在页面之间传递数据?

时间:2013-05-26 12:14:37

标签: php mysql

我忘记了如何正确地做到这一点。我基本上想要一个PHP页面将数据发送到数据库(submitscore.php),另一个从数据库中获取它们并将它们显示在表格中(showscore.php):

submitscore.php:

if(isset($_POST['score']) && isset($_POST['playername']))
{
    $scorefromflash = mysql_real_escape_string($_POST['score']);
    $namefromflash = mysql_real_escape_string($_POST['playername']);


    $con = mysql_connect("servername","username","password");
    if (!$con)
    {
        die('Could not connect: ' . mysql_error());
    }

    mysql_select_db("testdb", $con);

    $sql = "INSERT INTO test (Name, Score) VALUES ('$namefromflash', '$scorefromflash')";

    header("./showscore.php");

    if (!mysql_query($sql,$con))
    {
        die('Error: ' . mysql_error());
    }

    mysql_close($con); 
}
?>

showscore.php

<?php

$con = mysql_connect("server","username","password");
if (!$con)
{
  die('Could not connect: ' . mysql_error());
}

mysql_select_db("testdb", $con);

echo ("Name: ".$namefromflash);
echo ("Score: ".$scorefromflash);

$result = mysql_query("SELECT * FROM test ORDER BY Score DESC");

echo "<table border='1'>
<tr>
<th>Name</th>
<th>Score</th>
</tr>";

while($row = mysql_fetch_array($result))
  {
  echo "<tr>";
  echo "<td>" . $row['Name'] . "</td>";
  echo "<td>" . $row['Score'] . "</td>";
  echo "</tr>";
  }
echo "</table>";

if (!mysql_query($sql,$con))
{
  die('Error: ' . mysql_error());
}

mysql_close($con); 

?>

我问,因为这样做会在Notice: Undefined index: score页面上显示错误Notice: Undefined index: playernamesubmitscore.php

它没有在数据库中插入任何记录,也没有显示表格。

感谢。

4 个答案:

答案 0 :(得分:2)

您的codes容易受sql injection攻击,在将值插入数据库之前应使用mysql_real_escape_string函数。

你不需要

$scorefromflash = $_POST['score'];
$namefromflash = $_POST['playername'];

在show score页面中......

答案 1 :(得分:1)

这是代码,对我有用:

submitscore.php:

<?php
if(isset($_REQUEST['score']) && isset($_REQUEST['playername']))
{
    $con = mysql_connect("host","user","password");
    if (!$con)
    {
        die('Could not connect: ' . mysql_error());
    }

    mysql_select_db("database", $con);    
    $scorefromflash = mysql_real_escape_string($_REQUEST['score']);
    $namefromflash = mysql_real_escape_string($_REQUEST['playername']);

    $sql = "INSERT INTO test (Name, Score)
           VALUES ('$namefromflash', '$scorefromflash')";

    if (!mysql_query($sql,$con))
    {
        die('Error: ' . mysql_error());
    }

    mysql_close($con);

    header("Location: showscore.php");
}
?>

showscore.php

<?php
$con = mysql_connect("host","user","password");
if (!$con)
{
    die('Could not connect: ' . mysql_error());
}

mysql_select_db("database", $con);

$result = mysql_query("SELECT * FROM test ORDER BY Score DESC");
if (!$result)
{
    die('Error: ' . mysql_error());
}

echo "<table border='1'>
<tr>
<th>Name</th>
<th>Score</th>
</tr>";

while($row = mysql_fetch_array($result))
{
    echo "<tr>";
    echo "<td>" . $row['Name'] . "</td>";
    echo "<td>" . $row['Score'] . "</td>";
    echo "</tr>";
}
echo "</table>";

mysql_close($con);
?>

插入数据后,它会将您重定向到页面,其中显示包含所有数据的表格。更改数据库凭据。这是我用于测试的GET请求:

http://domain/submitscore.php?score=1&playername=2

答案 2 :(得分:0)

我认为你试图设置一个标题,用$_POST['score'] and $_POST['playername']

将页面重新加载到showscore.php

在submitscore.php中尝试:

header("location: ./showscore.php?player=$namefromflash&score=$scorefromflash");

并在showscore.php内使用:

$scorefromflash = $_REQUEST['score'];
$namefromflash = $_REQUEST['playername'];

答案 3 :(得分:0)

首先:你的代码不是保存。使用mysql_escape_string

之类的东西

这不是一个真正的错误。它(就像它说的那样)是一个通知。您不使用isset函数来检查变量是否已设置。这些变量有可能没有值,因为之前的页面没有发送它。

如果您使用而不是

$scorefromflash = $_POST['score'];

使用它:

$scorefromflash = isset($_POST['score'])?$_POST['score']:null
然后这个通知就会消失。也适用于其他$_POST