1. 首頁
  2. 問答
  3. PHP防止重複的帖子

PHP防止重複的帖子

2011-07-05 37 views
1

我有下面的代碼更新用戶信息。我只需要爲填充的字段運行查詢,因此,您不必在每次希望對用戶進行一些編輯時添加所有信息。我想忽略空白表單字段PHP防止重複的帖子

我找不出有去什麼方法來實現這一目標:

if(isset($_POST['do_edit'])) { 


    $id = mysql_real_escape_string($_POST['user_id']); 
    $company_name = mysql_real_escape_string($_POST['company_name']); 
    $contact = mysql_real_escape_string($_POST['contact']); 
    $username = mysql_real_escape_string($_POST['username']); 
    $phone = mysql_real_escape_string($_POST['phone']); 
    $address = mysql_real_escape_string($_POST['address']); 
    $email = mysql_real_escape_string($_POST['email']); 
    $password = mysql_real_escape_string($_POST['password']); 
    $password2 = mysql_real_escape_string($_POST['confirm']); 
    $level = mysql_real_escape_string($_POST['user_level']); 
    $restrict = mysql_real_escape_string($_POST['restrict']); 

    $delete = mysql_real_escape_string($_POST['delete']); 

    // Ticked the 'delete user' box? If so, delete and echo message.  
    if($delete == 'delete_uid' && $error == '') { 

    $sql = "DELETE FROM login_users WHERE user_id='$id'"; 
    $query = mysql_query($sql) or die("Fatal error: ".mysql_error()); 

    echo "<h3>Deleted</h3>"; 
    echo "<div class='success_message'>User <b>$company_name $contact</b> has been removed from the database.</div>"; 

    echo "<h2>What to do now?</h2><br />"; 
    echo "<a href=''>&laquo; Back to Admin Panel</a> | Go to the <a href='user_edit.php'>edit users</a> page.</li>"; 

    } else { 

    // Validate the submitted information 

     if(trim($id) == '1') { 
      $error = '<div class="error_message">Attention! You cannot edit the main Administrator, use database.</div>'; 
     } else if(trim($company_name) == '') { 
      $error = '<div class="error_message">Attention! You must enter a company name.</div>'; 
     } else if(trim($contact) == '') { 
      $error = '<div class="error_message">Attention! You must enter a contact name.</div>'; 
     } else if(!isEmail($email)) { 
      $error = '<div class="error_message">Attention! You have entered an invalid e-mail address, try again.</div>'; 
     } else if(trim($level) == '') { 
      $error = '<div class="error_message">Attention! No user level has been selected.</div>'; 
     } 

    // Password been entered? If so, validate and update information. 

     if($password != '') { 

      if($password != $password2) { 
       $error = '<div class="error_message">Attention! Your passwords did not match.</div>'; 
      } 

      if(strlen($password) < 5) { 
       $error = '<div class="error_message">Attention! Your password must be at least 5 characters.</div>'; 
      } 

      if($error == '') { 

      $sql = "UPDATE login_users SET restricted='$restrict', company_name='$company_name', contact='$contact', email='$email', user_level='$level', password = MD5('$password') WHERE user_id = '$id'"; 
      $query = mysql_query($sql) or die("Fatal error: ".mysql_error()); 

      echo "<h2>Updated</h2>"; 
      echo "<div class='success_message'>User information (and password) updated for User ID <b>$id ($company_name)</b>.</div>"; 

      echo "<h2>What to do now?</h2><br />"; 
      echo "<a href=''>&laquo; Back to Admin Panel</a> | Go to the <a href='user_edit.php'>edit users</a> page.</li>"; 

      } 

    // Password has not been entered don't update password fields. 

     } else { 

      if($error == '') { 

      $sql = "UPDATE login_users SET restricted='$restrict', company_name='$company_name', contact='$contact', username='$username', email='$email', user_level='$level' WHERE user_id = '$id'"; 
      $query = mysql_query($sql) or die("Fatal error: ".mysql_error()); 

      echo "<h2>Updated</h2>"; 
      echo "<div class='success_message'>User information updated for <b>$company_name</b>.</div>"; 

      echo "<h2>What to do now?</h2><br />"; 
      echo "<a href=''>&laquo; Back to Admin Panel</a> | Go to the <a href='user_edit.php'>edit users</a> page.</li>"; 

      } 

     } 

    } 
}

來源

2011-07-05 iamwhitebox

+0

可以循環做漂亮。 –

+1

如果你不想阻止php更新數據庫,在驗證過程中在'$ error ='之後放置'return' – k102

回答

1

檢查字段列表,並動態地基於滿足那些構建UPDATE查詢標準。認真考慮寫一個函數或兩個以幫助建立查詢,而無需重複的邏輯,但下面應該提供一個提示:

$sql = "UPDATE login_users SET "; 
$first = 1; 
if ($restrict != '') { 
    if ($first) { 
     $first = 0; 
    } else { 
     $query += ", "; 
    } 
    $query += "restricted='$restrict'"; 
} 

if ($company_name != '') { 
    if ($first) { 
     $first = 0; 
    } else { 
     $query += ", "; 
    } 
    $query += "company_name='$company_name'"; 
} 

if ($contact != '') { 
    if ($first) { 
     $first = 0; 
    } else { 
     $query += ", "; 
    } 
    $query += "contact='$contact'"; 
} 

if ($username != '') { 
    if ($first) { 
     $first = 0; 
    } else { 
     $query += ", "; 
    } 
    $query += "username='$username'"; 
} 

if ($email != '') { 
    if ($first) { 
     $first = 0; 
    } else { 
     $query += ", "; 
    } 
    $query += "email='$email'"; 
} 

if ($level!= '') { 
    if ($first) { 
     $first = 0; 
    } else { 
     $query += ", "; 
    } 
    $query += "user_level='$level'"; 
} 

$query += " WHERE user_id = '$id'"; 

if (! $first) { 
    // do query, since we know something was changed 
}

來源

2011-07-05 06:42:27 GargantuChet

0

兩種方式做到這一點:

  • 一個我平時用的是隻使用數據庫字段(密碼除外)來預先填充表單字段。他們不必是空的。
  • 從一個空的UPDATE查詢(UPDATE login_users SET ? WHERE user_id=$id)開始並構造一個field ='value',...字符串來替換?。

第二個比預填表單更麻煩。

來源

2011-07-05 06:42:58 MaxVT

0

你可以嘗試這樣的事:

$sql = "UPDATE login_users SET "; 
foreach ($_POST as $fieldname=>$value) { 
    if ($value) { 
     $sql .= "$fieldname='$value', "; 
    } 
} 
$sql = substr($sql, 0, -2); // to remove the last ", " 
$sql .= " WHERE user_id = '$id';";

謹防兩件事情:

  1. $字段名必須與在數據庫中的實際字段名(如果沒有,你應該做的重新命名它的東西)。
  2. 你應該在md5之間的某個地方使用密碼。

編輯:還有兩件事!

  1. 不要忘記做MySQL轉義。
  2. 這可以根據它來構建你的查詢集上使用$ _ POST變量,看看有什麼設置sprintf

來源

2011-07-05 06:50:33 scabezas

相關問題

 相關問題