我有一个PHP联络表。我有一个用于编辑数据库中的联系方式的代码。该代码检查发布的值中是否有错误,并显示错误消息。但是页面在提交表单后重新加载,$_REQUEST["id"]丢失了。
重新加载页面后如何保留$_REQUEST["id"]?
我的edit.php如下:
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<style>
//styling
</style>
</head>
<body>
<?php
//$_REQUEST["id"] = $_SESSION["name"];
$_SESSION["name"] = $_REQUEST["id"];
echo $_SESSION["name"]." ".$_REQUEST["id"];
$first_name = $_SESSION["name"];
$_SESSION["name"] = "";
$server_name = "localhost";
$user_name = "username";
$password = "password";
$db_name = "myDB";
$connection = new mysqli ($server_name, $user_name, $password, $db_name);
$stmt = $connection->prepare("SELECT * FROM Contact WHERE first_name = ?");
$stmt->bind_param("s", $first_name);
$stmt->execute();
$row = $stmt->get_result();
$result = $row->fetch_assoc();
?>
<?php
$first_name = $last_name = $email = $phone_number = $gender = $date_of_birth = "";
$first_name_err = $last_name_err = $gender_err = $email_err = $phone_number_err = $address_err = $captcha_err = "";
if(isset($_POST['submit']))
{
if(empty($_POST["first_name"]))
$first_name_err = "First Name is required";
else{
$first_name = test_input($_POST["first_name"]);
if (!preg_match("/^[a-zA-Z ]*$/",$first_name))
$first_name_err = "Only letters and white space allowed";
if(strlen($first_name) < 3 || strlen($first_name) > 15)
$first_name_err = "Length mismatch (3 <= length <= 15)";
}
if(empty($_POST["last_name"]))
$last_name = "";
else{
$last_name = test_input($_POST["last_name"]);
if (!preg_match("/^[a-zA-Z ]*$/",$last_name))
$last_name_err = "Only letters and white space allowed";
if(strlen($last_name) < 3 || strlen($last_name) > 15)
$last_name_err = "Length mismatch (3 <= length <= 15)";
}
if(empty($_POST["email"]))
$email_err = "Email is required";
else{
$email = test_input($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
$email_err = "Invalid email format";
if(strlen($email) < 6 || strlen($email) > 64)
$email_err = "Length mismatch (6 <= length <= 64)";
}
if(empty($_POST["phone_number"]))
$phone_number_err = "Phone Number is required";
else{
$phone_number = test_input($_POST["phone_number"]);
if (!preg_match("/^[0-9]*$/",$phone_number))
$phone_number_err = "Only numbers allowed";
if(strlen($phone_number) != 10)
$phone_number_err = "Invalid number";
}
if(empty($_POST["gender"]))
$gender_err = "Gender required";
else
$gender = test_input($_POST["gender"]);
//if(!empty($date_of_birth))
$date_of_birth = test_input($_POST["date_of_birth"]);
if(empty($_POST["captcha"]))
$captcha_err = " * Captcha required";
else{
if($_POST["captcha"] != $_SESSION["captcha"])
$captcha_err = "Incorrect captcha";
}
}
function test_input($data){
//functon to test the input for scripts
//Input: $data
//Output: $data
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<span class="error">* Required</span> <br>
<label id="first_name_label">First Name: </label> <input type="text" name="first_name" value="<?php echo $result["first_name"]; ?>" required="required" placeholder="Enter first name"> <span class="error"> * <?php echo "$first_name_err"; ?> </span> <br>
<label id="last_name_label">Last Name: </label> <input type="text" name="last_name" value="<?php echo $result["last_name"]; ?>" placeholder="Enter last name"> <span class="error"> <?php echo "$last_name_err"; ?> </span> <br>
<label id="email_label">E-Mail: </label> <input type="email" name="email" value="<?php echo $result["email"]; ?>" required="required" placeholder="Enter email"> <span class="error"> * <?php echo "$email_err"; ?> </span> <br>
<label id="phone_number_label">Phone Number: </label> <input type="text" name="phone_number" value="<?php echo $result["phone_number"]; ?>" required="required" placeholder="Enter phone number"> <span class="error"> * <?php echo "$phone_number_err"; ?> </span> <br>
<label id="gender_label">Gender:</label>
<input type="radio" name="gender" <?php if($result['gender']=="Male") echo "checked";?> value="Male">Male
<input type="radio" name="gender" <?php if ($result['gender']=="Female") echo "checked";?> value="Female">Female
<input type="radio" name="gender" <?php if ($result['gender']=="Other") echo "checked";?> value="Other">Other <span class="error"> * <?php echo "$gender_err"; ?> </span> <br>
<label id = "date_of_birth_label"> Date of Birth: </label> <input type="text" name="date_of_birth"value="<?php echo $result["date_of_birth"]; ?>" placeholder="dd-mm-yyyy"> <br>
<label id="captcha_label">Enter Captcha: </label> <img src="captcha.php" width="120" height="30" border="1" > <br> <label id="captcha_label1"> </label> <input type="text" name="captcha" required="required" placeholder="Enter Captcha"> <span class= "error"> * <?php echo "$captcha_err"; ?> </span> <br>
<br>
<input type="submit" name="submit" value="Update">
</form>
<?php
if($_SERVER["REQUEST_METHOD"] == "POST")
{
if(isset($_POST["first_name"]) && isset($_POST["last_name"]) && isset($_POST["gender"]) && isset($_POST["email"]) && isset($_POST["phone_number"]) && isset($_POST["captcha"]))
{
if ($first_name_err == "" && $last_name_err == "" && $gender_err == "" && $email_err == "" && $phone_number_err == "" )//&& $captcha_err == "")
{
$insert_date = $date_of_birth;
$sql_db = "REPLACE INTO Contact (first_name, last_name, email, phone_number, gender, date_of_birth) VALUES ('$first_name', '$last_name', '$email', '$phone_number', '$gender', '$insert_date') ";
$connection->query($sql_db);
$connection->close();
$_SESSION["edit_message"] = "Contact Details Edited Successfully";
unset($_SESSION["name"]);
header("Location: http://localhost/test/display.php?show_details=Show+Details");
}
}
}
?>
</body>
</html>
我尝试将其存储在SESSION变量中,但是会话变量在编辑其他数据时不会改变。
我是php新手。请帮助...
答案 0 :(得分:2)
<form action="" method="post">
这将保留查询字符串, 可以防止XSS漏洞;)
答案 1 :(得分:0)
应该将其存储在$ _SESSION中,也许您还没有启动会话?您可以通过在使用$ _SESSION变量之前调用start_session()函数来实现此目的
答案 2 :(得分:0)
在第一次加载页面时使用此代码。...
if(isset($_REQUEST["id"]))
{
$_SESSION["id"] = $_REQUEST["id"];
}
也可以使用会话代替$ _REQUEST
<input type="hidden" name="id" value="<?php if(isset($_SESSION['id'])){ echo $_SESSION['id']; } ?>">