我有一个名为(order.php)的php订单表单,当用户点击(提交按钮“下一步”)时,它会转到另一个名为(confirm-order.php)的页面
(confirm-order.php)显示用户使用$ _POST []从(order.php)提交的信息,并将其中的每一个分配给变量。
显示在(confirm-order.php)纯文本上的数据,例如:
$itemName = $_POST['itemName'];
<?php echo $itemName; ?>
在页面末尾有一个表单只包含一个元素作为(提交按钮)
如何将$ itemName数据仅插入mysql数据库(单击提交按钮后,表单操作将我带到确认页面)?
我知道如何将数据插入到mysql中,但它不适用于isset()函数
我是否必须先在表单中编写isset函数?在它下面的mysql数据库代码?
order.php页面:
<form class="form-horizontal well" action="confirm-order.php" method="POST">
<fieldset>
<legend>Personal Shopper Order Form</legend>
<div class="control-group">
<label class="control-label" for="select01">Choose a plan</label>
<div class="controls">
<select id="select01" name="plan">
<option>Lite Plan $0 per order</option>
</select>
</div>
</div>
<div class="control-group">
<label class="control-label" for="itemName">Item Name</label>
<div class="controls">
<input type="text" class="input-xlarge" id="itemName" name="itemName">
<p class="help-block">Item name exapmle: iPad3 White 32GB wifi & 3G.</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="itemID">Item ID</label>
<div class="controls">
<input type="text" class="input-xlarge" id="itemID" name="itemID">
<p class="help-block">example: Ebay Item ID, Amazon Item ID.</p>
</div><br>
<div class="control-group">
<label class="control-label" for="itemURL">Item URL</label>
<div class="controls">
<input type="text" class="input-xxlarge" id="itemURL" name="itemURL">
<p class="help-block">Direct web link to the item.</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="textarea">Item Details</label>
<div class="controls">
<textarea class="input-xlarge" id="textarea" name="itemDetails" rows="6"></textarea>
<p class="help-block">Item details (name, color, specifications etc...)</p>
</div>
</div>
<li id="li_3" data-pricefield="money_simple" data-pricevalue="0">
<div class="input-prepend input-append">
<label class="control-label" for="element_3_1">Item Price</label>
<div class="controls">
<span class="add-on">$</span>
<input id="element_3_1" data-price-value="10.00" name="element_3" type="text" class="element text large">
<p class="help-block">Item exact price on the US online store.</p>
</div>
</div>
</li>
<li id="li_7" data-pricefield="money_simple" data-pricevalue="0">
<div class="input-prepend input-append">
<label class="control-label" for="element_7_1">Local Shipping Cost</label>
<div class="controls">
<span class="add-on">$</span>
<input id="element_7_1" data-price-value="10.00" name="element_7" type="text" class="element text large">
</div>
<p class="help-block">Local shipping fee from the US Store to Sky2ship (if applicable).</p>
</div>
</li>
<li id="li_8" data-pricefield="radio" data-pricevalue="0">
<div class="control-group">
<div class="controls">
<p class="help-block">Order Processing Service Fee.</p>
<label class="radio">($0) Standard 2-3 days
<input id="element_8_1" data-pricedef="00.00" name="element_8" class="element radio" type="radio" value="$0 Standard 2-3 Day">
</label>
<label class="radio">($10) Express 1 day
<input id="element_8_2" data-pricedef="10.00" name="element_8" class="element radio" type="radio" value="$10 Express Same Day">
</label>
</div>
</div>
</li>
<legend>Personal Information & Shipping Address</legend>
<div class="control-group">
<label class="control-label" for="input04">Full Name</label>
<div class="controls">
<input type="text" class="input-medium" id="fullName" name="fullName">
<p class="help-block">First & last name.</p>
</div>
</div>
<div class="control-group">
<div class="controls">
<label class="radio">Male
<input type="radio" name="optionsRadios" id="optionsRadios1" value="option1" checked>
</label>
<label class="radio">
<input type="radio" name="optionsRadios" id="optionsRadios2" value="option2">Female
</label>
</div>
</div>
<div class="input-prepend">
<label class="control-label" for="prependedInput">Email Address</label>
<div class="controls">
<span class="add-on">@</span>
<input type="text" class="span2" id="prependedInput" name="Email">
<p class="help-block">Your email address.</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="input06">Address</label>
