PHP PDO破坏了我的$ _POST值？

EDIT: Edit of the original code: (I changed the if to "if($_POST['Break'] != "")" to test it and it doesnt work, neither do any of the other varients that i've tried.

if($_SERVER['REQUEST_METHOD'] != 'POST')
{
    echo '<form method="post" action="">
        Category name: <input type="text" name="cat_name" />
        Category description: <textarea name="cat_description" /></textarea>
        <input type="checkbox" value="Break">Is Table Break?<br>
        <input type="submit" value="Add category" />
     </form>';
}


$sql= 'INSERT INTO categories(cat_name, cat_description, isheader) VALUES (:cat_name, :cat_description, :isheader)';
         $stmt = $DBH->prepare($sql);
          if($_POST['Break'] != ""){
          $isbreak = true;
          }
          else{
          $isbreak = false;
          }         
        $stmt->bindParam(':cat_name', $_POST['cat_name']); 
        $stmt->bindParam(':cat_description', $_POST['cat_description']);
        $stmt->bindParam(':isheader', $isbreak);
        try{
           $stmt->execute();
           header('Location: /testpage.php');
        }
        catch(PDOexception $e){
          $e->getMessage();
        }

The above code should insert into my database with Column "Break" being set to "True"(or 1) when a checkbox is checked. It doesnt. I've tried the following if statements and none fixed it:

if(isset($_POST['Break']) == 1)
if(($_POST['Break']) == "Break")  - ("Break" being the name of my checkbox.
if(($_POST['Break']) === "Break") 
if(($_POST['Break']) == 'Break')

Now i know this code SHOULD work because before i converted to PDO php it was working. Heres what my previous code looked like. This was 100% working how i wanted it to:

if(isset($_POST['Break']) == 1){
   $isbreak = true;
}
else{
    $isbreak = false;
}
$sql = "INSERT INTO categories(cat_name, cat_description, isheader)
           VALUES('" . mysql_real_escape_string($_POST['cat_name']) . "',
                 '" . mysql_real_escape_string($_POST['cat_description']) . "', ". $isbreak.")";

 $result = mysql_query($sql);
    if(!$result)
    {
        echo 'Error' . mysql_error();
    }
    else
    {
        header('Location: /testpage.php');
    };

I know some of the $_POST data works because my database is filled with the correct "cat_name" and "cat_description" with the PDO code. I've had this problem for EVERY page on my site converting it. I've managed to find dumb little work around specific to each page, but i cant figure this one out. I'd rather just know why this is acting the way it is.

What's more is that when i do print_r($_POST) and my check box is checked it returns the value "Break". I dont understand it.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
duanmeng1950 2014-05-29 21:43
关注
why i use string values for $isbreak. It gets put into the sql statement as a string anyway so it doesnt matter.

Yes, it does matter.

The string 'true' in an integer context has the value 0 in MySQL. Any string-to-integer conversion that happens implicitly takes the leading digit characters from the string, and if there are none, the string has the value zero.

Whereas the keyword true is exactly equal to the integer 1.

Here's a demo of the conversion. I'm adding + 0 to force the values to be converted to integers.

mysql> select 'true' + 0; +------------+ | 'true' + 0 | +------------+ | 0 | +------------+ mysql> select true + 0; +----------+ | true + 0 | +----------+ | 1 | +----------+

In your old code, you put the true keyword into your INSERT statement, so the MySQL server ended up seeing the following:

INSERT INTO categories(cat_name, cat_description, isheader) VALUES('name', 'description', true)

When true is inserted into an integer column, the value inserted is 1.

But when passing strings as parameters, they are sent as strings, so it works similar* to the following:

INSERT INTO categories(cat_name, cat_description, isheader) VALUES('name', 'description', 'true')

When 'true' is inserted into an integer column, the value inserted is 0.

Re your comment:

It makes no difference if you're using PDO or non-PDO. If you interpolate an unquoted string into an SQL statement, it is parsed as a keyword. If you pass a string as a parameter, it's similar to interpolating a quoted string into the SQL statement, and therefore 'true' becomes 0 in an integer context.

