声明
会话消息未显示在主页(main.php)
假定包含 connection.php 。 (建立与MySQL服务器的连接)
我尝试过的事情
根据 add.php 中的以下代码,我有if-else语句来检查$url = mysqli_real_escape_string($conn,$_POST['url']);为UNIQUE的重复输入。但是在我尝试使用prepared statement之后,却没有显示会话消息。
main.php
<?php require_once 'add.php';
include 'connection.php'
?>
<?php if (isset($_SESSION['message'])): ?>
<div class="alert alert-<?=$_SESSION['msg_type']?> alert-dismissible fade show" role="alert">
<button type="button" class="close" data-dismiss="alert"><span style='font-size:25px;'>×</span></button>
<?php
echo $_SESSION['message'];
unset($_SESSION['message']);
?>
</div>
<?php endif ?>
add.php
if(isset($_POST['Save']))
{
$category = mysqli_real_escape_string($conn,$_POST['category']);
$url = mysqli_real_escape_string($conn,$_POST['url']);
$datetime = mysqli_real_escape_string($conn,$_POST['datetime']);
$lat = mysqli_real_escape_string($conn,$_POST['lat']);
$lng = mysqli_real_escape_string($conn,$_POST['lng']);
$stmt = $conn->prepare("INSERT INTO crimenews (crimenews_cat, crimenews_url, crimenews_datetime, crimenews_locationLat, crimenews_locationLong) VALUES ('$category', '$url', '$datetime', '$lat', '$lng') ON DUPLICATE KEY UPDATE crimenews_url = VALUES(crimenews_url)");
$stmt->bind_param("sssss",$_POST['category'],$_POST['url'],$_POST['datetime'],$_POST['lat'],$_POST['lng']);
$stmt->execute();
$result = $stmt->get_result();
if($result->num_rows>0)
{
//Fetch URL on each row
while($row = $result->fetch_assoc())
{
$crimenews_url = $row["crimenews_url"];
}
//If there is no duplicated URL inserted into MySQL server
if($crimenews_url == $url)
{
$_SESSION['message'] = "The news has added.";
$_SESSION['msg_type'] = "success";
}
//If there is duplicated URL insert into MySQL server
else
{
$_SESSION['message'] = "The news has already existed.";
$_SESSION['msg_type'] = "danger";
}
}
$stmt->close();
header("location: main.php");
}
预期结果
会话消息显示在main.php中。
答案 0 :(得分:1)
您的sql INSERT语句完全不正确-这很可能是代码失败的原因。当您使用prepared statement并尝试将bind的值赋给占位符时,您实际上必须具有占位符才能起作用。
$sql='INSERT INTO `crimenews`
(crimenews_cat, crimenews_url, crimenews_datetime, crimenews_locationLat, crimenews_locationLong)
VALUES
(?,?,?,?,?)
ON DUPLICATE KEY UPDATE
crimenews_url = VALUES( crimenews_url )';
$stmt = $conn->prepare( $sql );
$stmt->bind_param("sssss",$_POST['category'],$_POST['url'],$_POST['datetime'],$_POST['lat'],$_POST['lng']);
$stmt->execute();
您也许可以这样尝试-使用初始的select语句来确定url是否存在-未经测试
if( isset( $_POST['Save'] ) ){
session_start();
try{
$rowcount=0;
$category = mysqli_real_escape_string($conn,$_POST['category'] );
$url = mysqli_real_escape_string($conn,$_POST['url'] );
$datetime = mysqli_real_escape_string($conn,$_POST['datetime'] );
$lat = mysqli_real_escape_string($conn,$_POST['lat'] );
$lng = mysqli_real_escape_string($conn,$_POST['lng'] );
/*
-------------------------------------
does the url already exist in the db?
use a SELECT statement to find out
-------------------------------------
*/
$sql='select `crimenews_url` from `crimenews` where `crimenews_url`=?';
$stmt=$conn->prepare( $sql );
if( !$stmt ) throw new Exception('Failed to prepare SELECT statement');
$stmt->bind_param('s',$url );
$result=$stmt->execute();
if( $result ){
$stmt->store_result();
$rowcount=$stmt->num_rows;
$stmt->free_result();
$stmt->close();
} else {
throw new Exception('Initial SELECT query failed');
}
$sql='INSERT INTO `crimenews`
( `crimenews_cat`, `crimenews_url`, `crimenews_datetime`, `crimenews_locationLat`, `crimenews_locationLong` )
VALUES
( ?,?,?,?,? )
ON DUPLICATE KEY UPDATE
crimenews_url = VALUES( `crimenews_url` )';
$stmt = $conn->prepare( $sql );
if( !$stmt )throw new Exception('Failed to prepare SQL insert statement');
$stmt->bind_param( "sssss", $category, $url, $datetime, $lat, $lng );
$result = $stmt->execute();
/*
---------------------------------------------
the following portion makes no sense and is
incorrect as no recordset will be returned by
an `insert` statement.
----------------------------------------------
*/
/*
$result = $stmt->get_result();
if( $result->num_rows > 0 ) {
while( $row = $result->fetch_assoc() ){
$crimenews_url = $row["crimenews_url"];
}
if( $crimenews_url == $url ){
$_SESSION['message'] = "The news has added.";
$_SESSION['msg_type'] = "success";
} else {
$_SESSION['message'] = "The news has already existed.";
$_SESSION['msg_type'] = "danger";
}
}
*/
/*
------------------------------------------------
Instead, as there is now an initial SELECT query
and we should have assigned a value to $rowcount
you can use that for the logic test
------------------------------------------------
*/
if( $rowcount==1 ){
$_SESSION['message'] = "The news has already existed.";
$_SESSION['msg_type'] = "danger";
} else{
$_SESSION['message'] = "The news has added.";
$_SESSION['msg_type'] = "success";
}
$stmt->close();
header("location: main.php");
}catch( Exception $e ){
exit( $e->getMessage() );
}
}