<div class="controls">
<input type="text" class="input-xxlarge" id="input06" name="streetAddress" placeholder="Street Address">
<p class="help-block">Your shipping address.</p>
</div>
</div>
<div class="control-group">
<div class="controls controls-row">
<input type="text" class="span2" id="City" name="City" placeholder="City">
<input type="text" class="span3" id="State" name="State" placeholder="State / Province">
</div>
</div>
<div class="control-group">
<div class="controls controls-row">
<input type="text" class="span2" id="PostalCode" name="PostalCode" placeholder="Postal Code">
<input type="text" class="span3" id="Phone" name="Phone" placeholder="Phone Number">
</div>
</div>
<div class="control-group">
<label class="control-label" for="select01">Country</label>
<div class="controls">
<select id="select02" name="Country">
<option>IRAQ</option>
<option>JORDON</option>
</select>
</div>
</div>
<li class="total_payment" align="right" data-basetotal="0">
<span>
<h3 class="alert-success">$<var>0</var></h3>
<h5>Total</h5>
</span>
</li>
<div class="control-group">
<label class="control-label" for="optionsCheckbox">Read & Agree</label>
<div class="controls">
<label class="checkbox">
<input type="checkbox" id="optionsCheckbox" value="option1">
<a href="#">I agree to the site's Terms of Service & Privacy Policy.</a>
</label>
</div>
</div>
<div class="form-actions">
<button type="submit" class="btn btn-primary">Confirm Order</button>
<button type="reset" class="btn">Cancel Order</button>
</div>
</fieldset>
</form>
confirm-order.php页面:
<?php
$itemName = $_POST['itemName'];
$plan = $_POST['plan'];
$itemID = $_POST['itemID'];
$itemPrice = $_POST['element_3'];
$processService = $_POST['element_8'];
$itemDetails = $_POST['itemDetails'];
$streetAddress = $_POST['streetAddress'];
$City = $_POST['City'];
$State = $_POST['State'];
$PostalCode = $_POST['PostalCode'];
$Phone = $_POST['Phone'];
$Country = $_POST['Country'];
$fullName = $_POST['fullName'];
$Email = $_POST['Email'];
$itemURL = $_POST['itemURL'];
$itemLocalShipCost = $_POST['element_7'];
?>
<?php
$db_host = "localhost";
$db_user = "root";
$db_pass = "000000";
$db_name = "dbname";
if (isset($_POST['submit'])) {
$db_connect = mysqli_connect($db_host,$db_user,$db_pass,$db_name);
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql ="INSERT INTO lite_order (lite_plan, lite_item_name)
VALUES
('$plan','$item')";
if (!mysqli_query($db_connect,$sql))
{
die('Error: ' . mysqli_error($db_connect));
}
echo "1 record added";
}
?>
<address>
<strong>Shipping Address.</strong><br>
<?php echo $streetAddress; ?><br>
<?php echo $City; ?>, <?php echo $State; ?>, <?php echo $PostalCode; ?><br><?php echo $Country; ?><br>
<abbr title="Phone">P:</abbr><?php echo $Phone; ?>
</address>
<address>
<strong><?php echo $fullName; ?></strong><br>
<a href="mailto:#"><?php echo $Email; ?></a>
</address>
<table class="table">
<thead>
<tr>
<th>Plan</th>
<th>Item Name</th>
<th>Item ID</th>
<th>Local Shipping Cost</th>
<th>Item Price</th>
<th>Order Processing Fee</th>
</tr>
</thead>
<tbody>
<tr class="success">
<td><?php echo $plan; ?></td>
<td><?php echo $itemName; ?></td>
<td><?php echo $itemID; ?></td>
<td><?php echo "$" . $itemLocalShipCost; ?></td>
<td><?php echo "$" . $itemPrice; ?></td>
<td><?php echo $processService; ?></td
></tr>
</tbody>
</table>
<strong>Item URL</strong><p class="alert alert-info"><?php echo $itemURL; ?></p>
<pre class="pre-scrollable"><?php echo $itemDetails; ?></pre>
<p>Your Total <h3 class="question"><?php echo "$" . $orderTotal; ?></h3></p>
<div class="form-actions"><form action="pending-order.php" method="post" name="confirmed-order">
<button type="submit" name="submit" class="btn btn-primary">Submit Order</button>
<button type="button" class="btn">Previous</button></form>
</div>
</div>
</div>
</div>
</div>
</div>
在单击提交按钮后,插入mysql数据库代码以将所有变量插入数据库?在哪里放置isset()函数?我试了一下,它没有在我的表格中插入任何数据。
答案 0 :(得分:2)
编辑:一个简单的例子
执行<form>
,验证并插入一个文件,说form.php
:
<? // check if FORM has been posted
$posted = isset($_POST['submit']);
if ($posted) { // form has been posted...
