我的想法是系统会弹出一个框并显示是或取消,如果选择取消则它不会存储在MYSQL数据库中,如果是,则存储在数据库中,现在的问题是它是否存储在数据库中是否单击是或取消,我该如何解决?
if(isset($_POST['submit'])){
if($favour=="Chocolate"and $topping=="Chocolate Chip"){
?>
<script type="text/javascript">
if(window.confirm("You have selected chocolate's favour and chocolate's topping, are you sure?")) { alert("You have apply successfully");window.location="index.php";
} else {
window.location="customization.php";
}
</script>
<?php
}
elseif($favour=="Fruit"and $topping=="Mix Fruit"){
?>
<script type="text/javascript">
if(window.confirm("You have selected Fruit's favour and Fruit's topping, are you sure?")) { alert("You have apply successfully");window.location="index.php";
} else {
window.location="customization.php";
}
</script>
<?php
}
mysql_query("INSERT INTO customization (cakesize,cfavour,topping, ccolor, cmessage,customizeMessage, C_date, Member_ID,status) VALUES ('$cakesize','$favour' ,'$topping', '$color' ,'$cmessage','$cumessage', '$date', '$uname','pending')");
}
?>
答案 0 :(得分:0)
显然你有一个问题,那就是JS和PHP的混合,关于该代码的想法不会很好,你需要将它们分开。做这样的事情:(你只需根据自己的需要来适应它)。
<?php
if(isset($_POST['submit'])){
extract($_POST);
$con = new mysqli('localhost', 'username', 'password', 'database');
$stmt = $con->prepare('
INSERT INTO customization (cakesize,cfavour,topping, ccolor, cmessage,customizeMessage, C_date, Member_ID,status)'
VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?)
);
$stmt->bind_param('sssssssis', $cakesize, $favour, $topping, $color, $cmessage, $cumessage, $date, $uname, 'pending');
$stmt->execute();
if($stmt->affected_rows > 0) {
// insert success!
echo '<script>alert("Success!");</script>';
}
}
?>
<form method="POST" name="form" onsubmit="handle_form()">
<!-- your input forms blah blah -->
</form>
<script type="text/javascript">
function handle_form() {
var favour = document.forms['form']['favour'].value;
var topping = document.forms['form']['topping'].value;
var message = '';
if(favour == 'Chocolate Chip' && topping == 'Chocolate Chip') {
message = 'You have selected chocolate's favour and chocolate's topping, are you sure?';
} elseif(favour == 'Fruit' && topping == 'Mix Fruit') {
message = 'You have selected Fruit's favour and Fruit's topping, are you sure?';
}
if(confirm(message)) {
document.getElementsByName('form').submit();
} else {
window.location = "customization.php";
}
}
</script>
旁注:您很容易使用SQL注入,使用MYSQLI或PDO并使用参数化语句。