-3
私は約1時間前まで正常に動作していたフォームを設計しました。今私が何をすれば、いくつかの必須フィールドが完了したかどうかを確認するための検証コードがあるので、エラーメッセージが表示されるようです。私はそれが多くのコードである知っているが、私はまだ私が一緒に行くようにベストプラクティスを学ぶしようとしていますPHPフォームヘルプ - データベースには投稿しません
<! Code to check that the user has logged into to view this page !>
<?php
session_start();
if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
header ("Location: login.php");
}
?>
<!Connection details for connecting to mysql database!>
<?php
$connection = mysql_connect("localhost", "username", "password");
if (!$connection){
die("database connection failed: " . mysql_error());
}
//Select which database you want to connect to
$db_select = mysql_select_db("databasename" , $connection);
if (!$db_select){
die("An error occurred: " . mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Op Tech Database - Add Record</title>
</head>
<!Code to Create drop down menu's!>
<?php
//Code for collectiing values for Student Names drop down drop
$result1=mysql_query("SELECT studentID, studentName FROM students");
$options1="";
while ($row=mysql_fetch_array($result1)) {
$id=$row["studentID"];
$first=$row["studentName"];
$options1.="<OPTION VALUE=\"$first\">".$first.'</option>';
}
//Code for getting tutors names in drop down list
$result2=mysql_query("SELECT staffID, tutorName FROM staff");
$options2="";
while ($row=mysql_fetch_array($result2)) {
$id=$row["staffID"];
$first=$row["tutorName"];
$options2.="<OPTION VALUE=\"$first\">".$first.'</option>';
}
?>
<body>
<link rel="stylesheet" type="text/css" href="ex1.css" >
<link rel="stylesheet" media="only screen and (max-device-width: 1024px)" href="ipad.css" type="text/css" />
<!Create HTML elements!>
<form name="myform" form method="post">
<h1 align="center"><a href="form.php"><img src="colour_logo_400.jpg" alt="University Logo" width="400" height="185" /></a></h1>
<h1 align="center">Dental Hygiene Operative Technique Database</h1>
<h2 align="center">Welcome to the Dental Hygiene Operative Technique Database v1</h2>
<p align="left"> </p>
<p align="left">Student Name(*)</p>
<p align="left">
<! Drop Down Menu to get student names from database !>
<SELECT NAME=studentName >
<OPTION VALUE=0 selected="selected" >
<?php if(isset($_POST['studentName'])) echo $_POST['studentName'];?>
<?php echo $options1?>
</SELECT>
<p align="left">Tutor Name
(*)<p align="left">
<! Drop Down Menu to get tutor names from database !>
<select name=tutorName>
<option value=0>
<?php if(isset($_POST['tutorName'])) echo $_POST['tutorName'];?>
<?php echo $options2 ?> </option>
</select>
<p align="left">
<p align="left"><br>
Procedure(*)
<input type="text" name="procedure" value="<?php if(isset($_POST['procedure'])) echo $_POST['procedure'];?>" />
(*)
<p align="left">
Student Reflection:
(*)<br>
<textarea name="studentReflection" cols="75" rows="5"><?php if(isset($_POST['studentReflection'])) echo $_POST[ 'studentReflection'];?></textarea>
<p align="left">
<select name=grade id=grade>
<option value="">Grade </option>
<option value="N" <?php if (isset($_POST['grade']) && $_POST['grade'] == "N") { echo 'selected="selected"';} ?>>N</option>
<option value="B" <?php if (isset($_POST['grade']) && $_POST['grade'] == "B") { echo 'selected="selected"';} ?>>B</option>
<option value="C" <?php if (isset($_POST['grade']) && $_POST['grade'] == "C") { echo 'selected="selected"';} ?>>C</option>
</select>
(*)
<p align="left">
<SELECT NAME=professionalism>
<OPTION VALUE="">Professionalism
<OPTION VALUE="U" <?php if (isset($_POST['professionalism']) && $_POST['professionalism'] == "U") {
echo 'selected="selected"';} ?>>U</option>
<OPTION VALUE="S" <?php if (isset($_POST['professionalism']) && $_POST['professionalism'] == "S") {
echo 'selected="selected"';} ?>>S</option>
<OPTION VALUE="E" <?php if (isset($_POST['professionalism']) && $_POST['professionalism'] == "E") {
echo 'selected="selected"';} ?>>U</option>
</SELECT>
</SELECT>
<SELECT NAME=communication>
<OPTION VALUE="">Communication
<OPTION VALUE="U" <?php if (isset($_POST['communication']) && $_POST['communication'] == "U") {
echo 'selected="selected"';} ?>>U</option>
<OPTION VALUE="S" <?php if (isset($_POST['communication']) && $_POST['communication'] == "S") {
echo 'selected="selected"';} ?>>S</option>
<OPTION VALUE="E" <?php if (isset($_POST['communication']) && $_POST['communication'] == "E") {
echo 'selected="selected"';} ?>>U</option>
</SELECT>
Alert:
<input type="checkbox" value="YES" name="alert" >
<br>
<br>
Dispute:
<input type="checkbox" value="YES" name="dispute">
<p align="left">Tutor Comments:
<p align="left">
<textarea name="tutorComments" cols="75" rows="5"><?php if(isset($_POST['tutorComments'])) echo $_POST['tutorComments'];?>
</textarea>
<p align="left">
<!Submit buttons for the form!>
Password
<INPUT TYPE = 'PASSWORD' Name ='password' value="" maxlength="16" autocomplete="off"><br><br>
<input type="submit" name="mattbutton" class="mattbutton" value="Update Database" name="submit"/>
<input type='button' name="mattbutton" class="mattbutton" value='Logout' onClick="window.location.href='logout.php'">
<input type="hidden" name="submited" value="true" />
<p align="left">
<?php
//Code to turn off error reporting
//error_reporting(0);
//Error Message to display if all the correct fields are not completed.