I worked up a more thorough test script. I guess you got your answer, it was actually an HTML form problem, not an SQL problem. But I'll post my test script here anyway for future reference.

<?php $pdo = new PDO(..., array(PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION)); $pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 1: literal true', true)"); $stmt->execute(); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 2: literal \'true\'', 'true')"); $stmt->execute(); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 3: literal 1', 1)"); $stmt->execute(); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 4: literal \'1\'', '1')"); $stmt->execute(); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 5: param true', ?)"); $stmt->execute(array(true)); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 6: param \'true\'', ?)"); $stmt->execute(array('true')); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 7: param 1', ?)"); $stmt->execute(array(1)); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 8: param \'1\'', ?)"); $stmt->execute(array('1'));

Here's the result:

+------------------------+---------+ | test | boolcol | +------------------------+---------+ | test 1: literal true | 1 | | test 2: literal 'true' | 0 | | test 3: literal 1 | 1 | | test 4: literal '1' | 1 | | test 5: param true | 1 | | test 6: param 'true' | 0 | | test 7: param 1 | 1 | | test 8: param '1' | 1 | +------------------------+---------+

* Parameters are never combined with the SQL syntax, they're combined with an internal representation of the query logic during execution, but after the SQL has already been parsed. That's why I say "similar."
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

PHP PDO破坏了我的$ _POST值？ mysql php
2014-05-29 21:21

回答 1 已采纳 why i use string values for $isbreak. It gets put into the sql statement as a string anyway so
sql pdo选择菜单值$ _POST php sql
2017-04-23 16:50

回答 1 已采纳 You can add check for that : $sql = "SELECT DISTINCT * FROM Library"; if( (isset($_POST['titel']
使用PDO将textarea $ _POST导入MySQL mysql php
2015-02-28 02:56

回答 2 已采纳 You're using desc for your column, being a MySQL reserved word without escaping it with ticks. Ei
【PHP 面向对象】面向对象(OOP)编程之PDO对象操作数据库知识点归纳总结（五）
2021-05-13 17:44

一纸荒凉 * Armani的博客 PDO对象PDO 是什么PDO 的特点开启 PDO扩展使用PDO连接数据库创建 PDO 对象使用PDO执行SQL语句1) exec() 方法2) query() 方法3) 预处理语句方式实战：完善登录注册功能 PDO 是什么 PDO 是 PHP Date Object（PHP 数据...
我是否需要准备和绑定$ _SESSION变量？ php
2015-04-10 07:30

回答 1 已采纳 1. Do I need to prepare a $_SESSION variable as I do with POST and GET? Yes you do. It's as unsaf
如何从jquery .post访问$ _POST变量？ jquery php
2013-08-06 02:16

回答 3 已采纳 When you serialize a form with jQuery, submit button is not included so you should replace if(iss
使用$ _POST从Select语句设置文本框值？ mysql php
2016-01-07 23:45

回答 1 已采纳 value="<?php echo $result['petType'] ?>" But a problem with your code is that you're just
【渝粤教育】广东开放大学 PHP动态网站设计形成性考核 (48)
2021-12-02 06:36

渝粤题库的博客答案：看左侧题目：PHP是一种跨平台、的网页脚本语言。答案：看左侧题目：PHP网站可称为。答案：看左侧题目：PHP网页文件的文件扩展名为____________。答案：看左侧题目：PHP配置文件的文件名为____________...
将$ _POST数据传递给PDO函数 php
2013-08-11 18:41

回答 1 已采纳 You should check $_POST even before executing your code, this prevents to handle empty inputs, the
PHP 7.0.10 - $ _Post无法使用 mysql php
2016-10-14 07:43

回答 1 已采纳 First there is usually no Reason to write the POST variable $_POST['titre'] into $titre. Just be h
INSERT与PDO $ _POST无法正常工作 php
2013-10-09 16:47