// validate input
if (!isset($_POST['item']) || strlen(trim($_POST['item'])) == 0)
$error['item'] = "please insert an item-name!";
if (!isset($_POST['price']) || !is_numeric($_POST['price']))
$error['price'] = "please enter a valid price!";
// ready for input?
if (!isset($error)) { // no $error --> go insert!
// I'll do the db-operation with PDO and a prepared statement.
// this is cool, easy and safe. LEARN IT!
$sql = "INSERT INTO table (item,price) VALUES (:item,:price)";
$insert = $db->prepare($sql);
$insert->execute(array(
':item' => $_POST['item'],
':price' => $_POST['price']
));
} // $error
} // submit
?>
现在,在相同页面的<body>
...
<? // check whether to display confirmation or form...
if ($posted && !isset($error)) {
// form was sent AND no error --> confirm
?>
<h1>Confirmed!</h1>
<p>Your data has been sent, thank you very much!</p>
<a href="somepage.php">go to somepage</a>
<?
} else {
// form not sent or errors --> display form
?>
<h1>Please enter data</h1>
<? // display error-message, if there's one:
if (isset($error)) {
$output = "";
foreach ($error as $field => $msg)
$output .= (strlen($output) > 0?', ':'') . "[$field]: $msg";
echo "<p>There were errors: $output</p>";
} // $error
?>
<form method="post">
<!-- if the form has been sent, bring back the field's value from $_POST -->
<p>item-name: <input type="text" name="item"
value="<?=($posted?$_POST['item']:'')?>" /></p>
<p>price: <input type="text" name="price"
value="<?=($posted?$_POST['price']:'')?>" /></p>
<p><input type="submit" name="submit" value="submit" /></p>
</form>
<?
} // submit & $error
?>
请参阅使用ternary-operator
设置value
的{{1}} - 属性 - 元素:
<input>
答案 1 :(得分:2)
我可以贡献两件具体的事情。
首先,isset
测试null ...不同于empty。如果您有一个提交空的表单字段,请将局部变量设置为该发布值,然后使用isset
进行测试; isset
将返回true
,因为值存在,这与尚未在页面加载中注册的变量不同。
第二...... 任何 可以发布到您的表单(想想邪恶的自主韩国黑客机器人)。此外,有许多方式可以在未激活提交按钮的情况下提交表单,因此无法保证您甚至会在$_POST
变量中看到提交密钥。您需要在处理脚本中定义的是“默认操作”。我的意思是一个非常基本的 SAFE 行为(比如重定向到'某事是错误的'页面),默认情况下启动,这样才能绕过它是提交正确的表格,正确设置所有预期值。
如果这样做,您可以忽略提交按钮本身的值,而是专注于POST的内容。我收到了预期收到的所有内容吗?这一切都是正确的格式吗?用户是否正确进行了身份验证?只有在所有这些问题都经过满意的测试后,您才能从默认行为切换到表单处理行为,在该行为中可以将发布的数据插入到数据库中。
使用3页结构的示例: 参考:filter vars
第1页:
<form action=./page2 method=POST>
<input type=text value=1234 name=numericValue />
<input type=text value="dummytext" name=stringValue />
<input type=submit value=submit name=submit />
</form>
第2页:
<?php
$args = array('numericValue' => FILTER_VALIDATE_INT
,'stringValue' => FILTER_SANITIZE_STRING);
$clean_data = filter_input_array(INPUT_POST,$args);
if (is_array($clean_data))
{
$_SESSION["saved_clean_data"] = $clean_data;
}
else
{
Header(<something wrong page>);
die();
}
?>
<form action=./page3 method=POST>
<input type=submit name=submit value=No />
