我有一个表单,为用户提供了在3列中的1列中发布的选项。如果用户决定要在第一列中发帖,那么他们会点击第1列按钮,我的jquery脚本会删除其他2个输入字段。
问题是这些列中的每一列都链接到数据库中自己的表,因此每次用户在其中一列中输入信息时,都会将其发送到登录页面,并在其中全部更新3表。
如果用户在哪里选择第1列,那么它们的信息将被插入到第1列表中,但空白行也将被插入表2和3中。
<?php
$con=mysqli_connect("URL", "DB", "password","DB_Name");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$Main= mysqli_real_escape_string($con, $_POST['Column_1']);
$storyn1 = mysqli_real_escape_string($con, $_POST['storyn1']);
$sql="INSERT INTO Column_1 (Link1, storyn1)
VALUES ('$Main', '$storyn1')";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
mysqli_close($con);
$con=mysqli_connect("URL", "DB", "password","DB_Name");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$MLB= mysqli_real_escape_string($con, $_POST['MLB']);
$storyn2 = mysqli_real_escape_string($con, $_POST['storyn2']);
$sql="INSERT INTO Column_2 (Link, storyn2)
VALUES ('$MLB', '$storyn2')";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
mysqli_close($con);
$con=mysqli_connect("URL", "DB", "password","DB_Name");;
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$Column_3= mysqli_real_escape_string($con, $_POST['Column_3']);
$storyn3 = mysqli_real_escape_string($con, $_POST['storyn3']);
$sql="INSERT INTO Column_3 (Link3, storyn3)
VALUES ('$Column_3', '$storyn3')";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
mysqli_close($con);
?>
我觉得我在表格中插入空白行的原因是因为此页面包含所有3个表格的插入代码。什么是最好的做法?我是否需要有3个单独的着陆页来存放这些插入代码?
以下是以下建议中的更新代码:
// escape variables for security
$Main= mysqli_real_escape_string($con, $_POST['Column_1']);
$storyn1 = mysqli_real_escape_string($con, $_POST['storyn1']);
$MLB= mysqli_real_escape_string($con, $_POST['MLB']);
$storyn2 = mysqli_real_escape_string($con, $_POST['storyn2']);
$Column_3= mysqli_real_escape_string($con, $_POST['Column_3']);
$storyn3 = mysqli_real_escape_string($con, $_POST['storyn3']);
if(!empty($_POST['Column_1']) && !empty($_POST['storyn1'])) {
$sql="INSERT INTO Column_1 (Link1, storyn1)
VALUES ('$Main', '$storyn1')";
}
if(!empty($_POST['MLB']) && !empty($_POST['storyn2'])) {
$sql="INSERT INTO Column_2 (Link, storyn2)
VALUES ('$MLB', '$storyn2')";
}
if(!empty($_POST['Link3']) && !empty($_POST['storyn3'])) {
$sql="INSERT INTO Column_3 (Link3, storyn3)
VALUES ('$Column_3', '$storyn3')";
}
?>
答案 0 :(得分:1)
您可以进行的一项更改将涉及最小的重构,只需在转义后检查用户输入以查看它是否为空,然后有条件地将其添加到数据库中。例如
// escape variables for security
$Main= mysqli_real_escape_string($con, $_POST['Column_1']);
$storyn1 = mysqli_real_escape_string($con, $_POST['storyn1']);
$MLB= mysqli_real_escape_string($con, $_POST['MLB']);
$storyn2 = mysqli_real_escape_string($con, $_POST['storyn2'This]);
$Column_3= mysqli_real_escape_string($con, $_POST['Column_3']);
$storyn3 = mysqli_real_escape_string($con, $_POST['storyn3'])
if(!(empty($Main) || empty($story1)) {
$sql="INSERT INTO Column_1 (Link1, storyn1)
VALUES ('$Main', '$storyn1')";
}
elseif (!(empty($MLB) || empty($story2)){
... etc...
}
elseif (!(empty($Column_3) || empty($story3)){
...etc...
}
else{
... they are all empty !! ...
}
我用if-else序列做的方式有可能只增加其中一个的潜在附加好处。
答案 1 :(得分:1)
一种简单的方法是使用PHP empty()方法在执行插入操作之前检查用户提交的值是否为空。所以你的代码可能如下:
<?php
if(!empty($_POST['Column_1']) && !empty($_POST['storyn1'])) {
// insert into table Column_1
}
if(!empty($_POST['MLB']) && !empty($_POST['storyn2'])) {
// insert into table Column_2
}
if(!empty($_POST['Link3']) && !empty($_POST['storyn3'])) {
// insert into table Column_3
}
?>
至于您是否需要3个单独的目标网页(或表单,视图等),则不需要;这实际上取决于你的3列是否形成了一个有凝聚力的逻辑分组。我的建议绝对是重构您的PHP代码以使用classes and objects。