重新加载页面时如何保留$ _REQUEST [“ id”]值

时间:2018-08-28 13:05:45

标签: php mysql

我有一个PHP联络表。我有一个用于编辑数据库中的联系方式的代码。该代码检查发布的值中是否有错误,并显示错误消息。但是页面在提交表单后重新加载,$_REQUEST["id"]丢失了。 重新加载页面后如何保留$_REQUEST["id"]

我的edit.php如下:

<?php 
    session_start();
 ?>
<!DOCTYPE html>
<html>
  <head>

    <style>
        //styling
    </style>
</head>
<body>

    <?php

    //$_REQUEST["id"] = $_SESSION["name"];

    $_SESSION["name"] = $_REQUEST["id"];

    echo $_SESSION["name"]." ".$_REQUEST["id"];

    $first_name = $_SESSION["name"];

    $_SESSION["name"] = "";

    $server_name = "localhost";
    $user_name = "username";
    $password = "password";
    $db_name = "myDB";

    $connection = new mysqli ($server_name, $user_name, $password, $db_name);

    $stmt = $connection->prepare("SELECT * FROM Contact WHERE first_name = ?");
    $stmt->bind_param("s", $first_name);
    $stmt->execute();
    $row = $stmt->get_result();
    $result = $row->fetch_assoc();

    ?>

    <?php 
        $first_name = $last_name = $email = $phone_number = $gender = $date_of_birth = "";
        $first_name_err = $last_name_err = $gender_err = $email_err = $phone_number_err = $address_err = $captcha_err = "";
        if(isset($_POST['submit']))
        {
            if(empty($_POST["first_name"]))
                $first_name_err = "First Name is required";
            else{
                $first_name = test_input($_POST["first_name"]);
                if (!preg_match("/^[a-zA-Z ]*$/",$first_name))
                    $first_name_err = "Only letters and white space allowed";
                if(strlen($first_name) < 3 || strlen($first_name) > 15)
                    $first_name_err = "Length mismatch (3 <= length <= 15)";
            }

            if(empty($_POST["last_name"]))
                $last_name = "";
            else{
                $last_name = test_input($_POST["last_name"]);
                if (!preg_match("/^[a-zA-Z ]*$/",$last_name))
                    $last_name_err = "Only letters and white space allowed";
                if(strlen($last_name) < 3 || strlen($last_name) > 15)
                    $last_name_err = "Length mismatch (3 <= length <= 15)";
            }

            if(empty($_POST["email"]))
                $email_err = "Email is required";
            else{
                $email = test_input($_POST["email"]);
                if (!filter_var($email, FILTER_VALIDATE_EMAIL))
                        $email_err = "Invalid email format";
                if(strlen($email) < 6 || strlen($email) > 64)
                    $email_err = "Length mismatch (6 <= length <= 64)";
            }

            if(empty($_POST["phone_number"]))
                $phone_number_err = "Phone Number is required";
            else{
                $phone_number = test_input($_POST["phone_number"]);
                if (!preg_match("/^[0-9]*$/",$phone_number))
                        $phone_number_err = "Only numbers allowed";
                if(strlen($phone_number) != 10)
                        $phone_number_err = "Invalid number";
            }

            if(empty($_POST["gender"]))
                $gender_err = "Gender required";
            else
                $gender = test_input($_POST["gender"]);

            //if(!empty($date_of_birth))
                $date_of_birth = test_input($_POST["date_of_birth"]);




            if(empty($_POST["captcha"]))
                $captcha_err = " * Captcha required";
            else{
                if($_POST["captcha"] != $_SESSION["captcha"])
                    $captcha_err = "Incorrect captcha";
            }   
        }

        function test_input($data){
            //functon to test the input for scripts
            //Input: $data
            //Output: $data
            $data = trim($data);
            $data = stripslashes($data);
            $data = htmlspecialchars($data);
            return $data;
        }
    ?>

