防止空数据插入数据库

I have a form that provides the user with an option to post within 1 of 3 columns. If the user decides they want to post in the first column, then they click the column 1 button and my jquery script removes the other 2 input fields.

The issue is that each one of these columns are linked to its own table within the database, so every time a user enters information into 1 of the columns, it's sent to the landing page where it updates all 3 tables.

If the user where to select Column 1, then their information will be inserted in to the Column 1 table, but blank rows will also be inserted into table 2 and 3.

<?php
     $con=mysqli_connect("URL", "DB", "password","DB_Name");
      // Check connection
      if (mysqli_connect_errno()) {
        echo "Failed to connect to MySQL: " . mysqli_connect_error();
      }

     // escape variables for security
     $Main= mysqli_real_escape_string($con, $_POST['Column_1']);
     $storyn1 = mysqli_real_escape_string($con, $_POST['storyn1']);

     $sql="INSERT INTO Column_1 (Link1, storyn1) 
     VALUES ('$Main', '$storyn1')";

    if (!mysqli_query($con,$sql)) {
       die('Error: ' . mysqli_error($con));
    }
    mysqli_close($con);

   $con=mysqli_connect("URL", "DB", "password","DB_Name");
   // Check connection
   if (mysqli_connect_errno()) {
     echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }

     // escape variables for security
    $MLB= mysqli_real_escape_string($con, $_POST['MLB']);
    $storyn2 = mysqli_real_escape_string($con, $_POST['storyn2']);

    $sql="INSERT INTO Column_2 (Link, storyn2) 
    VALUES ('$MLB', '$storyn2')";

    if (!mysqli_query($con,$sql)) {
       die('Error: ' . mysqli_error($con));
    }
    mysqli_close($con);

    $con=mysqli_connect("URL", "DB", "password","DB_Name");;
    // Check connection
    if (mysqli_connect_errno()) {
       echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }

     // escape variables for security
     $Column_3= mysqli_real_escape_string($con, $_POST['Column_3']);
     $storyn3 = mysqli_real_escape_string($con, $_POST['storyn3']);

     $sql="INSERT INTO Column_3 (Link3, storyn3) 
     VALUES ('$Column_3', '$storyn3')";

    if (!mysqli_query($con,$sql)) {
      die('Error: ' . mysqli_error($con));
     }

mysqli_close($con);
?>

I feel like the reason I'm getting blank rows inserted into my table is because this page contains insert code for all 3 tables. Whats the best practice for this? Do I need to have 3 separate landing pages to house these insertion codes?

Here is the updated Code from the suggestions below:

                 // escape variables for security
                $Main= mysqli_real_escape_string($con, $_POST['Column_1']);
                $storyn1 = mysqli_real_escape_string($con, $_POST['storyn1']);

                $MLB= mysqli_real_escape_string($con, $_POST['MLB']);
                $storyn2 = mysqli_real_escape_string($con, $_POST['storyn2']);

                $Column_3= mysqli_real_escape_string($con, $_POST['Column_3']);
                $storyn3 = mysqli_real_escape_string($con, $_POST['storyn3']);

                if(!empty($_POST['Column_1']) && !empty($_POST['storyn1'])) {
                          $sql="INSERT INTO Column_1 (Link1, storyn1) 
                     VALUES ('$Main', '$storyn1')";
                    }

                    if(!empty($_POST['MLB']) && !empty($_POST['storyn2'])) {
                       $sql="INSERT INTO Column_2 (Link, storyn2) 
                VALUES ('$MLB', '$storyn2')";
                    }

                  if(!empty($_POST['Link3']) && !empty($_POST['storyn3'])) {
                        $sql="INSERT INTO Column_3 (Link3, storyn3) 
                VALUES ('$Column_3', '$storyn3')";
                    }


                ?>

2个回答



一种简单的方法是使用PHP empty()方法,用于在执行插入操作之前检查用户提交的值是否为空。 因此,您的代码可能如下所示:</ p>

 &lt;?php 
if(!empty($ _ POST ['Column_1'])&amp;&amp;!empty($ _ POST [ 'storyn1'])){
//插入表Column_1
}

if(!empty($ _ POST ['MLB'])&amp;&amp;!empty($ _ POST ['storyn2']) ){
//插入表Column_2
}

if(!empty($ _ POST ['Link3'])&amp;&amp;!empty($ _ POST ['storyn3'])){
/ /插入表Column_3
}
?&gt;
</ code> </ pre>

至于是否需要3个单独的登录页面(或表单,视图等), 这不是必需的; 这实际上取决于你的3列是否形成了一个有凝聚力的逻辑分组。 我的建议绝对是重构您的PHP代码以使用类和对象。</ p>
</ div>

展开原文

原文

A simple approach is to use the PHP empty() method to check if the user-submitted values are empty prior to performing the insert operation. So your codes may look like:

<?php
    if(!empty($_POST['Column_1']) && !empty($_POST['storyn1'])) {
        // insert into table Column_1
    }

    if(!empty($_POST['MLB']) && !empty($_POST['storyn2'])) {
        // insert into table Column_2
    }

    if(!empty($_POST['Link3']) && !empty($_POST['storyn3'])) {
        // insert into table Column_3
    }
?>

