如何在PHP永久网页内容中返回$ _POST

时间:2017-05-18 22:21:56

标签: php forms post

我有一张可以发布的表格。我也有一个成功连接的SQL数据库。但是,当我关闭页面时,用户输入消失。如何让用户输入页面内容的一部分,几乎就像留言簿一样?

<p onclick="myFunction()">Click here to share your personal testimony</p>
<div id="formwindow">
    <form action="http://needjesuskneadjesus.org/perstest.php" method="post">
        Name: <input type="text" name="name">
        <span class="error">* <?php echo $nameErr; ?></span>
        <br>
        Email: <input type="text" name="email">
        <span class="error">* <?php echo $emailErr; ?></span>
        <br>
        Personal Testimony:<br> <textarea name="personalTestimony" rows="10" cols="50"></textarea><br>
        <input type="Submit">
    </form>
</div>
<script>
    function myFunction() {
        document.getElementById("formwindow").style.display = "block";
    }
</script>
</br>
<?php
    echo "Name: " . $_POST['name'];
?>
</br>
<?php
    echo "Email: " . $_POST['email'];
?>
</br>
<?php
    echo "Personal Testimony: " . $_POST['personalTestimony'];
?>
</br>
/* Attempt MySQL server connection. 
    // Check connection
    if($link === false){
        die("ERROR: Could not connect. " . mysqli_connect_error());
    }
    // Escape user inputs for security
    $name = mysqli_real_escape_string($link, $_REQUEST['name']);
    $email = mysqli_real_escape_string($link, $_REQUEST['email']);
    $personalTestimony = mysqli_real_escape_string($link, 
    $_REQUEST['personalTestimony']);
    // attempt insert query execution
    $sql = "INSERT INTO personalTestimony (name, email, testimony) VALUES 
    ('$name', '$email', '$personalTestimony')";
    if(mysqli_query($link, $sql)){
        echo "Thanks for sharing your personal testimony.";
    } else{
        echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
    }
    // close connection
    mysqli_close($link);
*/
?>

1 个答案:

答案 0 :(得分:0)

您可以使用PHP Sessions存储用户评论,这将显示旧评论

<?php
session_start();

$name;
$email;
$personalTestimony;

if($link === false){
    die('ERROR: Could not connect.' . mysqli_connect_error());
}



if (!isset($_POST['name']) && !isset($_POST['email']) && !isset($_POST['personalTestimony'])) {
    $name = $_POST['name']);
    $email = $_POST['email'];
    $personalTestimony = $_POST['personalTestimony']);


    // attempt insert query execution
    $sql = mysqli_prepare($link, "INSERT INTO personalTestimony (name, email, testimony) VALUES ('$name', '$email', '$personalTestimony'))";

    if(mysqli_query($link, $sql)){
        echo 'Thanks for sharing your personal testimony.';
    } else{
      echo 'ERROR: Could not able to execute $sql. ' . mysqli_error($link);
    }

} elseif (!empty($_SESSION['name']) || !empty($_SESSION['email']) || !empty($_SESSION['testimony'])) {
        $_SESSION['name'] = $name;
        $_SESSION['email'] = $email;
        $_SESSION['testimony'] = $personalTestimony;
    }

}

// close connection
mysqli_close($link);
?>

我换了     mysqli_real_escape_string到mysqli_prepare,因为它的字符更少,并提供更多的安全性。您可以阅读更多相关信息here

这只会在以太会话到期之前有效(您可以配置此here)或客户端清除其Cookie。

相关问题
最新问题