1. 首頁
  2. 問答
  3. 分配$ _POST數據來覆蓋現有的數組值

分配$ _POST數據來覆蓋現有的數組值

2017-04-27 41 views
-1

我想分配$ _POST數據到一個字段,如果它不同於從SQL數據庫拉出的$行數據。這是用來更新博客帖子。我的邏輯是,如果在文本字段中輸入的內容與$行數據不同,則將$ _POST數據分配給$行數組。我不確定我的問題在哪裏,因爲它無法正常工作。任何幫助將不勝感激!

<?php session_start(); 
include('mysqli_connect.php'); 
$query = "SELECT * FROM blogposts WHERE blog_id=" . $_GET['id']; 
$results = mysqli_query($dbc, $query); 
$row = mysqli_fetch_array($results, MYSQLI_ASSOC); 
?> 

<head> 
<?php include('header.html'); ?> 

<style> 
table, th, td { 
border: 1px solid black; 
border-collapse: collapse; 
text-align: center; 
background-color:#fcfcfc; 
} 
form { 
    margin:auto; 
} 
</style> 
</head> 
<body> 


<form name="com" id="com" action="<?php if (($_POST['blog_content'] != NULL) 
&& ($_POST['blog_title'] != NULL)) { 
echo "edit_handle.php"; 
} else { 
echo "edit_post.php?id=" . $_GET['id']; 
if(($_POST['blog_title'] != NULL) && ($row['title'] != 
$_POST['blog_title'])) {$row['title'] = $_POST['blog_title'];} 
if(($_POST['blog_content'] != NULL) && ($row['content'] != 
$_POST['blog_content'])) {$row['content'] = $_POST['blog_content'];} 
if(($_POST['blog_title'] != NULL) && ($_POST['blog_content'] != NULL)) { 
    $row['title'] = $_POST['blog_title']; 
    $row['content'] = $_POST['blog_content']; 
    } 
} ?>" method="post"> 

<?php 
if (isset($_SESSION['first_name']) && ($_SESSION['user_id'] == 11)) { 
echo ' 
Blog Title: <input type="text" value="' . $row['title'] . '" 
name="blog_title" /> 
Post Content:<textarea name="blog_content">' . $row['content'] . 
'</textarea> 

<input type="submit" value="submit">'; } else { 
echo '<p align="center" style="color:red">You must be logged in as  
<strong>admin</strong> to post a blog!</p>'; 
} 
?> 

</form> 
<?php 
if (($_POST['blog_content'] != NULL) && ($_POST['blog_title'] != NULL)) { 
echo "<script>document.getElementById('com').submit();</script>"; 
} 
?> 

</body> 
</html>

來源

2017-04-27 user7928483

+1

您是否有實際問題?你的問題是什麼? – Phil

+1

警告:您的代碼易受[SQL注入攻擊](https://en.wikipedia.org/wiki/SQL_injection)的影響。請閱讀[本文](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)瞭解更多關於如何防止它。 – Pang

+0

嘿@Phil對此抱歉,我不確定什麼是錯的或爲什麼它不工作! – user7928483

回答

0

應對混亂的邏輯最簡單的方法,我發現,是使人類可讀的功能(或類/方法,如果你習慣使用OOP)可以重新使用。如果你包含多餘的腳本,你會發現找出並隔離問題更容易。這看起來像一堆更多的工作,但如果你將功能移動到一個包含頁面,你將清理該視圖相當大:

<?php 
# Fetch your post from the database 
function getBlogPosts($dbc,$id) 
    { 
     # Check it's numeric 
     if(!is_numeric($id)) 
      return false; 
     # Fetch and return 
     $results = mysqli_query($dbc, "SELECT * FROM blogposts WHERE blog_id=".$id); 
     return mysqli_fetch_array($results, MYSQLI_ASSOC); 
    } 
# This function makes checking if it's set and if it has a value easy 
function getPost($key = false) 
    { 
     if(!empty($key)) 
      return (isset($_POST[$key]))? $_POST[$key] : false; 

     return $_POST; 
    } 
# Same here 
function getGet($key = false) 
    { 
     if(!empty($key)) 
      return (isset($_GET[$key]))? $_GET[$key] : false; 

     return $_GET; 
    } 
# Same here 
function getSession($key = false) 
    { 
     if(!empty($key)) 
      return (isset($_SESSION[$key]))? $_SESSION[$key] : false; 

     return $_SESSION; 
    } 
# Isolate this for readability 
function getActionByRequest() 
    { 
     # Set default 
     $default = "edit_handle.php"; 
     # Check that there are post values 
     if(hasPostKeys()) 
      return $default; 
     else 
      # Make sure the id is numeric, return default if not 
      return (is_numeric(getGet('id')))? "edit_post.php?id=".getGet('id') : $default; 
    } 
# You seem to do this in a few places, so better to make it a function 
function hasPostKeys() 
    { 
     return (!empty(getPost('blog_content')) && !empty(getPost('blog_title'))); 
    } 
# Make this easier to retrieve 
function getDefaultValue($row,$key) 
    { 
     #Create dynamic key name 
     $blogKey = 'blog_'.$key; 
     # If both values are empty, stop 
     if(empty($row[$key]) && empty(getPost($blogKey))) 
      return false; 
     # If the post value doesn't match row, return post 
     return (getPost($blogKey) != $row[$key])? getPost($blogKey) : $row[$key]; 
    } 
# This is not the best way to check admin, but for this code it is fine 
function isAdmin() 
    { 
     return (getSession('user_id') == 11); 
    } 

session_start(); 
include('mysqli_connect.php'); 
# Get the row 
$row   = (!empty($_GET['id']))? getBlogPost($dbc,$_GET['id']) : array(); 
# Set this value based on post or by db return 
# Doing it this way will ensure, these key/value pairs are always set 
$row['title'] = getDefaultValue($row,'title'); 
# Set the default return for this key 
$row['content'] = getDefaultValue($row,'content'); 
?><head> 
<?php include('header.html'); ?> 
<style> 
table, th, td { 
border: 1px solid black; 
border-collapse: collapse; 
text-align: center; 
background-color:#fcfcfc; 
} 
form { 
    margin:auto; 
} 
</style> 
</head> 
<body> 
    <form name="com" id="com" action="<?php echo getActionByRequest() ?>" method="post"> 
     <?php 
     # You really only have to use this function to check this 
     if (isAdmin()) { ?> 

     Blog Title: <input type="text" value="<?php echo $row['title'] ?>" name="blog_title" /> 
     Post Content:<textarea name="blog_content"><?php echo $row['content'] ?></textarea> 
     <input type="submit" value="submit"> 
     <?php } else { ?> 
     <p align="center" style="color:red">You must be logged in as <strong>admin</strong> to post a blog!</p> 
     <?php } ?> 
    </form> 
<?php 
if (hasPostKeys()) { ?> 
<script> 
document.getElementById('com').submit(); 
</script> 
<?php } ?> 
</body> 
</html>

來源

2017-04-27 05:32:47 Rasclatt

相關問題

 相關問題