我遇到了一个简单的问题,但我不知道如何克服......一点帮助就会明显...... !!
代码 commentinsert.php
<?php
if(isset($_POST['action']) && $_POST['action'] == 'Send'){
sendfeedback();
}
function sendfeedback() {
$name=$_POST['name'];
$email = $_POST['email'];
$subject = $_POST['subject'];
$feedback = $_POST['feedback'];
$servername= "localhost";
$username= "root";
$password= "******";
$dbname= "mydb";
$conn = mysqli_connect($servername, $username, $password, $dbname);
$sql= "INSERT INTO feedback_tbl (name,email,subject,feed_text) VALUES ('$name','$email','$subject','$feedback')";
if(mysqli_query($conn, $sql))
{
echo "Feedback Successfully Sent";
}
else
{
echo "Feedback not sent";
}
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>commentinsert</title>
<link href="css/style.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="js/delete.js"></script>
</head>
<body>
<div class="bg">
<div id="header">
<div id="logo">
<h1> xyz </h1><h4>Company</h4>
</div>
<div id="navlist">
<ul>
<li> <a href="/"> Home</a></li>
<li> <a href="/gallery"> Gallery</a></li>
<li> <a href="/legal"> Legal</a></li>
<li> <a href="/contact" class="current"> Contact Us</a></li>
<li> <a href="/about"> About Us</a></li>
<li> <a href="/plan"> Plan</a></li>
</ul>
</div>
</div>
</div>
<br>
<div class="bodywrapper">
<div id="conoverflw">
<div id="con_detail"> <p>asiubvisdvbidsubvauY </p>
<p>iuivsduvbidubvuaovidosvni<br> asfv<br>abvckivdai<br>Email : xyz@gmail.com</p>
</div>
<div id="feedback_form">
<div class="contact_email">
<form action ="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post" id="emailForm" >
<label for="contact_name"> Enter your Name: </label>
<input type="text" name="name" id="contact_name" required size="30" class="inputbox" value="">
<label id="contact_emailmsg" for="contact_email"> E-mail address: </label>
<input type="text" id="contact_email" name="email" size="30" required value="" class="inputbox" maxlength="100">
<label for="contact_subject"> Feedback Subject: </label>
<input type="text" name="subject" required size="30" class="inputbox" value="">
<label id="contact_textmsg" for="contact_text"> Enter your Feedback: </label>
<textarea cols="50" rows="10" name="feedback" id="contact_text" required style="margin: 4px; width: 370px; height: 150px;"></textarea>
<br>
<input class="" name="action" type="submit" value="Send">
<input type="submit" name="action" value="Cancel">
</form></div>
</div>
</div>
</div>
<div class="bg_footer">
<div id="footer">
<div class="sec1">
<ul>
<li id="1"><a href="http://localhost/about">> Post it on Youtube</a></li>
<li id="2"><a href="http://localhost/about">> Post it on your Facebook page</a></li>
<li id="3"><a href="http://localhost/about"> > Optimize it for search on Youtube</a></li>
</ul>
</div>
<div class="sec1">
<ul>
<li id="1"><a href="http://localhost/about">> Post it on Youtube</a></li>
<li id="2"><a href="http://localhost/about">> Post it on your Facebook page</a></li>
<li id="3"><a href="http://localhost/about"> > Optimize it for search on Youtube</a></li>
</ul>
</div>
<div class="sec3">
<h1>our company</h1><p>© 2016 <span> l </span> PRIVACY POLICY</p>
</div>
</div></div>
</body>
</html>
在另一页displaycomment.php
中
<?php
ini_set('display_errors', 1);
error_reporting(~0);
$serverName = "localhost";
$userName = "root";
$userPassword = "******";
$dbName = "mydb";
$conn= mysqli_connect($serverName,$userName,$userPassword,$dbName);
$sql="SELECT * FROM feedback_tbl";
$query = mysqli_query($conn,$sql);
if(isset($_GET['delete_id']))
{
$sql = "DELETE FROM feedback_tbl WHERE feed_id=".$_GET['delete_id'];
$conn->query($sql);
header("Location: http://localhost/displaycomment.php");
}
while($row=mysqli_fetch_array($query,MYSQLI_ASSOC))
{
?>
<html>
<head><title>displaycomment</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<script type="text/javascript" src="js/delete.js"></script>
<hr align="left" width="250px">
<div>
<p><?php echo(($row['name']))?>                 </p>
<p><?php echo(($row['subject']))?></p>
<p><?php echo(($row['feed_text']))?></p>
<a href="javascript:delete_id(<?php echo $row["feed_id"]; ?>)"> x </a>
</div>
<hr align="left" width="250px">
<?php
}
?>
</body>
</html>
这两个单独的页面工作正常..但我想在单页中创建。即我想在commentinsert.php中显示插入的注释
答案 0 :(得分:0)
忽略样式代码和不适:
<?php
if (isset($_POST['action']) && $_POST['action'] == 'Send')
sendfeedback();
function sendfeedback()
{
$name=$_POST['name'];
$email = $_POST['email'];
$subject = $_POST['subject'];
$feedback = $_POST['feedback'];
$servername= "localhost";
$username= "root";
$password= "******";
$dbname= "mydb";
$conn = mysqli_connect($servername, $username, $password, $dbname);
$sql= "INSERT INTO feedback_tbl (name, email, subject, feed_text) VALUES ('$name', '$email', '$subject', '$feedback')";
if (mysqli_query($conn, $sql))
{
echo "Feedback Successfully Sent";
$sql = "SELECT * FROM feedback_tbl";
$query = mysqli_query($conn, $sql);
while ($row = mysqli_fetch_array($query,MYSQLI_ASSOC))
{
?>
<hr align="left" width="250px">
<div>
<p><?php echo(($row['name']))?>                 </p>
<p><?php echo(($row['subject']))?></p>
<p><?php echo(($row['feed_text']))?></p>
<a href="javascript:delete_id(<?php echo $row["feed_id"]; ?>)"> x </a>
</div>
<hr align="left" width="250px">
<?
}
}
else
{
echo "Feedback not sent";
}
}
?>
我还建议在此功能上方移动<html>,<head>,</head>,<body>标记并删除重复的标记。
答案 1 :(得分:-1)
注意:考虑转义用户输入并使用预准备语句。 使用SQL注入,用户可以从“反馈”表中删除所有数据。