使用php pdo将空值插入数据库表

时间:2019-02-19 17:27:20

标签: php mysql pdo

我为教师表创建了一个PHP接口。表中的所有列均设置为NOT NULL。如果我使用空输入提交表单。空值将提交给我的数据库表老师。我不明白表的列是否设置为不为空,为什么数据库表从我的用户界面接受空值。

   if(filter_has_var(INPUT_POST, "add_teacher")){

    function test_input($data){
        $data = stripslashes($data);
        $data = trim($data);
        $data = htmlspecialchars($data);
        return $data;
    }

    if(empty($_POST["firstname"])){
        $firstname_err = "* Firstname is required!";
    } else {
        if(!preg_match("/^[a-zA-Z ]*$/",$_POST["firstname"])){
            $firstname_err = "Invalid Firstname"; 
        } else if (!test_input($_POST["firstname"])){
            $firstname_err = "Invalid firstName, please enter a valid first name!";  
        } else {
            $firstname = $_POST["firstname"];
        }
    }

    if(empty($_POST["lastname"])){
        $lastname_err = "* Last name is required!";

    } else {
        if(!preg_match("/^[a-zA-Z ]*$/",$_POST["lastname"])){
            $lastname_err = "Invalid last name";
        } else if (!test_input($_POST["lastname"])){
            $lastname_err = "Invalid last name, please enter a valid last name!";
        } else {
            $lastname = $_POST["lastname"];
        }
    }

    if(empty($_POST["DOB"])){
        $DOB_err = "* Date of birth is a required field!";
    } else {
        $DOB = $_POST["DOB"];
    }


    if(empty($_POST["gender"])){
        $gender_err = "* Gender is a required field!";
    } else {
        $gender = $_POST["gender"];
    }

    if(empty($_POST["tazkira_number"])){
        $tazkira_number_err = "* This is a required field";

    } else {
        if(!filter_var($_POST["tazkira_number"], FILTER_VALIDATE_INT)){
            $tazkira_number_err = "* Only numbers are allowed";
        } else if(!test_input($_POST["tazkira_number"])){
            $tazkira_number_err = "* Invalid data entered";
        }
        else {
            $tazkira_number = $_POST["tazkira_number"];
        }
    }

    if(empty($_POST["phone_number"])){
        $phone_number_err = "* This is a required field";
    } else {
        $phone_number = $_POST["phone_number"];
    }


    if(empty($_POST["academic_field"])){
        $academic_field_err = "* Academic field is required!";
    } else {
        if(!preg_match("/^[a-zA-Z ]*$/",$_POST["academic_field"])){
            $academic_field_err = "Invalid academic field.";
        } else if (!test_input($_POST["academic_field"])){
            $academic_field_err = "Invalid academic field, please enter a valid academic field!";
        } else {
            $academic_field = $_POST["academic_field_err"];
        }
    }

    if(empty($_POST["email"])){
        $email_err = "* Email field is required!";

    } else {
        if(!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)){
            $email_err = "Invalid email entered";
        } else if (!test_input($_POST["email"])){
            $academic_femail_err = "Invalid data, please enter a valid email address!";
        } else {
            $email = $_POST["email"];
        }
    }

    if(empty($_POST["position"])){
        $position_err = "* Position field is required!";
    } else {
        if(!preg_match("/^[a-zA-Z ]*$/",$_POST["position"])){
            $position_err = "* Invalid data"; 
        } else if (!test_input($_POST["position"])){
            $position_err = "* Invalid data, please enter a valid position!";

        } else {
            $position = $_POST["position"];
        }
    }

    if(empty($_POST["hire_date"])){
        $hire_date_err = "* Hire date is a required field!";   
    } else {
        $hire_date = $_POST["hire_date"];
    }

    $resign_date = $_POST["resign_date"];

    $sql = "INSERT INTO teacher (firstname, lastname, DOB, gender, tazkira_number, phone_number, academic_field, email, position, hire_date, resign_date) VALUES (:firstname, :lastname, :DOB, :gender, :tazkira_number, :phone_number, :academic_field, :email, :position, :hire_date, :resign_date)";

