使用php从url获取值
我展示了一组问题 在选择其中一个问题时,我要求将答案发布在同一页面上,但问题是我没有从url中获取id参数,我正在传递该url来选择问题 现在,当我试图回答所选的问题时,我需要问题的id来发布我已经在url中作为参数的特定问题的答案,例如:id=1 以下是html页面的正文部分:使用php从url获取值,php,url,parameters,Php,Url,Parameters,我展示了一组问题 在选择其中一个问题时,我要求将答案发布在同一页面上,但问题是我没有从url中获取id参数,我正在传递该url来选择问题 现在,当我试图回答所选的问题时,我需要问题的id来发布我已经在url中作为参数的特定问题的答案,例如:id=1 以下是html页面的正文部分: <?php include("menu/menu.php"); $sqli = "SELECT * FROM forum_question where id='$id'"; $result=mys
<?php
include("menu/menu.php");
$sqli = "SELECT * FROM forum_question where id='$id'";
$result=mysqli_query($conn,$sqli);
?>
<form action="submit_answer.php" method="post" name="answers">
<br> <br> <br>
<?php
while($row = mysqli_fetch_array($result))
echo "Q".$row['detail'];
?>
<br>
answers:<br>
<textarea class="tinymce" name="answers"></textarea>
<input type="hidden" name="id" value="<?php echo $id;?>">
<br> <br>
<input type="submit" value="submit" name="submit">
答案:
您应该更改它(在标记html中为id添加隐藏输入)
答案:
只需在应答字段下方获取一个隐藏字段,并在页面加载时获取该隐藏字段的url参数,如用户buivankim2020和submit_answer.php所述
提交后,在变量中获取该字段的值,就像您获取答案所做的一样 请提供html和js代码,以避免SQL查询受到注入攻击。请切换到PDO,它提供准备好的语句和绑定参数,这有助于缓解安全缺陷。由于您是php新手,我建议您仔细阅读一下旧教程中常见的陷阱。@jedifans-mysqli(OP已经在使用)还支持预处理语句和绑定参数。
<?php
include'config.php';
if($conn){
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$answers = $_REQUEST['answers'];
$id= $_GET ['id'];
}
$sqli= "INSERT INTO answers (answers)
VALUES ('$answers')";
if (mysqli_query( $conn,$sqli))
{
echo "New record created successfully";
header("location:answer.php?id='$id'");
} else {
echo "Error: " . $sqli . "<br>" . $conn->error;
}
}else{
}
mysqli_close($conn);
?>
<?php
include'config.php';
//session_start();
$id= $_GET ['id'];
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="css/style.css">
<script type="text/javascript" src="tinymce/js/jquery.min.js"></script>
<script type="text/javascript" src="tinymce/plugin/tinymce/tinymce.min.js"></script>
<script type="text/javascript" src="tinymce/plugin/tinymce/init-tinymce.js"></script>
</head>
<body>
<div id="container">
<div id="main">
<?php
include("menu/menu.php");
$sqli = "SELECT * FROM forum_question where id='$id'";
$result=mysqli_query($conn,$sqli);
?>
<form action="submit_answer.php" method="post" name="answers">
<br> <br> <br>
<?php
while($row = mysqli_fetch_array($result))
echo "Q".$row['detail'];
?>
<br>answers:<br>
<textarea class="tinymce" name="answers"></textarea>
<input type="hidden" name="id" value="<?php echo $id;?>">
<br> <br>
<input type="submit" value="submit" name="submit">
</form>
</body>
</html>
<?php
include'config.php';
if($conn){
if (isset($_POST['answers']) && isset($_POST['id'])) {
$answers = $_POST['answers'];
$id= $_POST['id'];
$sqli= "INSERT INTO answers (answers) VALUES ('$answers')";
if (mysqli_query( $conn,$sqli))
{
echo "New record created successfully";
header("location:answer.php?id='$id'");
} else {
echo "Error: " . $sqli . "<br>" . $conn->error;
}
}
mysqli_close($conn);
}
?>