我有一个表格更新数据库内的信息,一切工作完美,因为它应该.......除了由于某种原因,标题不适合我。我在同一站点内的许多其他脚本中使用标题重定向;它只是这一个脚本,头重定向不起作用。我知道头部在里面的if语句被调用,因为头部下方的回显显示在页面上,它只是忽略头部行。如果你有任何建议,这将是非常有益的。PHP头重定向不工作在表单提交
下面的代码已经被最小化所以它不是长期给大家看了,但如果它仍是一个问题患病把它清理干净更
形式
<form class="editUser" action="uploadEmployee.php" method="post" enctype="multipart/form-data" />
<input name="editUserFirstName" id="editUserFirstName" type="text" placeholder="Enter The User's First Name" />
<label>Employee's Coverage</label>
<input type="file" name="file_array[]" placeholder="Add The Employees Coverage" />
<input name="addUserSubmit" type="submit" value="Submit" />
</form>
上载脚本
<?php
include("includes/connect.inc.php");
if(isset($_FILES['file_array'])){
$day = date('d');
$month = date('m');
$dateObj = DateTime::createFromFormat('!m', $month);
$monthName = $dateObj->format('F'); // March
$year = date('Y');
$date = $monthName . ", " . $day . ", " . $year;
$name_array = $_FILES['file_array']['name'];
$tmp_name_array = $_FILES['file_array']['tmp_name'];
$type_array = $_FILES['file_array']['type'];
$size_array = $_FILES['file_array']['size'];
$error_array = $_FILES['file_array']['error'];
$payCheque = $name_array[0];
$T4 = $name_array[1];
$coverage = $name_array[2];
$selectedId = $_POST['editId'];
$name = $_POST['editUserFirstName'];
if($_POST['editUserPermission']){
$permission = "1";
}else{
$permission = "0";
}
for($i = 0; $i < count($tmp_name_array); $i++){
if(move_uploaded_file($tmp_name_array[$i], "uploads/".$name_array[$i])){
$title = "This Is A Test Title";
$icon = "0";
if($i == 0){
$icon = "1";
$title = "You Have Received A New Pay Cheque";
$comment = "Hello " . $name . ", click view document to view and download your pay cheque for " . $date . ". Your pay cheque will be a PDF file. Thank you.";
}
$sql = "INSERT INTO securedFiles (title, date, PDF, comment, idOfUser, icon)
VALUES ('$title', '$date', '$name_array[$i]', '$comment', '$documentId', '$icon')";
if ($connect->query($sql) === TRUE) {
//header("Location: hub.php");
} else {
echo "Error: " . $sql . "<br>" . $connect->error;
}
echo $payCheque ." upload is complete<br>";
} else {
echo "move_uploaded_file function failed for ".$name_array[$i]."<br>";
}
}
$sql = "UPDATE dealerEmployees SET firstName = '$_POST[editUserFirstName]', lastName = '$_POST[editUserLastName]', password = '$_POST[editUserPW]', permission = '$permission', address = '$_POST[editUserAddress]', email = '$_POST[editUserEmail]', phone = '$_POST[editUserPhone]' WHERE id = $selectedId";
if ($connect->query($sql) === TRUE) {
header('Location: hub.php');
echo "Success";
} else {
echo "Error: " . $sql . "<br>" . $connect->error;
}
}
//$connect->close();
?>
不要通用户直接输入到SQL查询。 SQL注入是可能的,使用准备好的语句。 – chris85
好的谢谢你的建议,我会定期研究修复 – Brady