在黑暗中:PHP Flash buggy代码

时间:2013-12-22 10:31:01

标签: php mysql flash

我希望有人可以帮助我。做完这项工作的自由职业者在付款后就消失了,我在php上的表现还不够理解。

安装程序是一个flash文件,它有52个文本字段,它们将请求发送到将其插入数据库表的php文件。这些字段由/&& /分隔在url请求中,如下所示:

原始网址:

process=insert
&id=%2D1
&table=import&
fields=10%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2Ffileref456123%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2F%2F%26%26%2Fopen%2F%26%26%2Fnada%2F%26%26%2F

格式化的网址,以便更好地理解:

&process=insert
&id=%2D1
&table=import
&fields=10/&&//&&//&&//&&//&&/fileref456123/&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&//&&/open/&&/nada/&&/

现在php文件非常大,但现在重要的部分是插入部分,它会一直运行,直到删除记录,然后再重新插入新数据。

正确的if循环在这里:

else if($_REQUEST['process']=="insert"){

    $result = mysqli_query($con,"SELECT MAX( id ) AS max FROM ".$table);

     while($row = mysqli_fetch_array($result))    {
        $largestNumber = intval(strval($row['max']))+1;
    }
    $pieces = explode("/&&/", $_REQUEST['fields']);
    $sql="INSERT INTO ".$table." VALUES (".$largestNumber.",'";

    for( $i=1;$i<=52;$i++){
        $sql = $sql.$pieces[$i];
        if($i<52){
            $sql = $sql."','";
        }else{
            $sql = $sql."');";
        }
    }

    $result = mysqli_query($con,$sql);
    echo "id=".$largestNumber;

}

如果有人可以提供帮助,再次表示感谢,非常感谢。

如果你需要整个php页面,那就是:

<?php
$fileStatus=$_REQUEST['fileStatus'];
if($_REQUEST['table']=="import"){
    $table="importFilesData";
}else{
    $table="exportFilesData";
}
$con=mysqli_connect("zzzzz","zzzzzz","zzzzz","zzzzzzzz");

// Check connection
if (mysqli_connect_errno())  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
 if($_REQUEST['process']=="getAll"){
    $result = mysqli_query($con,"SELECT * FROM ".$table ." WHERE FileStatus='".$fileStatus."'");
 $i=0;
    while($row = mysqli_fetch_array($result)) {

