我正在制作一份注册表格,但我希望在人们注册availseats为0后显示错误信息。任何想法怎么做?
编辑:代码工作正常,但即使座位为0,用户仍然可以注册。我需要一种不允许他们的方式
这是我的代码
<?php
require_once("db.php");
$name = $_REQUEST["name"];
$course = $_REQUEST["course"];
$email = $_REQUEST["email"];
$phone = $_REQUEST["phone"];
$date = $_REQUEST["date"];
$sql = "INSERT INTO registertb(name, course, email, phone, date) VALUES('" . $name . "','" . $course . "','" . $email . "','" . $phone . "','" . $date . "')";
if(mysqli_query($dbconn,$sql))
{
$sql = "SELECT * FROM coursetb WHERE coursename ='" . $course ."'";
$result = mysqli_query($dbconn,$sql);
$data = mysqli_fetch_row($result);
$sql = "UPDATE coursetb SET availseats ='". ($data[5] -1) ."' WHERE coursename ='" . $course ."' AND availseats >= 0";
mysqli_query($dbconn,$sql);
?>
<script type="text/javascript">
alert('Information stored! Redirecting to homepage');
window.location.href='index.html';
</script>
<?php
}
else
{
?>
<script type="text/javascript">
alert('An error occured while inserting your data. Redirecting to registration page..');
window.location.href='register.html';
</script>
<?php
}
?>
答案 0 :(得分:0)
首先,你应该在进行更新之前检查可用座位的数量,不是吗?你最终会得到一个负数的席位。
除此之外,当您执行window.location.href行时,将状态(成功或失败)作为参数传递。
答案 1 :(得分:0)
您需要检查是否还有座位,所以在您考虑更新任何内容之前,请执行此操作。获取用户想要注册的课程,并查看剩余的座位数。
假设您当前的代码是正确的,座位数似乎是课程表的第6个属性(即您通过data[5]访问它)。因此,只需使用此信息检查是否还有座位并相应处理。
require_once("db.php");
$name = $_REQUEST["name"];
$course = $_REQUEST["course"];
$email = $_REQUEST["email"];
$phone = $_REQUEST["phone"];
$date = $_REQUEST["date"];
$new_registration = "INSERT INTO registertb(name, course, email, phone, date) VALUES('" . $name . "','" . $course . "','" . $email . "','" . $phone . "','" . $date . "')";
$course = "SELECT * FROM coursetb WHERE coursename ='" . $course ."'";
if(($result = $mysqli_query($dbconn, $course)))
{
$data = mysqli_fetch_row($result);
if($data[5] > 0)
{
$sql = "UPDATE coursetb SET availseats ='". ($data[5] -1) ."' WHERE coursename ='" . $course ."' AND availseats >= 0";
mysqli_query($dbconn,$sql);
mysqli_query($dbconn,$new_registration);
?>
<script type="text/javascript">
alert('Information stored! Redirecting to homepage');
window.location.href='index.html';
</script>
<?php
}
else
{
?>
<script type="text/javascript">
alert('All seats are taken! Redirecting to homepage');
window.location.href='index.html';
</script>
<?php
}
}
else
{
?>
<script type="text/javascript">
alert('An error occured while inserting your data. Redirecting to registration page..');
window.location.href='register.html';
</script>
<?php
}
?>
请注意,这不是线程安全的(我认为),当很多用户同时访问您的页面时,将检查所有座位的座位数量,如果此时座位是左边,它们都将被允许通过下一个if(data[5])子句,因为它们都没有注册(因此代码不能识别只允许其中一个注册)。如果您关心这一点,您应该考虑为每个请求锁定数据库连接。
答案 2 :(得分:0)
有很多方法可以做到这一点。你做这件事的方式非常“脆弱”,因为任何人都可以在你的剧本中添加他们喜欢的东西!保存$ _REQUEST ['date']是
");DROP TABLE coursetb;"
再见coursetb表!我们希望避免这种情况发生。其次,您希望在添加用户之前进行一些验证。
我不记得内联方法,因为使用codeigniter,这是一个略微OOP的方式
$db=new mysqli('localhost','root','password','yourdatabase');
function is_not_unique($table,$column,$val){
$result=$db->prepare('SELECT * FROM ? WHERE ? = ?');
$result->bind_params('sss',$table,$column,$val);
$result->execute();
$db->close();
return($result->num_rows>=1)?true:false;
}
$errors=false;
if($_POST){
//this is where a user has submitted the form
if(is_not_unique('coursetb','coursename',$_POST['course'])$errors=true;
}
if(!$errors){
$insert=$db->prepare('INSERT INTO registertb (name,course,email,phone,date) VALUES (?,?,?,?,?)');
$insert->bind_param('ssssss',$_POST['name'],$_POST['course'],$_POST['email'],$_POST['phone'],$_POST['date']);
$result=$insert->execute();
$db->close();
}
$_SESSION['failed_register']=$errors;
可能不是100%,因为我现在很久没有使用过mysqli了。但是你明白了。
然后在您的注册页面上执行此操作
<?if($_SESSION['failed_register']==true):?>
<h2>Oh no!</h2>
<p>We found some errors with your sign up</p>
<?endif;?>
你可以随意显示这些错误,但这只是基础知识:)
我还可以在您的查询中看到,如果座位的行数为0,您将不会返回任何座位。因此,如果没有结果,则不会查询任何查询!另外我很确定不使用$ data [5]你需要使用列名的array_key字符串?可能是完全错误的。
你可以这样做:
function count_available_seats($table,$course){
$result=$db->prepare('SELECT availseats FROM coursetbl WHERE coursetbl=?');
$result->bind_param('s',$_POST['course']);
$result->execute();
//need a fetch here
$seatCount=$result->fetch_array();
return($seatCount['availseats']>=1)?true:false;
}
答案 3 :(得分:0)
请参阅以下调整后的代码:
<?php
require_once("db.php");
$name = $_REQUEST["name"];
$course = $_REQUEST["course"];
$email = $_REQUEST["email"];
$phone = $_REQUEST["phone"];
$date = $_REQUEST["date"];
$seats_avail_sql="select availseats from coursetb";
$result=mysqli_query($dbconn,$seats_avail_sql);
$seats_avail=0;
if($result){
if (mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_assoc($result)) {
$seats_avail=$row["availseats"]; //grab seats avaialble
}
}
}
$sql = "INSERT INTO registertb(name, course, email, phone, date) VALUES('" . $name . "','" . $course . "','" . $email . "','" . $phone . "','" . $date . "')";
if(mysqli_query($dbconn,$sql)&&($seats_avail>0)) //only execute code if we have more than 0 seats
{
$sql = "SELECT * FROM coursetb WHERE coursename ='" . $course ."'";
$result = mysqli_query($dbconn,$sql);
$data = mysqli_fetch_row($result);
$sql = "UPDATE coursetb SET availseats ='". ($data[5] -1) ."' WHERE coursename ='" . $course ."' AND availseats >= 0";
mysqli_query($dbconn,$sql);
?>
<script type="text/javascript">
alert('Information stored! Redirecting to homepage');
window.location.href='index.html';
</script>
<?php
}
else
{
?>
<script type="text/javascript">
alert('No Seats available. Redirecting to registration page..');
window.location.href='register.html';
</script>
<?php
}
?>