我正在开发一个项目,正在处理一个应该进行更新和定期插入的页面。我在其他地方找到了代码并且一直在修改它以适用于我的项目。无论如何我修复了很多错误,但我在第140行遇到了内存泄漏。
以下是代码:
<?php
/*
Allows the user to both create new records and edit existing records
*/
// connect to the database
include("includes/dbconnect.inc.php");
// creates the new/edit record form
// since this form is used multiple times in this file, I have made it a function that is easily reusable
function renderForm($title = '', $summary ='', $entry = '', $error = '', $id = '')
{ ?>
<?php
include("includes/header.inc.php");
?>
<body>
<table>
<tr>
<td>
<img src="images/zombie_minions.png"/> <!-- Logo -->
</td>
<td>
<div id="nav"><ul>
<li><a href="index.php">Home</a></li>
<li><a href="news.php">News</a></li>
<li><a href="about.php">About Us</a></li>
<li><a href="signup.php">Sign Up</a></li>
<li><a href="contact.php">Contact Us</a></li>
<li><a class="active" href="news-insert.php">New/Update News Entry</a></li>
<li><a href="/admin/">Admin Panel</a></li>
<li><a href="/staff/">Staff Admin Panel</a></li>
<li><a href="/client/">Client Panel</a></li>
<li><a href="login.php">Login</a></li>
<li><a href="logout.php">Log Out</a></li>
</ul></div>
</td>
</tr>
<tr>
<?php
include("includes/calendar.inc.php");
?>
<td>
<h1><?php if ($id != '') { echo "Edit Record"; } else { echo "New Record"; } ?></h1>
<?php if ($error != '') {
echo "<div style='padding:4px; border:1px solid red; color:red'>" . $error
. "</div>";
} ?>
<form action="" method="post">
<h2><strong>Edit News Item:</strong></h2><br><br>
<input type="hidden" name="id" value="<?php echo $id; ?>" />
<p>ID: <?php echo $id; ?></p>
<!-- Date:<br>
<input type="text" name="date" value="<?php echo $date; ?>"/><br> -->
Post Title:<br>
<input type="text" name="title" min="0" max="100" value="<?php echo $title; ?>" required /><br>
Post Summary:<br>
<input type="text" name="summary" min="0" max="100" value="<?php echo $summary; ?>" required /><br>
Post Entry:<br>
<textarea type="text" name="entry" rows="4" cols="50" min="0" max="650" value="<?php echo $entry; ?>" required /></textarea><br>
<input type="submit" value="Submit" name="submit" />
</form>
<?php }
/*
EDIT RECORD
*/
// if the 'id' variable is set in the URL, we know that we need to edit a record
if (isset($_GET['id']))
{
// if the form's submit button is clicked, we need to process the form
if (isset($_POST['submit']))
{
// make sure the 'id' in the URL is valid
if (is_numeric($_POST['id']))
{
// get variables from the URL/form
$id = $_POST['ID'];
$title = htmlentities($_POST['title'], ENT_QUOTES);
$summary = htmlentities($_POST['summary'], ENT_QUOTES);
$entry = htmlentities($_POST['entry'], ENT_QUOTES);
//$date=date('y.m.d h:i:s');
// check that title and summary are both not empty
if ($title == '' || $summary == '' || $entry == '')
{
// if they are empty, show an error message and display the form
$error = 'ERROR: Please fill in all required fields!';
renderForm($title, $summary, $entry, $error, $id);
}
else
{
// if everything is fine, update the record in the database
if ($stmt = $conn->prepare("UPDATE news SET title = ?, summary = ?, entry - ?
WHERE id=?"))
{
$stmt->bind_param("sssi", $title, $summary, $entry, $id);
$stmt->execute();
$stmt->close();
}
// show an error message if the query has an error
else
{
echo "ERROR: could not prepare SQL statement.";
}
// redirect the user once the form is updated
header("Location: news.php");
}
}
// if the 'id' variable is not valid, show an error message
else
{
echo "Error!";
}
}
// if the form hasn't been submitted yet, get the info from the database and show the form
else
{
// make sure the 'id' value is valid
if (is_numeric($_GET['id']) && $_GET['id'] > 0)
{
// get 'id' from URL
$id = $_GET['id'];
// get the recod from the database
if($stmt = $conn->prepare("SELECT ID, title, summary, entry FROM news WHERE ID=?"))
{
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt->bind_result($id, $title, $summary, $entry);
$stmt->fetch();
// show the form
renderForm($title, $summary, $entry, NULL, $id);
$stmt->close();
}
// show an error if the query has an error
else
{
echo "Error: could not prepare SQL statement";
}
}
// if the 'id' value is not valid, redirect the user back to the news.php page
else
{
header("Location: news.php");
}
}
}
/*
NEW RECORD
*/
// if the 'id' variable is not set in the URL, we must be creating a new record
else
{
// if the form's submit button is clicked, we need to process the form
if (isset($_POST['submit']))
{
// get the form data
$title = htmlentities($_POST['title'], ENT_QUOTES);
$summary = htmlentities($_POST['summary'], ENT_QUOTES);
$entry = htmlentities($_POST['entry'], ENT_QUOTES);
// check that title and summary are both not empty
if ($title == '' || $summary == '' || $entry == '')
{
// if they are empty, show an error message and display the form
$error = 'ERROR: Please fill in all required fields!';
renderForm($title, $summary, $entry, $error);
}
else
{
// insert the new record into the database
if ($stmt = $conn->prepare("INSERT news (title, summary, entry) VALUES (?, ?, ?)"))
{
$stmt->bind_param("sss", $title, $summary, $entry);
$stmt->execute();
$stmt->close();
}
// show an error if the query has an error
else
{
echo "ERROR: Could not prepare SQL statement.";
}
// redirect the user
header("Location: news.php");
}
}
// if the form hasn't been submitted yet, show the form
else
{
renderForm();
}
}
// close the mysqli connection
$conn->close();
?>
</td>
</tr>
<?php
include("includes/footer.inc.php");
?>
答案 0 :(得分:1)
小错误可能导致巨大的问题......
if($stmt = $conn->prepare("SELECT ID, title, summary, entry FROM news WHERE ID=?"))
{
$stmt->bind_param("i", $id); // <-- this is the problem
$stmt->execute();
您没有将任何内容绑定到?参数,因此它会尝试选择整个表。正确的替代方案是:
$stmt = $conn->prepare("SELECT ID, title, summary, entry FROM news WHERE ID=:id")
$stmt->bind_param(":id", $id);
或
$stmt = $conn->prepare("SELECT ID, title, summary, entry FROM news WHERE ID=?")
$stmt->bind_param(1, $id);
答案 1 :(得分:-1)
尝试在php.ini中增加memory_limit。默认设置为128MB。
答案 2 :(得分:-1)
确保您的entry列不是longtext。我将我从长篇文章改为中文版,它解决了同样的问题。
MySQL v5.6.33