回答 1 已采纳 If you haven't thrown the computer out the window already, you should've checked whether $_POST va
【粉丝福利社】PHP从入门到精通（第6版）（软件开发视频大讲堂）（文末送书-完结）
2024-03-18 09:58

愚公搬代码的博客 PHP（全称为Hypertext Preprocessor）是一种开源的服务器端脚本语言。它被设计用于开发动态的互联网应用程序，例如网站和Web应用程序。PHP可以嵌入到HTML中，可以与数据库进行交互，并且可以生成动态的网页内容。PHP...
如何在PDO中使用$ _GET计算空行 mysql php
2015-03-04 03:11

回答 1 已采纳 What are you doing here?? WHERE id=:$idClick What you want to do is set a bind param and then e
【渝粤题库】广东开放大学 PHP 动态网站技术形成性考核
2021-11-26 00:14

渝粤题库的博客题目：PHP网站可称为_____。答案： A、网络应用程序 B、PHP应用程序 C、Web应用程序 D、桌面应用程序题目：PHP指的是_____。答案： A、PHP: Hypertext Preprocessor B、Personal Hypertext Processor C、Personal...
7 php 内存泄漏_定位分析内存泄漏的原因和后果
2020-12-22 12:41

weixin_39571404的博客内部泄漏错误代码：Fatal error: Allowed memory size of X bytes exhausted (tried to allocate Y bytes)观察php程序内存使用情况php提提供了两个方法来获取当前程序的内存使用情况。memorygetusage()，这个函数的...
PHP登陆/php登录--【白嫖项目】
2023-07-23 10:04

项目花园范德彪的博客密码自己改为 type=“password" 只为展示一下例3（只有登录功能OK）例4：例5：动态炫酷的大数据界面-炫酷到没朋友–大作业，毕设必备验证码是假的，固定图片，输入也可以乱输入，蒙外人的。嘿嘿也可以调一下...
大数据技术之数据安全与网络安全——CMS靶场(文章管理系统)实训
2023-11-25 00:25

星川皆无恙的博客数据与网络安全作为保障大数据系统正常运行的基石，同样备受关注。今天写博客时候发现自己很久没更新数据安全与网络安全方面的内容了，于是花了点时间写一篇CMS靶场实训博客。本文通过CMS靶场实训，深入分析CMS系统...
modx注册码_MODX：您从未使用过的最佳CMS？
2020-08-26 14:12

culi3118的博客如果不进行大量调整和学习复杂的模板结构，我发现没有什么事情变得如此简单。当我安装MODX时，有指向BaseTemplate的链接；我将我HTML粘贴到了那里，然后就可以正常工作了，正如他们所说的那样，没有大惊小怪的...
最新PHP 面试、笔试题汇总(code happy)
2019-06-28 19:27

想出家的霸天虎的博客然后再进行操作，而单引号则不需要判断）十八、常用的超全局变量 $_GET ----->get传送方式 $_POST ----->post传送方式 $_REQUEST ----->可以接收到get和post两种方式的值 $GLOBALS ----->所有的变量都放在里面 $_...
sap采购组织和采购组_捏事件采购
2020-08-31 15:00

culi4814的博客 So, if you find yourself needing something like Event Sourcing, but don’t know or understand the rest of DDD, I hope this post helps you. In a pinch. 不过，我认为这是一个有趣而有趣的练习，很少有人能...
没有解决我的问题, 去提问

悬赏问题

¥50 vue组件中无法正确接收并处理axios请求
¥15 隐藏系统界面pdf的打印、下载按钮
¥15 MATLAB联合adams仿真卡死如何解决(代码模型无问题)
¥15 基于pso参数优化的LightGBM分类模型
¥15 安装Paddleocr时报错无法解决
¥15 python中transformers可以正常下载，但是没有办法使用pipeline
¥50 分布式追踪trace异常问题
¥15 人在外地出差，速帮一点点
¥15 如何使用canvas在图片上进行如下的标注，以下代码不起作用,如何修改
¥50 vue router 动态路由问题

PHP PDO破坏了我的$ _POST值？

1条回答 默认 最新

悬赏问题

1条回答默认最新