<input type=submit name=submit value=Yes />
</form>
第3页:
<?php
if ($_POST["submit"] === "Yes")
{
$cleanNum = $_SESSION["saved_clean_data"]["numericValue"];
$cleanStr = $_SESSION["saved_clean_data"]["stringValue"];
// DB insert Query, use advice from michi about PDO
// parameterize your queries to help prevent sql injection
}
else
{
Header(<somewhere for declined submits>);
die();
}
?>
答案 2 :(得分:0)
有很多方法可以做到这一点:
存储上一页的所有数据,即order.php
变量中$SESSION[]
的数据:
说明:在Session中设置它将使您能够从站点中的任何位置访问相同的变量,直到用户的会话。表示在将其存储在会话中后,您可以在pending-order.php
页面中访问它
如何操作:在顶部的此页面中,不要将变量设置在顶部,而是写下以下内容:
$SESSION['itemName'] = $_POST['itemName']
然后使用:
回声 echo $SESSION['itemName']
然后在pending-order.php
中,您可以为变量赋值,如下所示:
$itemName = $SESSION['itemName']
现在您可以将变量存储在db。
将隐藏字段放在confirm-order.php
页面的形式中:
说明:以confirm-order.php
形式创建隐藏的输入字段,并设置变量中的值。这样,当您点击提交按钮时,您可以使用与pending-order.php
相同的方式在confirm-order.php
中访问它们。
怎么做:只需将变量放在隐藏输入的value属性中,如下所示:
<form action="pending-order.php" method="post" name="confirmed-order">
<input type="hidden" value="<?php $itemID ?>" id="someID">
</form>
答案 3 :(得分:0)
我们可以通过以下方式实现这一目标
您将所有数据存储在会话中并在确认页面中使用,然后在数据插入页面上使用。如果用户更新或取消订单,请记得更新或删除它。
您可以使用javascript和HTML动态创建确认订单页面,当用户点击确认按钮时,我们只会将其发布到PHP页面。这也会减少服务器呼叫。
答案 4 :(得分:0)
尝试
<button type="submit" class="btn btn-primary" NAME="submit">Confirm Order</button>
并使用
IF (isset($_POST['submit]) {
$itemName = $_POST['itemName'];
$plan = $_POST['plan'];
$itemID = $_POST['itemID'];
$itemPrice = $_POST['element_3'];
$processService = $_POST['element_8'];
$itemDetails = $_POST['itemDetails'];
$streetAddress = $_POST['streetAddress'];
$City = $_POST['City'];
$State = $_POST['State'];
$PostalCode = $_POST['PostalCode'];
$Phone = $_POST['Phone'];
$Country = $_POST['Country'];
$fullName = $_POST['fullName'];
$Email = $_POST['Email'];
$itemURL = $_POST['itemURL'];
$itemLocalShipCost = $_POST['element_7'];
//你的mysql INSERT代码在这里
}
编辑1:
改变<button type="submit" class="btn btn-primary">Confirm Order</button>
致<input type="submit" class="btn btn-primary" value="Confirm Order">
答案 5 :(得分:0)
在隐藏字段中创建表单并存储变量,然后以
形式创建此提交按钮因此,单击此表单将存储信息。见这里的例子
<form class="form-horizontal well" action="confirm-order.php" method="POST">
<input type="hidden" value="<?php echo $itemName; ?>" />
<input type="submit" value="Confirm Order" />
</form>
答案 6 :(得分:0)
isset()函数有效
<input type="submit" value="Confirm Order" />
所以更新代码表格
<div class="form-actions">
<button type="submit" class="btn btn-primary">Confirm Order</button>
<button type="reset" class="btn">Cancel Order</button>
</div>
到
<div class="form-actions">
<input type="submit" class="btn btn-primary" value="Confirm Order" />
<input class="btn" type="reset" value="Cancel Order" />
</div>