PHP PDO破坏了我的$ _POST值？

EDIT: Edit of the original code: (I changed the if to "if($_POST['Break'] != "")" to test it and it doesnt work, neither do any of the other varients that i've tried.

if($_SERVER['REQUEST_METHOD'] != 'POST')
{
    echo '<form method="post" action="">
        Category name: <input type="text" name="cat_name" />
        Category description: <textarea name="cat_description" /></textarea>
        <input type="checkbox" value="Break">Is Table Break?<br>
        <input type="submit" value="Add category" />
     </form>';
}


$sql= 'INSERT INTO categories(cat_name, cat_description, isheader) VALUES (:cat_name, :cat_description, :isheader)';
         $stmt = $DBH->prepare($sql);
          if($_POST['Break'] != ""){
          $isbreak = true;
          }
          else{
          $isbreak = false;
          }         
        $stmt->bindParam(':cat_name', $_POST['cat_name']); 
        $stmt->bindParam(':cat_description', $_POST['cat_description']);
        $stmt->bindParam(':isheader', $isbreak);
        try{
           $stmt->execute();
           header('Location: /testpage.php');
        }
        catch(PDOexception $e){
          $e->getMessage();
        }

The above code should insert into my database with Column "Break" being set to "True"(or 1) when a checkbox is checked. It doesnt. I've tried the following if statements and none fixed it:

if(isset($_POST['Break']) == 1)
if(($_POST['Break']) == "Break")  - ("Break" being the name of my checkbox.
if(($_POST['Break']) === "Break") 
if(($_POST['Break']) == 'Break')

Now i know this code SHOULD work because before i converted to PDO php it was working. Heres what my previous code looked like. This was 100% working how i wanted it to:

if(isset($_POST['Break']) == 1){
   $isbreak = true;
}
else{
    $isbreak = false;
}
$sql = "INSERT INTO categories(cat_name, cat_description, isheader)
           VALUES('" . mysql_real_escape_string($_POST['cat_name']) . "',
                 '" . mysql_real_escape_string($_POST['cat_description']) . "', ". $isbreak.")";

 $result = mysql_query($sql);
    if(!$result)
    {
        echo 'Error' . mysql_error();
    }
    else
    {
        header('Location: /testpage.php');
    };

I know some of the $_POST data works because my database is filled with the correct "cat_name" and "cat_description" with the PDO code. I've had this problem for EVERY page on my site converting it. I've managed to find dumb little work around specific to each page, but i cant figure this one out. I'd rather just know why this is acting the way it is.

What's more is that when i do print_r($_POST) and my check box is checked it returns the value "Break". I dont understand it.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
duanmeng1950 2014-05-29 21:43
关注
why i use string values for $isbreak. It gets put into the sql statement as a string anyway so it doesnt matter.

Yes, it does matter.

The string 'true' in an integer context has the value 0 in MySQL. Any string-to-integer conversion that happens implicitly takes the leading digit characters from the string, and if there are none, the string has the value zero.

Whereas the keyword true is exactly equal to the integer 1.

Here's a demo of the conversion. I'm adding + 0 to force the values to be converted to integers.

mysql> select 'true' + 0; +------------+ | 'true' + 0 | +------------+ | 0 | +------------+ mysql> select true + 0; +----------+ | true + 0 | +----------+ | 1 | +----------+

In your old code, you put the true keyword into your INSERT statement, so the MySQL server ended up seeing the following:

INSERT INTO categories(cat_name, cat_description, isheader) VALUES('name', 'description', true)

When true is inserted into an integer column, the value inserted is 1.

But when passing strings as parameters, they are sent as strings, so it works similar* to the following:

INSERT INTO categories(cat_name, cat_description, isheader) VALUES('name', 'description', 'true')

When 'true' is inserted into an integer column, the value inserted is 0.

Re your comment:

It makes no difference if you're using PDO or non-PDO. If you interpolate an unquoted string into an SQL statement, it is parsed as a keyword. If you pass a string as a parameter, it's similar to interpolating a quoted string into the SQL statement, and therefore 'true' becomes 0 in an integer context.

