带有html表单的PHP isset和空问题
我的问题是:isset()不工作,数据库中有空行!空()不工作到! 我试着把html页面放进去,但没用!非常感谢。 我的问题是:isset()不工作,数据库中有空行!空()不工作到! 我试着把html页面放进去,但没用!谢谢大家!带有html表单的PHP isset和空问题,php,function,public,Php,Function,Public,我的问题是:isset()不工作,数据库中有空行!空()不工作到! 我试着把html页面放进去,但没用!非常感谢。 我的问题是:isset()不工作,数据库中有空行!空()不工作到! 我试着把html页面放进去,但没用!谢谢大家! <?php include_once 'include/db_connect.php'; include_once 'include/functions.php'; if($_POST) { newMember($mysqli); } ?> <!D
<?php
include_once 'include/db_connect.php';
include_once 'include/functions.php';
if($_POST) {
newMember($mysqli);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Add user</title>
</head>
<body>
<h1 class="text-center">Add User</h1>
<link class="cssdeck" rel="stylesheet" href="media/css/bootstrap.min.css">
<link class="cssdeck" rel="stylesheet" href="media/css/bootstrap-select.css">
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.1/css/bootstrap-responsive.min.css" class="cssdeck">
<div class="modal-body">
<form id="tab" action="adduser.php" method="post">
<label>Username</label>
<input type="text" name="username" class="input-xlarge">
<label>Full Name</label>
<input type="text" name="fullname" class="input-xlarge">
<label>Email</label>
<input type="text" name="email" class="input-xlarge">
<label>Password</label>
<input type="password" name="password" class="input-xlarge"><br>
<div>
<label>Role:</label>
<select name="role" class="selectpicker" style="width:87%">
<option value="admin">Admin</option>
<option value="pm">Project Manager</option>
<option value="php">PHP Programmer</option>
<option value="seo">SEO Programmer</option>
<option value="webdesign">Web Designer</option>
</select>
</div>
<div class="text-center" style="padding-top:20px">
<button class="btn btn-primary">Create Account</button>
</div>
</form>
</div>
添加用户
添加用户
用户名
全名
电子邮件
暗语
角色:
管理
项目经理
PHP程序员
搜索引擎优化程序员
网页设计师
创建帐户
这是functions.php中的函数
function newMember($mysqli)
{ if(isset($_POST['fullname'],$_POST['username'],$_POST['password'],$_POST['email']))
{
$fullname = $_POST['fullname'];
$username = $_POST['username'];
$password = $_POST['password'];
$password = md5($password);
$email = $_POST['email'];
$role = $_POST['role'];
$statement = $mysqli->query("INSERT into members(fullname,username,password,email,role) VALUES ('$fullname','$username','$password','$email','$role')");
if($statement)
{
echo '<p class="alert alert-success text-center">User added.</p>';
}
} else {
echo 'Complete all boxes.';
}
}
函数newMember($mysqli)
{如果(isset($\u POST['fullname'],$\u POST['username'],$\u POST['password'],$\u POST['email']))
{
$fullname=$_POST['fullname'];
$username=$_POST['username'];
$password=$_POST['password'];
$password=md5($password);
$email=$_POST['email'];
$role=$_POST['role'];
$statement=$mysqli->query(“插入成员(全名、用户名、密码、电子邮件、角色)值(“$fullname”、“$username”、“$password”、“$email”、“$role”)”);
如果($报表)
{
echo“用户添加。
”;
}
}否则{
echo“填写所有方框”;
}
}
我会使用预先准备好的语句,并像这样重写您的函数:
function newMember($mysqli) {
$fullname = isset($_POST['fullname']) ? $_POST['fullname'] : '';
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
$email = isset($_POST['email']) ? $_POST['email'] : '';
$role = isset($_POST['role']) ? $_POST['role'] : '';
if ($fullname != '' && $username != '' && $password != '' && $email != '' && $role != '') {
$sql = 'INSERT INTO members (fullname, username, password, email, role) VALUES (?, ?, ?, ?, ?)';
$stmt = $mysqli->prepare($sql);
$stmt->bind_param('sssss', $fullname, $username, md5($password), $email, $role);
$stmt->execute();
if ($stmt->affected_rows == 1) {
echo '<p class="alert alert-success text-center">User added.</p>';
}
$stmt->close();
} else {
echo 'Complete all boxes.';
}
}
函数newMember($mysqli){
$fullname=isset($_POST['fullname'])?$_POST['fullname']:'';
$username=isset($_POST['username'])?$_POST['username']:'';
$password=isset($_POST['password'])?$_POST['password']:'';
$email=isset($_POST['email'])?$_POST['email']:'';
$role=isset($_POST['role'])?$_POST['role']:'';
如果($fullname!=''&&$username!=''&&$password!=''&&&$email!=''&&&$role!=''){
$sql='在成员(全名、用户名、密码、电子邮件、角色)中插入值(?、、?、?);
$stmt=$mysqli->prepare($sql);
$stmt->bind_参数('ssssss',$fullname,$username,md5($password),$email,$role);
$stmt->execute();
如果($stmt->受影响的_行==1){
echo“用户添加。
”;
}
$stmt->close();
}否则{
echo“填写所有方框”;
}
}
变量可以设置,但为空!您应该感到高兴的是,在SQL查询中插入未替换的字符串并没有让情况变得更糟!非常感谢。如何解决这个问题?我只想确保在设置htmlentitiesusemysqli_real_escape_string($connect,strip_tags($_POST['..]])之后不添加空输入代码>那么isset或empty的范围是什么?