Php 仅将表单提交到数据库一次
在提交Php 仅将表单提交到数据库一次,php,Php,在提交插入查询后使用头耳,它将解决问题 <?php include("database.php"); include("session.php"); if(isset($_POST['submit'])) { $uploadpath = 'upload/'; // directory to store the uploaded files $max_size = 2000; // maximum file size, in KiloBytes $alwidth = 900; // max
插入查询后使用头耳
,它将解决问题
<?php
include("database.php");
include("session.php");
if(isset($_POST['submit']))
{
$uploadpath = 'upload/'; // directory to store the uploaded files
$max_size = 2000; // maximum file size, in KiloBytes
$alwidth = 900; // maximum allowed width, in pixels
$alheight = 800; // maximum allowed height, in pixels
$allowtype = array('bmp', 'gif', 'jpg', 'jpe', 'jpeg', 'png'); // allowed extensions
if(isset($_FILES['fileup']) && strlen($_FILES['fileup']['name']) > 1) {
$timestamp = time();
$uploadpath = $uploadpath . $timestamp . basename( $_FILES['fileup']['name']); // gets the file name
$sepext = explode('.', strtolower($_FILES['fileup']['name']));
$type = end($sepext); // gets extension
list($width, $height) = getimagesize($_FILES['fileup']['tmp_name']); // gets image width and height
$err = ''; // to store the errors
// Checks if the file has allowed type, size, width and height (for images)
if(!in_array($type, $allowtype)) $err .= 'The file: <b>'. $_FILES['fileup']['name']. '</b> not has the allowed extension type.';
if($_FILES['fileup']['size'] > $max_size*1000) $err .= '<br/>Maximum file size must be: '. $max_size. ' KB.';
if(isset($width) && isset($height) && ($width >= $alwidth || $height >= $alheight)) $err .= '<br/>The maximum Width x Height must be: '. $alwidth. ' x '. $alheight;
// If no errors, upload the image, else, output the errors
if(is_uploaded_file($_FILES['fileup']['tmp_name']))
{
move_uploaded_file( $_FILES['fileup']['tmp_name'], $uploadpath) ;
$file=$uploadpath;
$caddress=$_POST["caddress"];
$username = $_SESSION["username"];
$result=mysql_query("insert into company(file,caddress,username)values('$file','$caddress','$username')");
echo "Inserted Successfully";
}
else
{
echo "There was an error uploading the data, please try again!";
}
}
}
?>
<center><b>Insert Company logo and Address</b></center><br>
<form name="form1" method="post" action="" onSubmit="submit" enctype="multipart/form-data">
<center><table style="width:250px">
<tr>
<td><b>Image</td> <td><input type="file" name="fileup" id="fileup" size="25" /></td>
</tr>
<tr>
<td><b>Address</td>
<td><textarea name="caddress" maxlength="600" cols="40" rows="10"></textarea></td></tr>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" value="submit"/></td>
</tr>
</form
请检查此链接
mysql也被弃用,请学习mysqli或PDO
对于mysqli函数,请检查此链接
对于PDO功能,请检查此链接
要了解标题检查,请禁用单击事件上的“提交”按钮。如果您不想避免在点击“刷新”或“返回”按钮时提交表单,技巧是向表单添加令牌:
if(mysql_affected_rows()>0)//checking weather the query worked or not
{
header( 'Location: http://www.example.com/congratz.html');
}
//You can give any file name there after Location does not matter
虽然这确实解决了问题,但它只是部分解决了问题。您的“soultion”将在禁用Javascript的浏览器上完全失败。
<?php
$msg = null;
session_start();
if( isset($_POST['submit']) ) {
if( !isset($_POST['token'])
||!isset($_SESSION['formToken'])
|| $_POST['token'] !== $_SESSION['formToken']) {
$msg = 'The form was not submitted.';
} else {
// do stuff
$msg = 'The form was submitted successfully.';
}
}
$formToken = uniqid('', true);
$_SESSION['formToken'] = $formToken;
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<?php if( $msg !== null) : ?>
<p><?= $msg; ?></p>
<?php endif; ?>
<form method="POST" action="">
<!-- stuff-->
<input type="hidden" name="token" value="<?= htmlspecialchars($formToken, ENT_QUOTES, 'UTF-8')?>" />
<button type="submit" name="submit" value="submit">Submit</button>
</form>
</body>
</html>