I worked up a more thorough test script. I guess you got your answer, it was actually an HTML form problem, not an SQL problem. But I'll post my test script here anyway for future reference.

<?php $pdo = new PDO(..., array(PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION)); $pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 1: literal true', true)"); $stmt->execute(); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 2: literal \'true\'', 'true')"); $stmt->execute(); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 3: literal 1', 1)"); $stmt->execute(); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 4: literal \'1\'', '1')"); $stmt->execute(); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 5: param true', ?)"); $stmt->execute(array(true)); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 6: param \'true\'', ?)"); $stmt->execute(array('true')); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 7: param 1', ?)"); $stmt->execute(array(1)); $stmt = $pdo->prepare("INSERT INTO foo (test, boolcol) VALUES ('test 8: param \'1\'', ?)"); $stmt->execute(array('1'));

Here's the result:

+------------------------+---------+ | test | boolcol | +------------------------+---------+ | test 1: literal true | 1 | | test 2: literal 'true' | 0 | | test 3: literal 1 | 1 | | test 4: literal '1' | 1 | | test 5: param true | 1 | | test 6: param 'true' | 0 | | test 7: param 1 | 1 | | test 8: param '1' | 1 | +------------------------+---------+

* Parameters are never combined with the SQL syntax, they're combined with an internal representation of the query logic during execution, but after the SQL has already been parsed. That's why I say "similar."
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

sql pdo选择菜单值$ _POST php sql
2017-04-23 16:50

回答 1 已采纳 You can add check for that : $sql = "SELECT DISTINCT * FROM Library"; if( (isset($_POST['titel']
使用PDO将textarea $ _POST导入MySQL mysql php
2015-02-28 02:56

回答 2 已采纳 You're using desc for your column, being a MySQL reserved word without escaping it with ticks. Ei
我是否需要准备和绑定$ _SESSION变量？ php
2015-04-10 07:30

回答 1 已采纳 1. Do I need to prepare a $_SESSION variable as I do with POST and GET? Yes you do. It's as unsaf
php桌面中心(二) 数据库写入
2020-12-17 16:47

在这个例子中，`$jpg`应该是要插入的表格名称，而`'$id'`, `'$url'`, `'$mess'`等是值。但请注意，直接在SQL查询中使用用户输入（未经过验证或清理）存在SQL注入的风险。为了安全，应使用预处理语句或参数化查询。 ...
如何从jquery .post访问$ _POST变量？ jquery php
2013-08-06 02:16

回答 3 已采纳 When you serialize a form with jQuery, submit button is not included so you should replace if(iss
使用$ _POST从Select语句设置文本框值？ mysql php
2016-01-07 23:45

回答 1 已采纳 value="<?php echo $result['petType'] ?>" But a problem with your code is that you're just
将$ _POST数据传递给PDO函数 php
2013-08-11 18:41

回答 1 已采纳 You should check $_POST even before executing your code, this prevents to handle empty inputs, the
基于PHP的星星采集系统php版源码.zip
2024-01-04 23:20

在互联网大数据时代，这样的系统对于网站运营、数据分析以及内容聚合具有很高的价值。在PHP语言中，实现星星采集系统涉及到以下几个关键知识点： 1. **HTTP请求**：采集系统首先需要能够发送HTTP请求到目标网站...
PHP 7.0.10 - $ _Post无法使用 mysql php
2016-10-14 07:43

回答 1 已采纳 First there is usually no Reason to write the POST variable $_POST['titre'] into $titre. Just be h
INSERT与PDO $ _POST无法正常工作 php
2013-10-09 16:47

回答 1 已采纳 If you haven't thrown the computer out the window already, you should've checked whether $_POST va
如何在PDO中使用$ _GET计算空行 mysql php
2015-03-04 03:11

回答 1 已采纳 What are you doing here?? WHERE id=:$idClick What you want to do is set a bind param and then e
【PHP 面向对象】面向对象(OOP)编程之PDO对象操作数据库知识点归纳总结（五）
2021-05-13 17:44