As for whether you need to have 3 separate landing pages (or forms, views etc.), it's not required; it really depends on whether your 3 columns form a cohesive, logical grouping. My suggestion is definitely to refactor your PHP codes to use classes and objects.

doudou3716
doudou3716 固定它! 这是一个错误命名的变量放在if语句中的问题
大约 6 年之前 回复
dongxia527680
dongxia527680 刚刚做了,仍然没有添加到数据库表。 感觉就像这样的NOOB现在大声笑。
大约 6 年之前 回复
douqi1928
douqi1928 你不应该包括if(!mysqli_query($ con,$ sql)){die('Error:'。mysqli_error($ con)); 在每个if语句中?
大约 6 年之前 回复
dongluanan7163
dongluanan7163 当然,请分享您的新代码。
大约 6 年之前 回复
dongyong9224
dongyong9224 修复了错误消息,但现在它没有将任何内容保存到数据库表中。 如果您想查看新代码,我会更新帖子
大约 6 年之前 回复
dsifjgogw48491752
dsifjgogw48491752 服务器上的任何错误日志? 尝试使用新代码更新帖子。
大约 6 年之前 回复
duangan9251
duangan9251 有什么理由我会用这种方法获得500内部服务器错误吗? 我在转义变量之后输入了这个,然后为每个变量输入了Insert,我收到了这个错误
大约 6 年之前 回复



您可以进行的一项更改将涉及最小的重构,只需在转义后检查用户输入以查看它是否为空, 然后有条件地将其添加到数据库中。 例如</ p>

  //安全性的转义变量
$ Main = mysqli_real_escape_string($ con,$ _POST ['Column_1']);
$ storyn1 = mysqli_real_escape_string($ con ,$ _POST ['storyn1']);

$ MLB = mysqli_real_escape_string($ con,$ _POST ['MLB']);
$ storyn2 = mysqli_real_escape_string($ con,$ _POST ['storyn2'This]) ;

$ Column_3 = mysqli_real_escape_string($ con,$ _POST ['Column_3']);
$ storyn3 = mysqli_real_escape_string($ con,$ _POST ['storyn3'])

if(!(空($) Main)|| empty($ story1)){
$ sql =“INSERT INTO Column_1(Link1,storyn1)
VALUES('$ Main','$ storyn1')”;
}

elseif(! (空($ MLB)||空($ story2)){
...等...
}
elseif(!(空($ Column_3)||空($ story3)){
.. .etc ...
}
else {
...它们都是空的!! ...
}
</ code> </ pre>

我这样做的方式 if-else sequece具有潜在的额外好处,只能添加到其中一个。</ p>
</ div>

展开原文

原文

One change you could make that would involve minimal refactoring would be to simply check the user input after escaping it to see if it is empty, and then conditionally add it to the databases. For example

// escape variables for security
$Main= mysqli_real_escape_string($con, $_POST['Column_1']);
$storyn1 = mysqli_real_escape_string($con, $_POST['storyn1']);

$MLB= mysqli_real_escape_string($con, $_POST['MLB']);
$storyn2 = mysqli_real_escape_string($con, $_POST['storyn2'This]);

$Column_3= mysqli_real_escape_string($con, $_POST['Column_3']);
$storyn3 = mysqli_real_escape_string($con, $_POST['storyn3'])

if(!(empty($Main) || empty($story1)) {
     $sql="INSERT INTO Column_1 (Link1, storyn1) 
     VALUES ('$Main', '$storyn1')";
}

elseif (!(empty($MLB) || empty($story2)){
... etc...
}
elseif (!(empty($Column_3) || empty($story3)){
...etc...
}
else{
... they are all empty !! ...
}

The way I did it with the if-else sequece has the potential added benefit of only ever adding to one of them.

dongrenzheng1619
dongrenzheng1619 固定它! 这是一个错误命名的变量放在if语句中的问题
大约 6 年之前 回复
dousou3027
dousou3027 嗯。 只是将它添加到每个if语句中,它仍然没有保存
大约 6 年之前 回复
dongsui3297
dongsui3297 嗯,不知道他们有什么问题,抱歉。 无论如何,你仍然需要用if(!mysqli_query($ con,$ sql)){die('Error:'。mysqli_error($ con))执行sql;
大约 6 年之前 回复
duannian7116
duannian7116 我觉得我是。 你的if-else语句给了我一个500错误,所以我尝试了@isim的例子,它成功加载了登陆页面,但实际上没有保存到数据库中。
大约 6 年之前 回复
dongyun8891
dongyun8891 嗯,这还不够信息。 难道它有可能以某种方式进入它认为自己都是空白的情况吗? 你的if语句是否正确?
大约 6 年之前 回复
dongxizhe9755
dongxizhe9755 修复了错误消息,但现在它没有将任何内容保存到数据库表中。
大约 6 年之前 回复
douxiang3978
douxiang3978 嗯尝试这种方法,我得到了“500内部服务器错误”显然我做了一些不正确的事情或者正在留下一些东西。
大约 6 年之前 回复
Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问
相关内容推荐