结束网络开发人员,我从另一个团队完成了CMS,我必须与我的前端链接。我做了一些修改,但由于我缺乏PHP知识,我在这里有一些问题。
我的用户可以填写表单,其中1个文本字段要求他们的照片链接。我想检查输入的值是否不等于我想要的值,然后我将查询插入一个默认的头像照片链接到mysql进行处理。
我在php上试过的代码
// check if the variable $photo is empty, if it is, insert the default image link
if($photo = ""){
$photo="images/avatarDefault.png";
}
似乎无法正常工作
<?php
if($_SERVER["REQUEST_METHOD"] === "POST")
{
//Used to establish connection with the database
include 'dbAuthen.php';
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
//Used to Validate User input
$valid = true;
//Getting Data from the POST
$username = sanitizeInput($_POST['username']);
$displayname = sanitizeInput($_POST['displayname']);
$password = sanitizeInput($_POST['password']);
//hash the password using Bcrypt - this is to prevent
//incompatibility from using PASSWORD_DEFAULT when the default PHP hashing algorithm is changed from bcrypt
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
//Determining Type of the User
//if B - User is student
//if A - User is adin
if($_POST['type'] == 'true')
$type = 'B';
else
$type = 'A';
$email = sanitizeInput($_POST['email']);
$tutorGroup = sanitizeInput($_POST['tutorGroup']);
$courseID = sanitizeInput($_POST['courseID']);
$description = sanitizeInput($_POST['desc']);
$courseYear = date("Y");
$website = sanitizeInput($_POST['website']);
$skillSets = sanitizeInput($_POST['skillSets']);
$specialisation = sanitizeInput($_POST['specialisation']);
$photo = sanitizeInput($_POST['photo']);
// this is what i tried, checking if the value entered is empty, but doesn't work
if($photo = ""){
$photo="images/avatarDefault.png";
}
$resume = sanitizeInput($_POST['resume']);
//Validation for Username
$sql = "SELECT * FROM Users WHERE UserID= '$username'";
if (mysqli_num_rows(mysqli_query($con,$sql)) > 0){
echo 'User already exists! Please Change the Username!<br>';
$valid = false;
}
if($valid){
//Incomplete SQL Query
$sql = "INSERT INTO Users
VALUES ('$username','$displayname','$hashed_password','$type','$email', '$tutorGroup', ";
//Conditionally Concatenate Values
if(empty($courseID))
{
$sql = $sql . "NULL";
}
else
{
$sql = $sql . " '$courseID' ";
}
//Completed SQL Query
$sql = $sql . ", '$description', '$skillSets', '$specialisation', '$website', '$courseYear', '$photo', '$resume', DEFAULT)";
//retval from the SQL Query
if (!mysqli_query($con,$sql))
{
echo '*Error*: '. mysqli_error($con);
}
else
{
echo "*Success*: User Added!";
}
}
//if student create folder for them
if ($type == 'B')
{
//Store current reporting error
$oldErrorReporting = error_reporting();
//Remove E_WARNING from current error reporting level to prevent users from seeing code
error_reporting($oldErrorReporting ^ E_WARNING);
//Set current reporting error();
error_reporting($oldErrorReporting);
}
mysqli_close($con);
}
}
function sanitizeInput($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
我试图在mysql上找到一种方法来插入默认值,但似乎不可能,所以我别无选择,只能通过php查询插入。
我有逻辑,但我不确定如何在我缺乏知识的情况下在php上实现,我正在考虑检查
1)如果照片链接没有.png / .jpg,$photo != ".png"
2)如果照片链接长度太低$.photo.length < 10
有人可以帮助我查看代码并告诉我我做错了什么吗?谢谢!
答案 0 :(得分:0)
我注意到的第一件事是使用double =
if($photo == ""){
//...
}
答案 1 :(得分:0)
使用默认值的一种非常简单的方法可能是:
$photo = isset($photo) ? $photo : 'images/avatarDefault.png' ;
它的工作原理是它首先询问是否设置了照片,如果是,则使用所有准备插入的值,否则插入默认值,
另一种(非常相似)方法:
$photo = !empty($photo) ? $photo : 'images/avatarDefault.png' ;
<强>更新
检查它是否包含某个&#34;扩展名&#34;将是一个简单的重写
$photo = preg_match('#\b(.jpg|.png)\b#', $photo ) ? $photo : "images/avatarDefault.png" ;
这样它会检查$ photo中的text / image链接是否包含.png文件类型,如果它没有插入您的默认图像