    <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
    <span class="error">* Required</span> <br>
    <label id="first_name_label">First Name: </label> <input type="text" name="first_name" value="<?php echo $result["first_name"]; ?>" required="required" placeholder="Enter first name"> <span class="error"> * <?php echo "$first_name_err";  ?> </span> <br> 
    <label id="last_name_label">Last Name: </label> <input type="text" name="last_name" value="<?php echo $result["last_name"]; ?>" placeholder="Enter last name"> <span class="error"> <?php echo "$last_name_err"; ?> </span> <br>
    <label id="email_label">E-Mail: </label> <input type="email" name="email" value="<?php echo $result["email"]; ?>" required="required" placeholder="Enter email"> <span class="error"> * <?php echo "$email_err"; ?> </span> <br>
    <label id="phone_number_label">Phone Number: </label> <input type="text" name="phone_number" value="<?php echo $result["phone_number"]; ?>" required="required" placeholder="Enter phone number"> <span class="error"> * <?php echo "$phone_number_err"; ?> </span> <br>
    <label id="gender_label">Gender:</label>
        <input type="radio" name="gender" <?php if($result['gender']=="Male") echo "checked";?> value="Male">Male
        <input type="radio" name="gender" <?php if ($result['gender']=="Female") echo "checked";?> value="Female">Female
        <input type="radio" name="gender" <?php if ($result['gender']=="Other") echo "checked";?> value="Other">Other <span class="error"> * <?php echo "$gender_err"; ?> </span> <br>
    <label id = "date_of_birth_label"> Date of Birth: </label> <input type="text" name="date_of_birth"value="<?php echo $result["date_of_birth"]; ?>" placeholder="dd-mm-yyyy"> <br>
    <label id="captcha_label">Enter Captcha: </label> <img src="captcha.php" width="120" height="30" border="1" > <br> <label id="captcha_label1"> </label> <input type="text" name="captcha" required="required" placeholder="Enter Captcha"> <span class= "error"> * <?php echo "$captcha_err"; ?> </span> <br>  
    <br>
    <input type="submit" name="submit" value="Update">  
    </form>
    <?php
        if($_SERVER["REQUEST_METHOD"] == "POST")
        {
            if(isset($_POST["first_name"]) && isset($_POST["last_name"]) && isset($_POST["gender"]) && isset($_POST["email"]) && isset($_POST["phone_number"]) && isset($_POST["captcha"]))
            {
                if ($first_name_err == "" && $last_name_err == "" && $gender_err == "" && $email_err == "" && $phone_number_err == ""  )//&& $captcha_err == "")
                {
                    $insert_date = $date_of_birth;


                    $sql_db = "REPLACE INTO Contact (first_name, last_name, email, phone_number, gender, date_of_birth) VALUES ('$first_name', '$last_name', '$email', '$phone_number', '$gender', '$insert_date') ";

                    $connection->query($sql_db);

                    $connection->close();

                    $_SESSION["edit_message"] = "Contact Details Edited Successfully";

                    unset($_SESSION["name"]);

                    header("Location: http://localhost/test/display.php?show_details=Show+Details");

                }
            }
        }
    ?>

</body>
</html>

我尝试将其存储在SESSION变量中,但是会话变量在编辑其他数据时不会改变。 我是php新手。请帮助...

3 个答案:

答案 0 :(得分:2)

<form action="" method="post">

这将保留查询字符串, 可以防止XSS漏洞;)

答案 1 :(得分:0)

应该将其存储在$ _SESSION中,也许您还没有启动会话?您可以通过在使用$ _SESSION变量之前调用start_session()函数来实现此目的

答案 2 :(得分:0)

在第一次加载页面时使用此代码。...

 if(isset($_REQUEST["id"]))
 {
    $_SESSION["id"] = $_REQUEST["id"];
 }

也可以使用会话代替$ _REQUEST

<input type="hidden" name="id" value="<?php if(isset($_SESSION['id'])){ echo $_SESSION['id']; }  ?>">