if(isset($_REQUEST['submited'])) {
$options1 = $_POST['studentName'];
$options2 = $_POST['tutorName'];
$procedure = htmlspecialchars($_POST['procedure']);
$grade = $_POST['grade'];
$studentReflection = htmlspecialchars($_POST['studentReflection']);
$professionalism = $_POST['professionalism'];
$communication = $_POST['communication'];
$tutorComments = htmlspecialchars($_POST ['tutorComments']);
$masterpass = $_POST['password'];
$dispute = $_POST['dispute'];
$alert = $_POST['alert'] ;
$errors = 'Update Failed:';
//Code to check that the student picked there name
if(empty($_POST['studentName']))
{
$errors .= "You did not enter the student name<br/>";
}
//Code to check that the Tutor Name field is completed
if(empty($_POST['tutorName']))
{
$errors .="You did not select a tutor<br/>";
}
//Code to check that the Procedure field is completed
if(empty($_POST['procedure']))
{
$errors .="You did not enter a procedure<br/>";
}
//Code to check that the Grade field is completed
if(empty($_POST['grade']))
{
$errors .="You did not enter a grade<br/>";
}
//Code to check that the Student Reflection field is completed
if(empty($_POST['studentReflection']))
{
$errors .="You did not enter a reflection<br/>";
}
//Code to check if the tick box is checked that the tutor comment is entered
if(!strlen($_POST['tutorComments']) && isset($_POST['alert']))
{
$errors .="You must enter a reasan why you ticked the alert box";
}
//Code to check the password field is completed and correct
if (empty($_POST['password']))
{
$errors .="You did not enter you password";
}
if(!empty($errors))
{
echo '<h3>' . $errors . '</h3>';
exit();
}
}
if (!empty($_POST['password']))
{
//==========================================
// ESCAPE DANGEROUS SQL CHARACTERS
//==========================================
function quote_smart($value, $handle) {
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
if (!is_numeric($value)) {
$value = "'" . mysql_real_escape_string($value, $handle) . "'";
}
return $value;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
$masterpass = $_POST['password'];
$masterpass = htmlspecialchars($masterpass);
//==========================================
// CONNECT TO THE LOCAL DATABASE
//==========================================
$user_name = "username";
$pass_word = "password";
$database = "databasename";
$server = "host";
$db_handle = mysql_connect($server, $user_name, $pass_word);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) {
$masterpass = quote_smart($masterpass, $db_handle);
$SQL = "SELECT * FROM masterpass WHERE password = $masterpass";
$result = mysql_query($SQL);
$num_rows = mysql_num_rows($result);
//====================================================
// CHECK TO SEE IF THE $result VARIABLE IS TRUE
//====================================================
if ($result) {
if ($num_rows > 0) {
echo "";
}
else {
echo "Your Password was not recognised";
exit();
}
}
mysql_close($db_handle);
}
}
//===========================================================
//Code to connect to the database and insert the POST values
//===========================================================
mysql_connect ("host", "username" , "password") or die ('Error: ' .mysql_error());
mysql_select_db ("dhoptech2011");
$query= "INSERT INTO entry (entryID, studentName , tutorName , procedureName , grade , studentReflection , tutorComments, professionalism , communication , alert , dispute) VALUES ('NULL', '".$options1."' , '".$options2." ' , '".$procedure."' , '".$grade."' , '".$studentReflection."', '".$tutorComments."' , '".$professionalism."' , '".$communication."' , '".$alert."' , '".$dispute."')";
mysql_query($query) or die ('Error : You are attempting to enter information which cannot be stored or contains code. Please refesh the from and try again<br>' .mysql_error());
echo "<h4>The Database Has been updated. Thanks </h4>" ;
}
?>
</FORM>
<p> <a href="form.php">Enter another procedure </a>
<p> </p>
<p> </p>
</body>
</html>
:
は、ここに私の完全なコードです。
約1時間前まではフォームが動作していたようでしたが、すべての必須フィールドをフォームに入力しても、その情報はデータベーステーブルに渡されません。
どこが間違っているのでしょうか?
エラーメッセージが何であるかを教えてください。また、エラーメッセージがエラーを報告している行を特定します。 –
直前の1時間以内に行った変更を元に戻します。 –
@michael申し訳ありませんが、私は自分自身を明確にしませんでした。私はPHPエラーを取得しない私はちょうど私のエラーチェックコードにこだわって取得します。私がすべてのフィールドを正しく入力しても、自分自身のエラーメッセージ "Update Failed:"が表示され、$ _POST値はデータベースに渡されません。 – Mattrsa