php—从数据库获取数据值以保存到会话存储?

lymnna71  于 2021-07-26  发布在  Java
关注(0)|答案(1)|浏览(437)

我想这样做,我的网页从一个数据库中的表值,并显示在屏幕上的格式,如下所示的代码,但我想采取的bikeid和contactemail的值,并将它们保存到会话存储上使用的更新确认页时,你采取了更新按钮被点击。但是,第一个问题是,这些值不会保存到会话存储中,第二个问题是,即使它们保存了,会话是否会根据单击按钮时选择的表/bikeid获得正确的值。下面是代码运行后页面布局的图像。
如果有人有什么想法,我将不胜感激。

<?php

        mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

        $username="Username"; // change this to your database username
        $password="Password"; // change this to your database password
        $database="Database"; // change this to your database username

        $conn = new mysqli('localhost', $username, $password, $database);
        // Check connection
        if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
        }
        $sql = "SELECT * FROM tblBikeStolen, tblBike WHERE tblBike.BikeID=tblBikeStolen.BikeID";
            $result = $conn->query($sql);

            if ($result->num_rows > 0) {
            // output data of each row
                while($row = $result->fetch_assoc()) {
                echo "<div id='UpdateTable'><table><tr><td> User No: " . $row["User"] . "</td> 
 <td>Bike ID: " . $row["BikeID"]. "</td><td> Contact: " . $row["ContactEmail"] . "</td></tr><tr><td> 
 Reported Time: " . $row["ReportTime"] . "</td><td> Address: " . $row["Address"] . "</td><td> Bike 
 MPN: " . $row["BikeMPN"] . "</td></tr><tr><td> Bike Brand: " . $row["BikeBrand"] . "</td><td> Bike 
 Model: " . $row["BikeModel"] . "</td><td> Bike Type: " . $row["BikeType"] . "</td><tr><td> 
 Investigation Notes: " . $row["UpdateNotes"] . "</td></tr><tr><td> Status: " . $row["Status"] . " 
 </td></tr><tr><form><button class='btn btn-primary btnUpdateInvest' type='submit' 
 value='Update'formaction='ConfirmUpdate.php' onClick='UpdateFunctionDAO.php'>Update</button></form> 
 </tr></table></div>";
                $BikeID = $row['BikeID'];
                $_SESSION["BikeID"] = $BikeID;
                $ContactEmail = $row['ContactEmail'];
                $_SESSION["ContactEmail"] = $ContactEmail;
                }
                } else { echo "0 results"; }

                $conn->close();

    ?>

7tofc5zh

7tofc5zh1#

我建议从简单开始,然后扩展您的用例:
而不是使用 formaction = 'ConfirmUpdate.php' ,尝试使用 formaction = 'ConfirmUpdate.php?bikeid=<your-bike-id>&contactemail=<the-contact-email>' 在confirmupdate.php中,检查 $_GET['bikeid'] 以及 $_GET['contactemail'] 已设置且有效。如果您没有得到这些密钥中的任何一个,或者它们无效,请在屏幕上写一条有意义的错误消息,指示用户下一步要做什么。
如果您收到了这两个键,并且它们的值是合理的,那么您可以将它们存储在会话中以供将来处理。完成处理后,从会话中清除这些信息。
您的php代码如下所示:

echo "...value='Update' formaction='ConfirmUpdate.php?bikeid=" . $row["BikeID"] . "&amp;contactemail=" . $row["ContactEmail"] . "' onClick='UpdateFunctionDAO.php'>...";

试试这个,看看效果如何。在这之后,您可能需要做更多的工作,以确保您在页面上发布的数据经过净化,并且不易被注入。

示例

假设您的初始页面被调用 test.php 看起来是这样的:

<?php

    mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

    $username=""; // change this to your database username
    $password=""; // change this to your database password
    $database=""; // change this to your database username

    $conn = new mysqli('localhost', $username, $password, $database);

    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    }

    $sql = "your sql query";
    $result = $conn->query($sql);
    if ($result->num_rows > 0)
    {
        while ($row = $result->fetch_assoc())
        {
            $displayText = sprintf('<div>Some other info. Bike ID is %s and contact is %s.</div>',
                $row['bikeid'],
                $row['contactemail']
            );

            $form = sprintf('
                <form method="post" action="ConfirmUpdate.php">
                    <input type="hidden" name="bikeid" value="%s">
                    <input type="hidden" name="contactemail" value="%s">
                    %s
                    <input type="submit" value="Submit">
                </form>',
                $row['bikeid'],
                $row['contactemail'],
                $displayText
            );

            echo $form;
        }
    }

    $conn->close();
?>

结果

你的 ConfirmUpdate.php 将如下所示:

<?php
    session_start();
    $_SESSION['bikeid'] = $_POST['bikeid'];
    $_SESSION['contactemail'] = $_POST['contactemail'];

    echo sprintf('Received bike id %s and contact email %s',
        $_SESSION['bikeid'],
        $_SESSION['contactemail']
    );
?>

单击第一个按钮时,您将进入confirmupdate页面,该页面如下所示:

Received bike id 1 and contact email test@gmail.com

单击第2个按钮时,您将看到:

Received bike id 2 and contact email test@yahoo.com

在您自己的系统上进行测试,您应该能够在项目中复制这些代码。

相关问题