dongxie9169 2018-06-08 19:32
浏览 57
已采纳

PHP两个不同的按钮发送相同的数据

I have two different buttons. One for deleting user and the other is for Changing email address. The problem is that clicking the change email button will actually delete the user from database.

header.php

<?php
session_start();


$cookie_name = "LoginSystem";
$cookie_value = "Valid";
setcookie($cookie_name, $cookie_value, time() + (86400 * 30), "/"); // 86400 = 1 day
?>



<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="main.css">


  <meta charset="UTF-8">
  <meta name="description" content="Enrol site for activites">
  <meta name="keywords" content="enrol, activities, school, hobby, college, login, register">
  <meta name="author" content="Gyorgy Hadhazy">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">


</head>
<body>



<header> 
    <nav>
        <div class="main-wrapper">
            <ul>
                <li><a href="index.php">HOME</a></li>
                <li><a href="about.php">ABOUT</a></li>
                <li><a href="media.php">MEDIA</a></li>
                <li><a href="activities.php">ACTIVITIES</a></li>
                <li><a href="contact.php">CONTACT</a></li>
            </ul>
            <div class="nav-login">
                <?php 
                    if (isset($_SESSION['u_id'])) {
                        echo '
                        <form action="includes/logout.inc.php" method="POST">
                            <button type="submit" name="submit">Logout</button>
                        </form>
                        ';
                       echo '<form action="deleteusr.php" method="POST">
                            <button type="submit" name="delete">Delete User</button>
                            <input type="hidden" name="user_uid" value="'. $_SESSION['u_id'].'"
                            </form>';


                    } else{
                        echo '
                        <form action="includes/login.inc.php" method="POST">
                            <input type="text" name="uid" placeholder="StudentID/email">
                            <input type="password" name="pwd" placeholder="password">
                            <button type="submit" name="submit">LOGIN</button>
                        </form>
                        <a href="signup.php">SIGN UP</a>
                        ';
                    }



                ?>

                <button type="button" onclick="resizeText(1)" name="resizeplus" class="resize-plus">+ Text size</button>
                <button type="button" onclick="resizeText(-1)" name="resizenegative">- Text size</button>  


<script>

function resizeText(multiplier) {
  if (document.body.style.fontSize == "") {
    document.body.style.fontSize = "1.0em";
  }
document.body.style.fontSize = parseFloat(document.body.style.fontSize) + (multiplier * 0.2) + "em";
}   
</script>



            </div>
        </div>
    </nav>
</header>

index.php

    <?php
        include 'header.php';
    ?>


    <style>
        header{
        text-align: center; 
        }
        body{
            text-align: center;
        }
    </style>

    <section class="main-container">
        <div class="main-wrapper">
            <h2>HOME</h2>
        <p>Please log in if extra features are not displayed</p>
            <?php


            if (isset($_SESSION['u_email'])) {

                            echo '<form action="changeEmail.php" method="POST">
                                <button type="submit" name="email">Change Email</button> 
                                <input type="text" name="email" value="'. $_SESSION['u_email'].'"
                                </form>'; }


            ?>  
        </div>
    </section>





    <?php
    include 'footer.php';
?>

And finally the php file it should call: changeEmail.php

<?php
    include 'header.php';
?>

<?php
$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "loginsystem";


// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}



$email = $_SESSION['u_ email'];

$sql = "UPDATE users SET user_email='$email'";

if ($conn->query($sql) === TRUE) {
    echo "Record updated successfully";
} else {
    echo "Error updating record: " . $conn->error;
}

$conn->close();
?>

I think the issue is in the header.php but I am not exactly sure. If someone would help to point out the issue I would really appreciate it.

