我一直在研究一个旧应用程序,主要处理从mysql升级到mysqli并删除折旧函数。在调试乱七八糟的时候,我偶尔会遇到编辑或删除产品的超链接错误。实例
php?act=del&cat_id=5&bc=654321&ds=&src=app
php?act=del&cat_id=5&bc=&ds=ds12345&src=app
php?act=del&cat_id=5&bc=654321&ds=ds12345&src=app
// Original code
if ($_GET['act'] == 'del') {
$cat_id = $_GET['cat_id'];
$ds = $_GET['ds'];
$bc = $_GET['bc'];
if($cat_id == '' && $ds == '' || $bc == '') {
echo 'Error Cannot identify item for action!';
}
else {
//$db = mysqli_connect($db_host, $db_login, $db_pwd, $db_name);
// Do some SQL Stuff in cat_id that match ds or bc
}
我尝试了原版的几十种变体
if($cat_id == '' && $ds == '' || $bc == '')
使用|| &安培;&安培;等于或不等于,并且在所有情况下,这样或那样的方法永远不会得到正确的。包括trincot建议的那个
if ($cat_id == '' && ($ds == '' || $bc == '' ))
适用于大多数情况,但允许db连接ds =''和bc =''
我编写的下面的代码可以根据需要处理所有错误查询字符串的情况但是我希望有人可能有更好的方法来实现它。
// From GET -- Just to fix if($cat_id == '' && $ds == '' || $bc == '') {
$cat_id = 3;
$ds = 'bbb';
$bc = '';
// define some vars
$c = 'NO'; $d = 0; $b = 0; $t = 0; $s = 0;
if (is_numeric($cat_id)) {
$c = 'OK'; }
if ($ds != '') {
$d = 1;
}
if ($bc != '') {
$b = 1;
}
$t = $d + $b;
if ( $s == $t || $c != 'OK') {
echo 'Error Cannot identify item for action! ';
}
else {
echo ' OK two out three aint bad as long as one is cat ';
//$db = mysqli_connect($db_host, $db_login, $db_pwd, $db_name);
// Do some SQL Stuff in cat_id that match ds or bc
}
这是我提出的工作样本感谢您寻求任何帮助将不胜感激。
http://sandbox.onlinephpfunctions.com/code/fd32ad87ff42836660a59f826b8f08fa0f8d16f0
以下是我想要测试的不同示例。我想知道我需要更新原始代码的其他部分,但是现在我只是想找到一种更简单的方法来触发我的错误!在db connect之前!
example 1:
$cat_id = 3;
$ds = '';
$bc = '';
Result: Error Cannot identify item for action! \\ No Part number either ds or bc
example 2:
$cat_id = 'a';
$ds = 'ds-195062';
$bc = '654321';
Result : Error Cannot identify item for action! \\ wrong cat_id
example 3:
$cat_id = '';
$ds = 'ds-195062';
$bc = '654321';
Result : Error Cannot identify item for action! \\ no cat id
example 4:
$cat_id = '5';
$ds = '';
$bc = '654321';
Result : OK two out three aint bad as long as one is cat
\\ have a bc part number and a catagory
example 5:
$cat_id = '5';
$ds = 'ds-195062';
$bc = '654321';
Result : OK two out three aint bad as long as one is cat
\\ have a bc and ds part number and a catagory
example 6:
$cat_id = '5';
$ds = 'ds-195062';
$bc = '';
Result : OK two out three aint bad as long as one is cat
\\ have a ds part number and a catagory
这是原始问题的编辑,希望现在更清楚
感谢您寻找
结束了这个感谢@trincot向我解释这个
if ($_GET['act'] == 'del') {
$cat_id = ( isset( $_GET['cat_id'] ) && is_numeric( $_GET['cat_id'] ) ) ? intval( $_GET['cat_id'] ) : 0;
$ds = isset($_GET['ds']) ? $_GET['ds'] : '';
$bc = isset($_GET['bc']) ? $_GET['bc'] : '';
if ( $ds == '' ) { $ds = 'n'; }
if ( $bc == '' ) { $bc = 'n'; }
if($cat_id == 0 || ($ds == 'n' && $bc == 'n')) {
echo 'Error! ';
echo 'Result: value of ds ' . $ds .' value of bc '. $bc .' cat id is '. $cat_id;
}
else {
echo 'Good To Go ';
echo 'Result: value of ds ' . $ds .' value of bc '. $bc .' cat id is '. $cat_id;
}
}
答案 0 :(得分:3)
您认为&&和||运算符错误。改变这个:
if($cat_id == '' && $ds == '' || $bc == '') {
echo 'Error Cannot identify item for action!';
}
到此:
if($cat_id == '' || ($ds == '' && $bc == '')) {
echo 'Error Cannot identify item for action!';
}
请注意,不需要额外的括号,因为&&优先于||,但要明确这一点并不明白。
此外,除非您的else块包含所有其他代码,否则您需要在发生此错误时退出脚本执行(可能在首先执行其他操作之后):
if($cat_id == '' || ($ds == '' && $bc == '')) {
echo 'Error Cannot identify item for action!';
// Some other handling/rendering could come here, but then exit:
exit();
}
现在,当参数根本没有传递时,变量不会是''。同样可以覆盖它( 编辑: 以及仅在第二个代码块中进行的数字检查),并且首先执行:
$cat_id = (isset($_GET['cat_id']) && is_numeric($cat_id)) ? $_GET['cat_id'] : '';
$ds = isset($_GET['ds']) ? $_GET['ds'] : '';
$bc = isset($_GET['bc']) ? $_GET['bc'] : '';
// ... and then:
if($cat_id == '' || ($ds == '' && $bc == '')) {
echo 'Error Cannot identify item for action!';
// Some other handling/rendering could come here, but then exit:
exit();
}