    $stmt = $conn->prepare($sql);
    $res = $stmt->execute(["firstname"=> $firstname, "lastname" => $lastname, "DOB" => $DOB,  "gender" => $gender, "tazkira_number" => $tazkira_number, "phone_number" => $phone_number, "academic_field" => $academic_field,  "email" => $email, "position" => $position, "hire_date" => $hire_date,  "resign_date" => $resign_date]);

    $add_teacher_success_msg = "New teacher added successfully!";
}

正如您在上面看到的,此代码将一些值插入到教师中。如果我在表单输入中未写任何内容,请单击提交。空值或空值将被提交到表中。请帮我解决这个问题。谢谢

2 个答案:

答案 0 :(得分:1)

您的“空值”实际上不是“空”值,而是“空字符串”(具有零个字符的字符串)。

要使PDO将它们识别为NULL值,必须先将空字符串转换为null,然后再将其插入数据库。

例如,您可以创建函数:

// e2n means "empty to null", and made shorter for more convinient usage:
function e2n($src)
{
   if (is_string($src) && trim($src) == "")
   {
       return null;
   }
   else
   {
       return $src;
   }
}

并像这样使用它:


$sql = "INSERT INTO teacher (firstname, lastname, DOB, gender, tazkira_number, phone_number, academic_field, email, position, hire_date, resign_date) VALUES (:firstname, :lastname, :DOB, :gender, :tazkira_number, :phone_number, :academic_field, :email, :position, :hire_date, :resign_date)";

    $stmt = $conn->prepare($sql);
    $res = $stmt->execute(["firstname"=> e2n($firstname), "lastname" => e2n($lastname), "DOB" => e2n($DOB),  "gender" => e2n($gender), "tazkira_number" => e2n($tazkira_number), "phone_number" => e2n($phone_number), "academic_field" => e2n($academic_field),  "email" => e2n($email), "position" => e2n($position), "hire_date" => e2n($hire_date),  "resign_date" => e2n($resign_date)]);


此外,我建议您重构算法,以便您具有用于它们的一些字段和验证器名称数组,并遍历字段,运行相应的验证器,并进行e2n转换。 / p>

关于错误“ SQLSTATE [23000]:违反完整性约束:1048”:

要跳过数据插入,您应该为* _err变量添加测试:

$isOk = true;

//All your Error fields
$err_fields = ['firstname_err', 'lastname_err', 'DOB_err', 'gender_err', 'tazkira_number_err', 'phone_number_err', 'position_err', 'academic_field_err', 'email_err', 'hire_date_err'];

foreach ($err_fields as $field)
{
   if (isset($$field) && $$field)
   {
      echo "You have error!<br>";
      $isOk = false;
   }   
}

if ($isOk)
{
    // Running SQL if there were no errors:
    $sql = "INSERT INTO teacher (firstname, lastname, DOB, gender, tazkira_number, phone_number, academic_field, email, position, hire_date, resign_date) VALUES (:firstname, :lastname, :DOB, :gender, :tazkira_number, :phone_number, :academic_field, :email, :position, :hire_date, :resign_date)";

    $stmt = $conn->prepare($sql);
    $res = $stmt->execute(["firstname"=> e2n($firstname), "lastname" => e2n($lastname), "DOB" => e2n($DOB),  "gender" => e2n($gender), "tazkira_number" => e2n($tazkira_number), "phone_number" => e2n($phone_number), "academic_field" => e2n($academic_field),  "email" => e2n($email), "position" => e2n($position), "hire_date" => e2n($hire_date),  "resign_date" => e2n($resign_date)]);

}

答案 1 :(得分:0)

您正在检查无效值,但是如果发现无效值,则不执行任何操作。也就是说,无论您发现什么错误,您都始终在运行$errors = []; if (empty($_POST["email"])) { $errors[] = 'Email is required.'; } if (empty($_POST["academic_field"])) { $errors[] = "Academic field is required."; } // and so on... 。我建议不要为每个错误使用单独的变量,而是将错误附加到数组中:

$errors

然后,您可以检查if (empty($errors)) { // No errors, try the insert. $sql = "INSERT INTO teacher ..."; $stmt = $conn->prepare($sql); $res = $stmt->execute(...); } else { // Display the errors. echo "You have errors:"; foreach ($errors as $error) { echo $error; } } 是否为空,以了解是否有任何错误:

Navigator.push