HTML code rendered by index.php

<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="main.css">


  <meta charset="UTF-8">
  <meta name="description" content="Enrol site for activites">
  <meta name="keywords" content="enrol, activities, school, hobby, college, login, register">
  <meta name="author" content="Gyorgy Hadhazy">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">


</head>
<body>



<header> 
    <nav>
        <div class="main-wrapper">
            <ul>
                <li><a href="index.php">HOME</a></li>
                <li><a href="about.php">ABOUT</a></li>
                <li><a href="media.php">MEDIA</a></li>
                <li><a href="activities.php">ACTIVITIES</a></li>
                <li><a href="contact.php">CONTACT</a></li>
            </ul>
            <div class="nav-login">

                        <form action="includes/logout.inc.php" method="POST">
                            <button type="submit" name="submit">Logout</button>
                        </form>
                        <form action="deleteusr.php" method="POST">
                            <button type="submit" name="delete">Delete User</button>
                            <input type="hidden" name="user_uid" value="6"
                            </form>                
                <button type="button" onclick="resizeText(1)" name="resizeplus" class="resize-plus">+ Text size</button>
                <button type="button" onclick="resizeText(-1)" name="resizenegative">- Text size</button>  


<script>

function resizeText(multiplier) {
  if (document.body.style.fontSize == "") {
    document.body.style.fontSize = "1.0em";
  }
document.body.style.fontSize = parseFloat(document.body.style.fontSize) + (multiplier * 0.2) + "em";
}   
</script>



            </div>
        </div>
    </nav>
</header>

<style>
    header{
    text-align: center; 
    }
    body{
        text-align: center;
    }
</style>

<section class="main-container">
    <div class="main-wrapper">
        <h2>HOME</h2>
    <p>Please log in if extra features are not displayed</p>
        <form action="changeEmail.php" method="POST">
                            <button type="submit" name="email">Change Email</button> 
                            <input type="text" name="email" value="test11@gmail.com"
                            </form>  
    </div>
</section>






Cookie 'LoginSystem' is set!<br>Value: Valid

Image of the actual look: enter image description here

  • 写回答

1条回答 默认 最新

  • dqp99585 2018-06-08 19:46
    关注

    The main issue:

    There are two <input> tags missing closing > characters. This means the browser is constructing an inaccurate DOM tree. It's doing its best to determine which form you want to submit, but it's picking the wrong one (the delete form).

    The first example is in header.php:

    <input type="hidden" name="user_uid" value="'. $_SESSION['u_id'].'"

    Notice there's no > closing that input tag.

    And then in index.php:

    <input type="text" name="email" value="'. $_SESSION['u_email'].'"

    Add closing > characters to both of those, and the browser will happily parse the DOM and pick the correct form to submit when you click the button.

    Other issues:

    There are a couple issues in changeEmail.php:

    $email = $_SESSION['u_ email'];

    needs to be 

    $email = $_SESSION['u_email'];

    Otherwise, $email will always be an empty string (or some other value you don't want - I'm unsure of $_SESSIONS's behavior), and you'll set all emails to an empty string.

    The second issue is your SQL:

    $sql = "UPDATE users SET user_email='$email'";

    You need to specify which user's email to set, using a where clause. Otherwise you're setting every email to the value of $email.

    In this specific case, you need to get the new email address from the posted form data.

    $new_email = $_POST["email"];
$sql = "UPDATE users SET user_email='$new_email' WHERE user_email='$email'";

    To be sure you'll get the new email form data, remove the name attribute from the button element - it's not necessary.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 sqlite 附加(attach database)加密数据库时,返回26是什么原因呢?
  • ¥88 找成都本地经验丰富懂小程序开发的技术大咖
  • ¥15 如何处理复杂数据表格的除法运算
  • ¥15 如何用stc8h1k08的片子做485数据透传的功能?(关键词-串口)
  • ¥15 有兄弟姐妹会用word插图功能制作类似citespace的图片吗?
  • ¥200 uniapp长期运行卡死问题解决
  • ¥15 请教:如何用postman调用本地虚拟机区块链接上的合约?
  • ¥15 为什么使用javacv转封装rtsp为rtmp时出现如下问题:[h264 @ 000000004faf7500]no frame?
  • ¥15 乘性高斯噪声在深度学习网络中的应用
  • ¥15 关于docker部署flink集成hadoop的yarn,请教个问题 flink启动yarn-session.sh连不上hadoop,这个整了好几天一直不行,求帮忙看一下怎么解决