    if($i>0){
        echo "&";
    }
        echo "id$i=".$row['id']."&"  ;
        echo "OpeningDate$i=".$row['OpeningDate']."&"  ;
        echo "FileRef$i=".$row['FileRef']."&"  ;
        echo "ProductLine$i=".$row['ProductLine']."&"  ;
        echo "ModeofTransport$i=".$row['ModeofTransport']."&"  ;
        echo "ImportFileRef$i=".$row['ImportFileRef']."&"  ;
        echo "JDETransferorPO$i=".$row['JDETransferorPO']."&"  ;
        echo "LocalPO$i=".$row['LocalPO']."&"  ;
        echo "AFE$i=".$row['AFE']."&"  ;
        echo "PL$i=".$row['PL']."&"  ;
        echo "Description$i=".$row['Description']."&"  ;
        echo "CommercialInvoice$i=".$row['CommercialInvoice']."&"  ;
        echo "CIValue$i=".$row['CIValue']."&"  ;
        echo "FreightCost$i=".$row['FreightCost']."&"  ;
        echo "Packages$i=".$row['Packages']."&"  ;
        echo "Weight$i=".$row['Weight']."&"  ;
        echo "Origin$i=".$row['Origin']."&"  ;
        echo "DI$i=".$row['DI']."&"  ;
        echo "DIDate$i=".$row['DIDate']."&"  ;
        echo "CotecnaRef$i=".$row['CotecnaRef']."&"  ;
        echo "AV$i=".$row['AV']."&"  ;
        echo "AVDate$i=".$row['AVDate']."&"  ;
        echo "AWB_BL$i=".$row['AWB_BL']."&"  ;
        echo "Flight_Vessel$i=".$row['Flight_Vessel']."&"  ;
        echo "ETD$i=".$row['ETD']."&"  ;
        echo "ETA$i=".$row['ETA']."&"  ;
        echo "ClearingAgent$i=".$row['ClearingAgent']."&"  ;
        echo "AgentFileRef$i=".$row['AgentFileRef']."&"  ;
        echo "AgentWorkOrder$i=".$row['AgentWorkOrder']."&"  ;
        echo "AgentWorkOrderDate$i=".$row['AgentWorkOrderDate']."&"  ;
        echo "DateoftransofDocstoclearingagent$i=".$row['DateoftransofDocstoclearingagent']."&"  ;
        echo "AgentDeliveryTicket$i=".$row['AgentDeliveryTicket']."&"  ;
        echo "AgentDeliveryDate$i=".$row['AgentDeliveryDate']."&"  ;
        echo "AgentInvoice$i=".$row['AgentInvoice']."&"  ;
        echo "AgentInvoiceValue$i=".$row['AgentInvoiceValue']."&"  ;
        echo "ContractRef$i=".$row['ContractRef']."&"  ;
        echo "LetterofRequestforAttestationDate$i=".$row['LetterofRequestforAttestationDate']."&"  ;
        echo "Attestation$i=".$row['Attestation']."&"  ;
        echo "AttestationDate$i=".$row['AttestationDate']."&"  ;
        echo "IM9DEA$i=".$row['IM9DEA']."&"  ;
        echo "IM9DEADate$i=".$row['IM9DEADate']."&"  ;
        echo "CustomsClearanceForm$i=".$row['CustomsClearanceForm']."&"  ;
        echo "CustomsClearanceFormRef$i=".$row['CustomsClearanceFormRef']."&"  ;
        echo "CustomsClearanceFormDate$i=".$row['CustomsClearanceFormDate']."&"  ;
        echo "CustomsDutyValue$i=".$row['CustomsDutyValue']."&"  ;
        echo "DateofPayment$i=".$row['DateofPayment']."&"  ;
        echo "PaymentReceipt$i=".$row['PaymentReceipt']."&"  ;
        echo "PrealertDate$i=".$row['PrealertDate']."&"  ;
        echo "DeliveryStatus$i=".$row['DeliveryStatus']."&"  ;
        echo "ClosedDate$i=".$row['ClosedDate']."&"  ;
        echo "FileStatus$i=".$row['FileStatus']."&"  ;
        echo "Observations$i=".$row['Observations']  ;
        $i=$i+1;    
      }

echo "&n=".$i;

mysqli_close($con);
} else if($_REQUEST['process']=="get"){
    $result = mysqli_query($con,"SELECT * FROM ".$table." WHERE id=".$_REQUEST['id']);
     $i=0;

     while($row = mysqli_fetch_array($result)){
        if($i>0){
            echo "&";
        }
        for ($j=0; $j<=52; $j++){//this is clumsy, it should have been a based on thenumber of columns but i do not know how to do that in php
            echo "field$j=". $row[$j];
            echo "&";
        }
        $i=$i+1;    
      }
    echo "n=".$i;

}else if($_REQUEST['process']=="update"){

    $pieces = explode("/&&/", $_REQUEST['fields']);
    //$result = mysqli_query($con,"DELETE FROM ".$table." WHERE id =".$_REQUEST['id']);
    $sql="INSERT INTO ".$table." VALUES ('".$_REQUEST['id']."','";

    for( $i=1;$i<=52;$i++){
        $sql = $sql.$pieces[$i];
        if($i<52){
            $sql = $sql."','";
        }else{
            $sql = $sql."');";
        }
    }

    $result = mysqli_query($con,$sql);

}else if($_REQUEST['process']=="insert"){

    $result = mysqli_query($con,"SELECT MAX( id ) AS max FROM ".$table);

     while($row = mysqli_fetch_array($result))    {
        $largestNumber = intval(strval($row['max']))+1;
    }
    $pieces = explode("/&&/", $_REQUEST['fields']);
    $sql="INSERT INTO ".$table." VALUES (".$largestNumber.",'";

    for( $i=1;$i<=52;$i++){
        $sql = $sql.$pieces[$i];
        if($i<52){
            $sql = $sql."','";
        }else{
            $sql = $sql."');";
        }
    }

    $result = mysqli_query($con,$sql);
    echo "id=".$largestNumber;

}else if ($_REQUEST['process'] == "delete") {
    $query = "DELETE FROM ".$table." WHERE id =".$_REQUEST['id'];
    $result = mysqli_query($con, $query);
}
//mysqli_close($con);
?>

0 个答案:

没有答案
相关问题
最新问题