一纸荒凉 * Armani的博客 PDO对象PDO 是什么PDO 的特点开启 PDO扩展使用PDO连接数据库创建 PDO 对象使用PDO执行SQL语句1) exec() 方法2) query() 方法3) 预处理语句方式实战：完善登录注册功能 PDO 是什么 PDO 是 PHP Date Object（PHP 数据...
如何构建小学至大学素质评价档案系统 —— php Vue 实践指南
2024-08-26 18:32

计算机毕设匠心工作室的博客亲爱的同学们，如果你对如何构建小学至大学素质评价档案系统感... 精彩专栏推荐订阅不然下次找不到哟~Java实战项目Python实战项目微信小程序|安卓实战项目大数据实战项目PHP|C#.NET|Golang实战项目主页获取源码联系。
【粉丝福利社】PHP从入门到精通（第6版）（软件开发视频大讲堂）（文末送书-完结）
2024-03-18 09:58

愚公搬代码的博客 PHP（全称为Hypertext Preprocessor）是一种开源的服务器端脚本语言。它被设计用于开发动态的互联网应用程序，例如网站和Web应用程序。PHP可以嵌入到HTML中，可以与数据库进行交互，并且可以生成动态的网页内容。PHP...
【渝粤教育】广东开放大学 PHP动态网站设计形成性考核 (48)
2021-12-02 06:36

渝粤题库的博客答案：看左侧题目：PHP是一种跨平台、的网页脚本语言。答案：看左侧题目：PHP网站可称为。答案：看左侧题目：PHP网页文件的文件扩展名为____________。答案：看左侧题目：PHP配置文件的文件名为____________...
具有原生的PHP开发的简易留言板源码
2017-07-22 14:51

3. **数据库交互**：使用PHP的PDO（PHP Data Objects）或mysqli扩展与MySQL数据库进行交互，包括创建表，插入、查询和更新数据。 4. **错误处理**：学习如何在代码中添加适当的错误检查和处理机制，以确保系统的...
7 php 内存泄漏_定位分析内存泄漏的原因和后果
2020-12-22 12:41

weixin_39571404的博客内部泄漏错误代码：Fatal error: Allowed memory size of X bytes exhausted (tried to allocate Y bytes)观察php程序内存使用情况php提提供了两个方法来获取当前程序的内存使用情况。memorygetusage()，这个函数的...
【渝粤题库】广东开放大学 PHP 动态网站技术形成性考核
2021-11-26 00:14

渝粤题库的博客题目：PHP网站可称为_____。答案： A、网络应用程序 B、PHP应用程序 C、Web应用程序 D、桌面应用程序题目：PHP指的是_____。答案： A、PHP: Hypertext Preprocessor B、Personal Hypertext Processor C、Personal...
PHP登陆/php登录--【白嫖项目】
2023-07-23 10:04

项目花园范德彪的博客密码自己改为 type=“password" 只为展示一下例3（只有登录功能OK）例4：例5：动态炫酷的大数据界面-炫酷到没朋友–大作业，毕设必备验证码是假的，固定图片，输入也可以乱输入，蒙外人的。嘿嘿也可以调一下...
计算机毕业设计选题推荐-基于PHP框架项目推荐（中）
2024-09-16 22:56

计算机毕设大佬的博客如果你在毕业设计的开发过程中遇到任何问题，无论是代码编写、框架选择，还是项目的架构设计，请随时来咨询我。我很乐意帮助你解决问题，助力你的项目顺利完成。
没有解决我的问题, 去提问

悬赏问题

¥15 DS18B20内部ADC模数转换器
¥15 做个有关计算的小程序
¥15 MPI读取tif文件无法正常给各进程分配路径
¥15 如何用MATLAB实现以下三个公式（有相互嵌套）
¥30 关于#算法#的问题：运用EViews第九版本进行一系列计量经济学的时间数列数据回归分析预测问题求各位帮我解答一下
¥15 setInterval 页面闪烁，怎么解决
¥15 如何让企业微信机器人实现消息汇总整合
¥50 关于#ui#的问题：做yolov8的ui界面出现的问题
¥15 如何用Python爬取各高校教师公开的教育和工作经历
¥15 TLE9879QXA40 电机驱动

PHP PDO破坏了我的$ _POST值？

1条回答 默认 最新

悬赏问题

1条回答默认最新