Question

所以，我有一切正常，然后我尝试添加重复的插入预防，这一切都打破了。如果有人能帮助我，那就太好了！：）

的index.php：

<?php
include('dbConfig.php');
?>

<!Doctype html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="description" content="$1">
<meta name="viewport" content="width=device-width, initial-scale=1">

<link rel="stylesheet" type="text/css" href="style.css">

<title>Database Solution</title>


</head>
<body>

 <?php

     $barcode=$_POST['barcode']
     $check=mysqli_query($conn,"select * from Barcodes where barcode='$barcode'");
     $checkrows=mysqli_num_rows($check);

  if(isset($_POST['save']))
{
    $sql = "INSERT INTO Barcodes (barcode)
    VALUES ('".$_POST["barcode"]."')";


   if($checkrows>0) {
      echo "barcode exists";
   } else {  
    $result = mysqli_query($conn,$sql);
}

?>

<h2 align="center">Barcode Database</h2>

<style type="text/css">
    .fieldset-auto-width {
         display: inline-block;
    }
</style>
<div class="form">
    <form method="post" align="center">
        <fieldset class="fieldset-auto-width">
            <legend align="center">Enter Barcode:</legend>
    <input type="text" name="barcode" size="35"><br/><br />

    <button type="submit" name="save">Input</button>
        </fieldset>
    </form>
</div>

    <p align="center">© 2018 Nathaniel</p>

</body>
</html>

dbConfig.php：

$conn=mysqli_connect("localhost","n****ec_**s","****","n******_***");

if(!$conn)
{
die("Connection failed: " . mysqli_connect_error());
}

?>

我有办法解决这个问题吗？我可能很愚蠢，但我希望有人可以帮我解决这个问题。

Answer 1

您的代码中有两个非常基本的问题。你真的应该深入研究这些问题以及如何调试它们。无论如何这里是代码：

    <?php
include('dbConfig.php');
?>

<!Doctype html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="description" content="$1">
<meta name="viewport" content="width=device-width, initial-scale=1">

<link rel="stylesheet" type="text/css" href="style.css">

<title>Database Solution</title>


</head>
<body>

 <?php

     $barcode=$_POST['barcode'];
     $check=mysqli_query($conn,"select * from Barcodes where barcode='$barcode'");
     $checkrows=mysqli_num_rows($check);

    if(isset($_POST['save']))
    {
        $sql = "INSERT INTO Barcodes (barcode) VALUES ('".$_POST["barcode"]."')";


       if($checkrows>0) {
          echo "barcode exists";
        } else {  
        $result = mysqli_query($conn,$sql);
        }
    }   

?>

<h2 align="center">Barcode Database</h2>

<style type="text/css">
    .fieldset-auto-width {
         display: inline-block;
    }
</style>
<div class="form">
    <form method="post" align="center">
        <fieldset class="fieldset-auto-width">
            <legend align="center">Enter Barcode:</legend>
    <input type="text" name="barcode" size="35"><br/><br />

    <button type="submit" name="save">Input</button>
        </fieldset>
    </form>
</div>

    <p align="center">© 2018 Nathaniel</p>

</body>
</html>

你在第23行错过了分号

$barcode=$_POST['barcode'];

在你的if语句之后错过了一个关闭的副词：

if(isset($_POST['save']))
    {
        $sql = "INSERT INTO Barcodes (barcode) VALUES ('".$_POST["barcode"]."')";


       if($checkrows>0) {
          echo "barcode exists";
        } else {  
        $result = mysqli_query($conn,$sql);
        }
    }

同样评论说尝试实现参数化查询，此代码对sql注入是开放的。

Answer 2

EventLoop

＆GT;

PHP＆amp; MySQL - 防止重复行插入不起作用

2 个答案: