最初,我将要创建,更新和删除3个单独的文件,但为了减少文件数量,我决定将全部文件合并为1个文件。当href转到仅处理删除过程的页面时,删除操作有效。问题是我的$ _GET在与create和update共享文件时似乎无法在处理器中工作。当前,如果单击“删除”,它将在表中创建一个空记录,因此将转到创建功能。
viewCountries.php
$CountryID = $row['COUNTRYID'];
<tr>
<td><?php echo $row['COUNTRYNAME']; ?></td>
<td><?php echo $row['GDP']; ?></td>
<td><a href="editCountry.php?CountryID=<?php echo $CountryID; ?>" class="btn btn-warning">Edit</a></td>
<td><a href="processor/countryProcessor.php?CountryID=<?php echo $CountryID; ?>" class="btn btn-danger">Delete</a></td>
countryProcessor.php
<?php
require('../scripts/x_connect.php');
if(isset($_POST)) {
// Create Country
if(!isset($_POST['CountryID'])) {
if(isset($_POST['CountryName'])) {
$CountryName = $_POST['CountryName'];
}
if(isset($_POST['Gross'])){
$Gross = $_POST['Gross'];
}
$stmt = oci_parse($conn, "INSERT INTO COUNTRY (COUNTRYNAME, GDP) VALUES (:CountryName, :GDP)");
oci_bind_by_name($stmt, ":CountryName", $CountryName);
oci_bind_by_name($stmt, ":GDP", $Gross);
oci_execute($stmt);
$Affected = oci_num_rows($stmt);
oci_commit($conn);
oci_free_statement($stmt);
oci_close($conn);
// echo $Gross;
// echo $CountryName;
if(count($Affected) > 0){
header("Location: ../viewCountries.php?Success=$CountryName has been created!");
} else {
header("Location: ../viewCountries.php?Danger=$CountryName hasn't been created!");
}
// Update Country
} else {
if(isset($_POST['CountryID'])) {
$CountryID = $_POST['CountryID'];
}
if(isset($_POST['CountryName'])) {
$CountryName = $_POST['CountryName'];
}
if(isset($_POST['Gross'])){
$Gross = $_POST['Gross'];
}
$stmt = oci_parse($conn, "UPDATE COUNTRY SET COUNTRYNAME = :CountryName, GDP = :GDP WHERE COUNTRYID = :CountryID");
oci_bind_by_name($stmt, ":CountryID", $CountryID);
oci_bind_by_name($stmt, ":CountryName", $CountryName);
oci_bind_by_name($stmt, ":GDP", $Gross);
oci_execute($stmt);
$Affected = oci_num_rows($stmt);
oci_commit($conn);
oci_free_statement($stmt);
oci_close($conn);
// echo "CountryID" . ' ' . $CountryID . "<br>";
// echo "GDP" . ' ' . $Gross . "<br>";
// echo "Country Name" . ' ' . $CountryName . "<br>";
// echo "Rows Affected" . ' ' . $Affected;
if(count($Affected) > 0){
header("Location: ../viewCountries.php?Success=$CountryName has been updated!");
} else {
header("Location: ../viewCountries.php?Danger=$CountryName hasn't been updated!");
}
}
} else {
// Delete Country
if(isset($_GET['CountryID'])) {
$CountryID = $_GET['CountryID'];
$stmt = oci_parse($conn, "DELETE FROM COUNTRY WHERE COUNTRYID = :CountryID");
ocibindbyname($stmt, ":CountryID", $CountryID);
oci_execute($stmt);
$Affected = oci_num_rows($stmt);
oci_commit($conn);
oci_free_statement($stmt);
oci_close($conn);
if(count($Affected) > 0){
header("Location: ../viewCountries.php?Success=Country has been deleted!");
} else {
header("Location: ../viewCountries.php?Danger=Country hasn't been deleted!");
}
}
}
?>
答案 0 :(得分:2)
代替:
if(isset($_POST)) {
最好这样做:
if ('POST' === $_SERVER['REQUEST_METHOD']) {
#its prefered to put constants, values, or function calls on the left (but its less intuitive to do)
#this is because you can do this if($_SERVER['REQUEST_METHOD'] = 'POST')
#which will assign `POST` to `$_SERVER['REQUEST_METHOD']` and return true on every request
#without an error and it can be very hard to debug, but the other way around will throw an error.
#so if we do our conditions this way, we can avoid that completely
这告诉您对服务器的请求是否是实际的帖子。始终设置超级全局$_POST的地方为空。
顺便说一下,$_SERVER是另一个超级全局变量,例如$_COOKIE,$_POST或$_GET。但是它包含有关服务器和请求标头等的信息。
使用来自$_SERVER的信息时,有一些注意事项,您应该像对待$_POST或$_GET一样对待大多数信息,因为您不能相信其中的某些信息是安全的由客户端编辑或来自客户端。
但这又是另一天的话题。
祝你好运!
答案 1 :(得分:1)
问题在于,始终设置POST超级全局,它只是空的。如果您是var_dump帖子,则会看到此内容。检查post变量不为空,或者检查是否设置了特定值,例如isset(post ['submit'])
答案 2 :(得分:0)
isset()检查变量是否存在并且不为空。对于$_POST或$_GET,它们是超全局变量,并且将始终存在于每个PHP脚本中。即使HTTP方法不是POST,超全局变量也将存在并且将包含空数组。这意味着isset($_POST)将始终返回true。
如果$_POST包含任何值,这是另一种比较方法:
if($_POST){
// your code
}
You could also check what was the request method used with $_SERVER['REQUEST_METHOD']
答案 3 :(得分:0)
检查发布的参数名称,例如isset($ _ POST ['CountryID'])而不是isset($ _ POST)。
因此,以下方法应该起作用。
<?php
require('../scripts/x_connect.php');
if(isset($_POST['CountryID'])) {
// Create Country
if(!isset($_POST['CountryID'])) {
if(isset($_POST['CountryName'])) {
$CountryName = $_POST['CountryName'];
}
if(isset($_POST['Gross'])){
$Gross = $_POST['Gross'];
}
$stmt = oci_parse($conn, "INSERT INTO COUNTRY (COUNTRYNAME, GDP) VALUES (:CountryName, :GDP)");
oci_bind_by_name($stmt, ":CountryName", $CountryName);
oci_bind_by_name($stmt, ":GDP", $Gross);
oci_execute($stmt);
$Affected = oci_num_rows($stmt);
oci_commit($conn);
oci_free_statement($stmt);
oci_close($conn);
// echo $Gross;
// echo $CountryName;
if(count($Affected) > 0){
header("Location: ../viewCountries.php?Success=$CountryName has been created!");
} else {
header("Location: ../viewCountries.php?Danger=$CountryName hasn't been created!");
}
// Update Country
} else {
if(isset($_POST['CountryID'])) {
$CountryID = $_POST['CountryID'];
}
if(isset($_POST['CountryName'])) {
$CountryName = $_POST['CountryName'];
}
if(isset($_POST['Gross'])){
$Gross = $_POST['Gross'];
}
$stmt = oci_parse($conn, "UPDATE COUNTRY SET COUNTRYNAME = :CountryName, GDP = :GDP WHERE COUNTRYID = :CountryID");
oci_bind_by_name($stmt, ":CountryID", $CountryID);
oci_bind_by_name($stmt, ":CountryName", $CountryName);
oci_bind_by_name($stmt, ":GDP", $Gross);
oci_execute($stmt);
$Affected = oci_num_rows($stmt);
oci_commit($conn);
oci_free_statement($stmt);
oci_close($conn);
// echo "CountryID" . ' ' . $CountryID . "<br>";
// echo "GDP" . ' ' . $Gross . "<br>";
// echo "Country Name" . ' ' . $CountryName . "<br>";
// echo "Rows Affected" . ' ' . $Affected;
if(count($Affected) > 0){
header("Location: ../viewCountries.php?Success=$CountryName has been updated!");
} else {
header("Location: ../viewCountries.php?Danger=$CountryName hasn't been updated!");
}
}
} else {
// Delete Country
if(isset($_GET['CountryID'])) {
$CountryID = $_GET['CountryID'];
$stmt = oci_parse($conn, "DELETE FROM COUNTRY WHERE COUNTRYID = :CountryID");
ocibindbyname($stmt, ":CountryID", $CountryID);
oci_execute($stmt);
$Affected = oci_num_rows($stmt);
oci_commit($conn);
oci_free_statement($stmt);
oci_close($conn);
if(count($Affected) > 0){
header("Location: ../viewCountries.php?Success=Country has been deleted!");
} else {
header("Location: ../viewCountries.php?Danger=Country hasn't been deleted!");
}
}
}
?>
答案 4 :(得分:0)
正如其他人已经提到的那样,if (isset($_POST))将始终返回true。
恕我直言,我认为您应该在做事时考虑以正确的方式做事。考虑在https://www.codecademy.com/articles/what-is-crud阅读有关CRUD的内容。
您将在此处了解到,GET调用通常不应该用于删除内容。删除应使用DELETE动词/方法。添加应使用POST方法,更新应使用PUT方法,等等。
此外,在当前设置下,当搜索引擎Bot抓取您的URL时,可以从数据库中删除代码,尤其是考虑到从数据库中删除行之前不需要确认的事实。
至少,请确保您的CountryID不是顺序ID,并且它是某种UUID哈希,很难猜测。
答案 5 :(得分:0)
赞赏每个人的快速反应。我已决定通过在视图中添加隐藏的输入标签来区分创建和更新方式,从而使处理器看起来不那么混乱。因此,viewCountries.php保持不变。
createCountry.php
<input type="hidden" name="Action" value="Create">
editCountry.php
<input type="hidden" name="Action" value="Update">
countryProcessor.php
// Create Country
if($_POST['Action'] == "Create") {
if(isset($_POST['CountryName'])) {
$CountryName = $_POST['CountryName'];
}
if(isset($_POST['Gross'])){
$Gross = $_POST['Gross'];
}
$stmt = oci_parse($conn, "INSERT INTO COUNTRY (COUNTRYNAME, GDP) VALUES (:CountryName, :GDP)");
oci_bind_by_name($stmt, ":CountryName", $CountryName);
oci_bind_by_name($stmt, ":GDP", $Gross);
oci_execute($stmt);
$Affected = oci_num_rows($stmt);
oci_commit($conn);
oci_free_statement($stmt);
oci_close($conn);
// echo $Gross;
// echo $CountryName;
if(count($Affected) > 0){
header("Location: ../viewCountries.php?Success=$CountryName has been created!");
} else {
header("Location: ../viewCountries.php?Danger=$CountryName hasn't been created!");
}
// Update Country
} elseif($_POST['Action'] == "Update") {
if(isset($_POST['CountryID'])) {
$CountryID = $_POST['CountryID'];
}
if(isset($_POST['CountryName'])) {
$CountryName = $_POST['CountryName'];
}
if(isset($_POST['Gross'])){
$Gross = $_POST['Gross'];
}
$stmt = oci_parse($conn, "UPDATE COUNTRY SET COUNTRYNAME = :CountryName, GDP = :GDP WHERE COUNTRYID = :CountryID");
oci_bind_by_name($stmt, ":CountryID", $CountryID);
oci_bind_by_name($stmt, ":CountryName", $CountryName);
oci_bind_by_name($stmt, ":GDP", $Gross);
oci_execute($stmt);
$Affected = oci_num_rows($stmt);
oci_commit($conn);
oci_free_statement($stmt);
oci_close($conn);
// echo "CountryID" . ' ' . $CountryID . "<br>";
// echo "GDP" . ' ' . $Gross . "<br>";
// echo "Country Name" . ' ' . $CountryName . "<br>";
// echo "Rows Affected" . ' ' . $Affected;
if(count($Affected) > 0){
header("Location: ../viewCountries.php?Success=$CountryName has been updated!");
} else {
header("Location: ../viewCountries.php?Danger=$CountryName hasn't been updated!");
}
} else {
// Delete Country
if(isset($_GET['CountryID'])) {
$CountryID = $_GET['CountryID'];
$stmt = oci_parse($conn, "DELETE FROM COUNTRY WHERE COUNTRYID = :CountryID");
ocibindbyname($stmt, ":CountryID", $CountryID);
oci_execute($stmt);
$Affected = oci_num_rows($stmt);
oci_commit($conn);
oci_free_statement($stmt);
oci_close($conn);
if(count($Affected) > 0){
header("Location: ../viewCountries.php?Success=Country has been deleted!");
} else {
header("Location: ../viewCountries.php?Danger=Country hasn't been deleted!");
}
}
}
答案 6 :(得分:-1)
正如其他一些人所提到的,$_POST始终被设置,因此您的脚本永远不会进入您的else{}子句。
尝试一下;更改您的第一个实例:
if(isset($_POST))
至
if(sizeof($_POST))