动态生成的页面在按下提交按钮时更改其链接

时间:2013-09-16 13:11:21

标签: php mysql

我有一个广告网站项目,用户可以在其中为不同的旅游相关业务添加优惠。我为每个优惠创建了动态生成的页面,我想在其中添加一个评论框,访问者可以在其中发布他们的意见。页面按原样生成,链接为advertisement.php?id = 2,其中id是该商品的ID。当我点击评论的提交按钮时,页面链接变为advertise.php?advertisement_comment =& place_comment = Place + comment其中advertisement_comment是评论框的名称,place_comment是提交按钮的名称。因此,我得到通知:未定义的索引:第3行的C:\ xampp \ htdocs \ Project \ advertisement.php中的id。我的id变量等于$ _GET ['id'],但由于页面网址更改,因此不能更长的时间。有什么方法可以防止链接发生变化吗?如果没有,也许你可以想到一个不同的数据库结构和PHP代码,我可以用它来得到我想要的地方,因为我有点卡住了。如果我需要在降级之前以任何方式编辑我的问题,请告诉我。非常感谢你!

生成页面的代码:

<?php
    session_start();
    $id = $_GET['id']; 
    require_once("includes/db_connect.php");


    $query_dynamic_advertisement = "SELECT * FROM advertisings WHERE id = '$id'";
    $result_dynamic_advertisement = mysql_query($query_dynamic_advertisement) or die (mysql_error());
    $fetch_dynamic_advertisement = mysql_fetch_assoc($result_dynamic_advertisement);

    // Hit counter
    $query_advertising_views="UPDATE advertisings SET advertising_views = advertising_views + 1 WHERE id = '$id'";
    $result_advertising_views=mysql_query($query_advertising_views) or die (mysql_error());

    // Comments
    if (isset($_POST['place_comment']))
    {
        $comment = mysql_real_escape_string($_POST[advertisement_comment]);
        $advertising_id = $_SESSION['id'];
        $query_place_comment = "INSERT INTO advertising_comments VALUES ('', '$comment', '$advertising_id')";
        mysql_query($query_place_comment) or die (mysql_error());       
    }
?>
<!DOCTYPE html>
<html>
    <head>
        <link rel="stylesheet" type="text/css" href="css/style.css">
        <title>Title</title>
    </head>
    <body>
        <div id="wrapper">
            </br>
            <a href="index.php"><h3>Home</h3></a>
            <a href="index.php"><img src="images/logo.png" alt="SporeDEV logo" id="logo"></a>
            </br>
            <!-- Meniu -->
            <ul>
                <li><a href="signup.php">Signup</a></li>
                <li><a href="login.php">Login</a></li>
                <li><a href="forgot_password.php">Forgot Password</a></li>
                <li><a href="includes/logout.php">Logout</a></li>
                <li><a href="advertising_panel.php">Advertising Panel</a></li>
                <li><a href="user_panel.php">User Panel</a></li>
                <li><a href="user_profile.php">User Profile</a></li>
                <li><a href="admin_panel.php">Admin Panel</a></li>
            </ul>
            <!-- Sfarsit de meniu -->
            </br>
            <?php
                echo "<p> General information </p>";
                echo "</br>";
                echo "Location name: {$fetch_dynamic_advertisement['location_name']}";
                echo "</br>";
                echo "Location type: {$fetch_dynamic_advertisement['location_type']}";
                echo "</br>";
                echo "</br>";
                echo "</br>";
                echo "<p> Address </p>";
                echo "</br>";
                echo "Region: {$fetch_dynamic_advertisement['region']}";
                echo "</br>";
                echo "Settlement: {$fetch_dynamic_advertisement['settlement']}";
                echo "</br>";
                echo "Street: {$fetch_dynamic_advertisement['street']}";
                echo "</br>";
                echo "Street number: {$fetch_dynamic_advertisement['street_number']}";
                echo "</br>";
                echo "</br>";
                echo "</br>";
                echo "<p> Contact information </p>";
                echo "</br>";
                echo "E-mail: {$fetch_dynamic_advertisement['email']}";
                echo "</br>";
                echo "Phone: {$fetch_dynamic_advertisement['phone']}";
                echo "</br>";
                echo "Website: <a href={$fetch_dynamic_advertisement['website']} target=_blank>{$fetch_dynamic_advertisement['website']}</a>";
                echo "</br>";
                echo "</br>";
                echo "</br>";
                echo "<p> Statistics </p>";
                echo "</br>";
                echo "Added: {$fetch_dynamic_advertisement['add_date']}";
                echo "</br>";
                echo "Modified: {$fetch_dynamic_advertisement['last_modified']}";
                echo "</br>";
                echo "Advertising views: {$fetch_dynamic_advertisement['advertising_views']}";
                echo "</br>";
                echo "</br>";
                echo "</br>";
                echo "<p> Description </p>";
                echo "</br>";
                echo "Description: {$fetch_dynamic_advertisement['description']}";
                echo "</br>";
                echo "</br>";
                echo "</br>";
                echo "<p> Comments </p>";
                echo "</br>";
            ?>  
                <!-- Comment form -->
                <p> Add a comment </p>
                </br>
                <form action = "advertisement.php?id=<?php echo $id;?>" method = "$_POST">
                    <textarea name="advertisement_comment"></textarea>
                    </br>
                    <input type="submit" name="place_comment" class="button_1" value="Place comment">
                </form>

        </div>
    </body>
</html>

表advertising_comments的结构是:id(int 11,autoincrement),comment(varchar 255),advertising_id(int 11,这应该与初始页面的id相同)。

我知道MySQL已经折旧了。如果您有时间,请同时查看此问题:Simplest MySQL to MySQLi transition

1 个答案:

答案 0 :(得分:2)

您的网址在表单提交后会发生变化,因为它默认为GET方法。这是由于表单元素中的拼写错误。

更改此行:

<form action = "advertisement.php?id=<?php echo $id;?>" method = "$_POST">

为:

<form action="advertisement.php?id=<?php echo $id;?>" method="post">

这将允许您使用POST提交评论表。

额外注意,您应该清理所有用户输入,包括页面ID以防止SQL注入攻击。这不安全:

$id = $_GET['id'];
相关问题
最新问题