newDBconn.php");

//creates the new/edit record form, with a function that makes it easily reusable since this form is used multiple times

function renderForm($first= '', $last='', $error = '', $groomingid = '')
{ ?>

<html>
<head>
<link href="adminnewstyle.css" rel="stylesheet" type="text/css" />

<title>
<h1><?php if ($groomingid != '') { echo "Edit Appointment"; }
else
{
echo "New Record"; }?>
</h1>
</title>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
</head>
<body>
<h1><?php if ($groomingid != '') { echo "Edit Appointment"; } else { echo "New Record"; } ?> </h1>

<?php if ($error !='') {
echo "<div style='padding:4px; border:1px solid red; color:red'>" . $error
."</div>";
} ?>

<form action="" method="post">
<div>
<?php if ($groomingid != '') { ?>
<input type="hidden" name="GroomingID" value="<?php echo $groomingid; ?>" />
<p>ID: <?php echo $GroomingID; ?> </p>
<?php } ?>

<strong>First Name: *</strong> <input type="text"
name="FirstName" value="<?php echo $first; ?>" />
<br />
<strong>Last Name: *</strong> <input type="text" name="LastName" value="<?php echo $last; ?>"/>
<p>*required</p>
<input type="submit" name="submit" value="Submit"/>
</div>
</form>
</body>
</html>
<?php }

/*
Edit Record

*/
//if the 'id' variable is set in the URL, we know that we need to edit a record
if (isset($_GET['GroomingID']))
{
//if the form's submit button is clicked, we need to process the form
if (isset($_POST['submit']))
{
//make sure the 'id' in the URL is valid
if (is_numeric($_POST['GroomingID']))
{
//get variables from the URL/form
$groomingid = $_POST['GroomingID'];
$firstname = htmlentities($_POST['FirstName'], ENT_QUOTES);
$lastname = htmlentities($_POST['LastName'], ENT_QUOTES);

//check that firstname and lastname are both not empty
if ($firstname == '' || $lastname == '')
{
//if they are empty, show an error message and display the form

$error = 'ERROR: Please fill in all required fields!';
renderForm($firstname, $lastname, $error, $groomingid);
}
else
{
//if everything is fine, update the record in the database
if($stmt = $mysqli->prepare("UPDATE grooming SET FirstName = ?, LastName = ? WHERE GroomingID=?"))
{
$stmt->bind_param("ssi", $firstname, $lastname, $groomingid);
$stmt->execute();
$stmt->close();
}
//show an error message if the query encounters an error
else
{
echo "Error: could not prepare sql statement.";
}

//redirect the user once the form is updated
header("Location: PS_Manage_Appnts.php");
exit();
}
}
//if the 'id' variable isn't valid, show error message
else
{
echo "Error";
}
}
//if the form hasn't been submitted yet, get the info from the database and show the form
else
{
//make sure the 'id' value is valid
if (is_numeric($_GET['GroomingID']) && $_GET['GroomingID'] > 0)
{
//get 'id' from URL
$id = $_GET['GroomingID'];

//get the record from the database
if($stmt = $mysqli->prepare("SELECT * FROM grooming WHERE GroomingID=?"))
{
$stmt->bind_param("i", $groomingid);
$stmt->execute();

$stmt->bind_result($groomingid, $firstname, $lastname);
$stmt->fetch();

//show the form
renderForm($firstname, $lastname, NULL, $groomingid);

$stmt->close();
}

//show an error if the query has an error
else
{
echo "Error: could not prepare SQL statement.";
}
}
//if the 'id' value is not valid, redirect the user back to the PS_Manage_Appnts.php page

else
{
header("location:PS_Manage_Appnts.php");
exit();
}
}
}

/* NEW RECORD

*/
//if the 'id' variable is not set in the URL, we must be creating a new record
else
{
//if the form's submit button is clicked, we need to process the form
if (isset($_POST['submit']))
{
//get the form data
$firstname = htmlentities($_POST['FirstName'], ENT_QUOTES);
$lastname = htmlentities($_POST['LastName'], ENT_QUOTES);

//check that firstname and lastname are both not empty
if ($firstname == '' || $lastname == '')
{
//if they are empty, show an error message and display the form

$error = 'ERROR: Please fill in all required fields!';
renderForm($firstname, $lastname, $error);
}
else
{
//insert the new record into the database
if($stmt = $mysqli->prepare("INSERT grooming (FirstName, LastName) VALUES (?, ?)"))
{
$stmt->bind_param("ss", $firstname, $lastname);
$stmt->execute();
$stmt->close();
}
//show an error if the query has an error
else
{
echo "Error: could not prepare sql statement.";
}

//redirect the user
header ("location:PS_Manage_Appnts.php");
exit();

}

}
//if the form hasn't been submitted yet, show the form
else
{
renderForm();
}
}
//close the connection
$mysqli->close();
?>

我想知道这种混淆是否与同一页面中的代码有关,或者我是否只是混淆了在何处使用 $_Get 和 $Post (或完全是其他东西)。我已经检查了一遍又一遍地检查了教程中的代码,浏览了 stackoverflow 来寻找类似的答案和提示,但到目前为止我还是一无所获。我究竟做错了什么?

最佳答案

您的问题在这里:

if (isset($_GET['GroomingID']))
{
//if the form's submit button is clicked, we need to process the form
if (isset($_POST['submit']))
{

当您的表单发布到同一页面时 - 无需添加查询变量 GroomingID - 当您发布已编辑的表单时,第一个条件的计算结果为 false。

您应该检查 POST 或 GET:

if (isset($_GET['GroomingID']) || isset($_POST['GroomingID']))

或者:

if (isset($_REQUEST['GroomingID']))    // assuming there are no cookies with the same name

关于php 编辑/添加新内容使用数据库中的 POST/GET 进行混淆,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23704742/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com