我正在处理一个html表单,它将使用php脚本连接到数据库以添加记录。
我目前正在使用它但是当我提交表单并添加记录时,页面导航到空白的PHP脚本,而我更喜欢在提交时,会显示一条消息,通知用户记录已添加但是页面保持不变。如果有人可以告诉我如何进行此更改,我的代码如下。
Html表格:
<html>
<form class="form" id="form1" action="test.php" method="POST">
<p>Name:
<input type="Name" name="Name" placeholder="Name">
</p>
<p>Age:
<input type="Number" name="Age" placeholder="Age">
</p>
<p>Address
<input type="text" name="Address" placeholder="Address">
</p>
<p>City
<input type="text" name="City" placeholder="City">
</p>
</form>
<button form="form1" type="submit">Create Profile</button>
</html>
PHP数据库连接代码:
<html>
<?php
$serverName = "xxxxxxxxxxxxxxxxxxxxxxxx";
$options = array( "UID" => "xxxxxxxxx", "PWD" => "xxxxxxxx",
"Database" => "xxxxxxxxxx");
$conn = sqlsrv_connect($serverName, $options);
if( $conn === false )
{
echo "Could not connect.\n";
die( print_r( sqlsrv_errors(), true));
}
$Name = $_POST['Name'];
$Age = $_POST['Age'];
$Address = $_POST['Address'];
$City = $_POST['City'];
$query = "INSERT INTO [SalesLT].[Test]
(Name,Age,Address,City) Values
('$Name','$Age','$Address','$City');";
$params1 = array($Name,$Age,$Address,$City);
$result = sqlsrv_query($conn,$query,$params1);
sqlsrv_close($conn);
?>
</html>
答案 0 :(得分:0)
通常,您的操作文件类似于thankyou.php,您可以向用户输入任何消息,然后可以回调一些提交的数据。例如:
Thank you, [NAME] for your oder of [ITEM]. We will ship this out to you very soon.
或者此文件可以是您的表单所在的页面,如果您的页面是HTML,您仍然可以使用一些javascript显示感谢信息。类似的东西:
<form class="form" id="form1" action="test.php" method="POST onSubmit="alert('Thank you for your order.');" >
答案 1 :(得分:0)
我考虑到您上面发布的 PHP数据库连接代码 snipplet称为 test.php ,因为您已连接到数据库并插入数据在一个文件中进入数据库。
考虑到这一点,我认为你唯一缺少的一条线,让你回到我称之为 index.php 的顶级代码片段,就在数据之后就是一个包含语句已添加到数据库
$query = "INSERT INTO [SalesLT].[Test]
(Name,Age,Address,City) Values ('$Name','$Age','$Address','$City');";
$params1 = array($Name,$Age,$Address,$City);
$result = sqlsrv_query($conn,$query,$params1);
echo "Data added";
include 'index.php'; //This file is whatever had the earlier form
一旦你点击表单上的提交按钮,就会调用test.php,你的数据会被处理并传回index.php。
N.B: 我应该提到的另一件事是习惯使用mysqli_real_escape_string()方法来清理$ _POST []中的数据;因为在真实的网站中,如果你不这样做,你就让攻击者有机会在你的网站上进行SQL注入:)
答案 2 :(得分:0)
你说页面是空白的,数据是保存的,所以我假设有两个文件,一个包含表单,另一个包含php代码(test.php)。
当您提交表单时,您注意到表单是在test.php上提交的
并且您的test.php没有任何输出代码,这就是您看到空白页面的原因。
所以在保存数据时创建一个页面thankyou.php并重定向它。header('Location: thankyou.php');
在文件末尾。
答案 3 :(得分:0)
将其放入表单操作而不是test.php
<form action=<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?> method="post">
Put your php code at top of the page.
$Name = $_POST['Name'];
This is step closer to being a safer way to posting into your db as well.
$Name =mysqli_real_escape_string( $_POST['Name']);
我喜欢来自svsdnb的jscript Alert,告诉用户数据已成功添加到db。
答案 4 :(得分:0)
这不是一个开箱即用的解决方案;它只是让你指向正确的方向。这是完全未经测试的,并且脱离了我的头脑。
虽然你可以在php页面插入数据库之后重定向回到html表单,但是你会看到页面的重绘并且表单值将被清除。
执行所要求的标准方法是使用AJAX在幕后提交数据,然后使用服务器的回复向HTML DOM添加消息。
使用JQuery来处理javascript的东西,解决方案看起来像这样:
<html>
<!-- placeholder for success or failure message -->
<div id="ajax-message"></div>
<form class="form" id="form1">
<p>Name: <input type="Name" name="Name" placeholder="Name"></p>
<p>Age: <input type="Number" name="Age" placeholder="Age"></p>
<p>Address: <input type="text" name="Address" placeholder="Address"></p>
<p>City: <input type="text" name="City" placeholder="City"></p>
<!-- change button type from submit to button so that form does not submit. -->
<button id="create-button" type="button">Create Profile</button>
</form>
<!-- include jquery -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<!-- ajax stuff -->
<script>
// wait until DOM loaded
$(document).ready(function() {
// monitor button's onclick event
$('#create-button').on('click',function() {
// submit form
$.ajax({
url: "test.php",
data: $('#form1').serialize,
success: function(response) {
$('#ajax-message').html(response);
}
});
});
});
</script>
</html>
<?php
// note: never output anything above the <?php tag. you may want to set headers.
// especially in this case, it would be better to output as JSON, but I'm showing you the lazy way.
$serverName = "xxxxxxxxxxxxxxxxxxxxxxxx";
$options = array( "UID" => "xxxxxxxxx", "PWD" => "xxxxxxxx", "Database" => "xxxxxxxxxx");
$conn = sqlsrv_connect($serverName, $options);
if( $conn === false ) {
echo "Could not connect.\n";
die( print_r( sqlsrv_errors(), true));
}
$Name = $_POST['Name'];
$Age = $_POST['Age'];
$Address = $_POST['Address'];
$City = $_POST['City'];
// if mssql needs the non-standard brackets, then put them back in...
// note placeholders to get benefit of prepared statements.
$query = "INSERT INTO SalesLT.Test " .
"(Name,Age,Address,City) Values " .
"(?,?,?,?)";
$params1 = array($Name,$Age,$Address,$City);
$success = false;
if($result = sqlsrv_query($conn,$query,$params1)) {
$success = true;
}
sqlsrv_close($conn);
// normally would use json, but html is sufficient here
// done with php logic; now output html
if($success): ?>
<div>Form submitted!</div>
<?php else: ?>
<div>Error: form not submitted</div>
<?php endif; ?>