Mysql数据库有时会通过php提交时输入空行,否则效果很好。怎么避免这个?

时间:2016-04-25 15:38:36

标签: php html mysql

表格代码 - 

<form method="POST" action="shareexperience.php" id="contactForm"  name="sentMessage" target="formsaved">
<br/><textarea rows="5" cols="40" name="views" id="views" placeholder="Views About Your Profession">
</textarea> <br/>
<textarea rows="5" cols="40" name="advice" id="advice" placeholder="Advice 4 Students">
</textarea> <br/>
Wanna Be A Guide 4 Child 
<input type="radio" id="yes" name="guide" value="Yes" checked> Yes </input>
<input type="radio" id="No" name="guide" value="No" > No </input> 
<br/><input type="text" name="name" id="professionalname" placeholder="Name">
<input type="text" name="email" id="professionalemail" placeholder="Email Id"> <br/>
<br/><input type="submit" value="Share & Nominate" onclick="saveexperience()"> 
</form>


PHP CODE-

<? php
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error()); 
 $db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " .mysql_error());
 //inserting Record to the database
 $name = $_POST['name']; 
 $email = $_POST['email'];
$views = $_POST['views'];
$advice = $_POST['advice'];
$guide=$_POST['guide'];
 $query = "INSERT INTO professionals(name,email,views,advice,guide)VALUES('$name','$email', '$views','$advice','$guide')"; 
 $result = mysql_query($query); 
mysql_close($con); 
?>

目标formaved已被用于避免重定向,方法是使用html标签iframe,如下所示 - 

<iframe name="formsaved" height="30px" width="300px" scrolling="no" frameborder="0"> </iframe>

有时数据会进入罚款状态,但有时却无法运作 您也可以查看我的网站 - guidance4future.in/nominate

注意: - onclick已被用于进一步禁用页面中的一个html标签......

提前致谢...

2 个答案:

答案 0 :(得分:2)

首先,对您的代码进行一些完整性检查!有人可能会立即删除您的整个数据库...

我怀疑发生的事情是有人点击提交而未在表单中输入任何内容:在这种情况下,您的代码只会插入一个空行。

先做一些检查:

$mysqli = new mysqli("localhost", "my_user", "my_password", "database");

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connection failed: %s\n", mysqli_connect_error());
    exit();
}

$name = $mysqli->real_escape_string($_POST['name']);
$email = $mysqli->real_escape_string($_POST['email']);
$views = $mysqli->real_escape_string($_POST['views']);
$advice = $mysqli->real_escape_string($_POST['advice']);
$guide = $mysqli->real_escape_string$_POST['guide']);

// Check for null fields
if( empty($name) || empty($email) || empty($views) || empty($advice) || empty($guide))
{
    print "Please fill in all fields!";
    // Show the form again here
}
else
{
     $query = "INSERT INTO professionals(name,email,views,advice,guide)VALUES('$name','$email', '$views','$advice','$guide')";
     $mysqli->query($query);
}

答案 1 :(得分:0)

您应该在将数据提交到数据库之前检查数据,以确保所有字段都已正确填写。

if (!(empty($_POST['name']) || empty($_POST['email']) || empty($_POST['views']) || empty($_POST['advice']) || empty($_POST['guide']))){
    // do your stuff here
} else {
    // error stuff
}

此外,正如this comment中所述,您应该考虑将PDO用于数据库操作。

相关问题
最新问题