PHP表单在数据库中插入数据

时间:2016-05-25 06:24:05

标签: php database forms

我创建了一个将数据插入数据库的表单。 我已经获得了两个函数来获取数据并显示它们,这些函数位于一个名为queryDb.php的文件中:

function addCustomer($fname, $lname, $address, $phone) {
    $db = new MyDB();
    if(!$db){
        echo '<script type="text/javascript">alert("'.$db->lastErrorMsg().'");</script>';
    } else {
        //echo "Opened database successfully\n";
    }

    $sql ='INSERT INTO CUSTOMERS (FIRSTNAME, LASTNAME, ADDRESS, PHONE) VALUES ("'.$fname.'", "'.$lname.'", "'.$address.'", "'.$phone.'");';
    $db->query($sql);
}

获取功能:

function getCustomers($searchTerm = null) {      
    $db = new MyDB();

    if(!$db){
        echo '<script type="text/javascript">alert("'.$db->lastErrorMsg().'");</script>';
    } else {
        //echo "Opened database successfully\n";
    }

    if(!$searchTerm) {
        $sql ='SELECT * from CUSTOMERS;';
    } else {
        $sql ='SELECT * FROM CUSTOMERS WHERE FIRSTNAME LIKE "'.$searchTerm.'" OR LASTNAME LIKE "'.$searchTerm.'" OR ADDRESS LIKE "'.$searchTerm.'" OR PHONE  LIKE "'.$searchTerm.'"';
    }
    $ret = $db->query($sql);
    $array = [];

    if(!$ret){
       echo $db->lastErrorMsg();
       return [];
    } else {
        while($row = $ret->fetchArray(SQLITE3_ASSOC) ){
            $array[] = $row;
        }
        $db->close();
        return $array;
    }
}

在我的reviewsubmit.php中,我把它放在首位:

<?php
    require_once "queryDb.php";
    $firstname = $_POST["firstname"];
    $lastname = $_POST["lastname"];
    $address = $_POST["address"];
    $phone = $_POST["phone"];
    addCustomer($firstname, $lastname, $address, $phone);
?>

这是我的表格:

<form action="reviewsubmit.php" method="post">
    Firstname
    <input type="text" id="firstname" name="firstname">  />
    Lastname
    <input type="text" id="lastname" name="lastname"">  />
    Address
    <input type="text" id="address" name="address">  />
    Phone
    <input type="text" id="phone" name="phone">  />
    <input type="submit" name="Submit" value="Submit" />
</form>

问题是当我使用表单向数据库提交信息时,它会在我第一次单击提交时为所有内容提交空值。然后,当我再次点击提交时,它会提交实际值: image

1 个答案:

答案 0 :(得分:0)

您的HTML标记不是最好的,可能会导致一些异常。同时,最理想的做法是将所需的属性添加到字段中,以确保在提交之前填充所有必需的字段:

<!-- TO GUARD AGAINST ACCIDENTALLY INSERTING EMPTY VALUES -->
<!-- WHY NOT MAKE THE INPUT FIELDS MANDATORY -->
<form action="reviewsubmit.php" method="post">
    <label for="firstname">Firstname</label>
    <input type="text" id="firstname" name="firstname" required  />

    <label for="lastname">Lastname</label>
    <input type="text" id="lastname" name="lastname" required />

    <label for="address">Address</label>
    <input type="text" id="address" name="address" required />

    <label for="phone">Telephone</label>
    <input type="text" id="phone" name="phone" required/>

    <input type="submit" name="Submit" value="Submit" />
</form>

在PHP方面,在提交数据库之前,您还可以进一步检查提交的值是否为空或为空。这样你就可以确定前端和后端的情况。这可能是一种方式:

<?php
    // FILE: index.php
    require_once "queryDb.php";
    $firstname  = isset($_POST["firstname"])? htmlspecialchars(trim($_POST["firstname"]))   : null;
    $lastname   = isset($_POST["lastname"]) ? htmlspecialchars(trim($_POST["lastname"]))    : null;
    $address    = isset($_POST["address"])  ? htmlspecialchars(trim($_POST["address"]))     : null;
    $phone      = isset($_POST["phone"])    ? htmlspecialchars(trim($_POST["phone"]))       : null;

    // CHECK THAT YOU DON'T HAVE NULL OR EMPTY FIELD VALUES BEFORE INSERTING ANYTHING INTO DATABASE
    if(!is_null($firstname) && !is_null($lastname) && !is_null($address) && !is_null($phone) ){
        addCustomer($firstname, $lastname, $address, $phone);
    }

?>