paper_add.php
是一种用于将值发布到名为paper_entry.php
的另一个php页面的html表单。
我想使用验证不允许重复的条目进入数据库,而是会给他们错误信息,其中一些值是重复的。
我试过比较字符串,但它只适用于有2个变量,我也试过使用in_array()
,但没有奏效。我发布了两个页面,以便任何人都可以指引我走向正确的方向,我会非常高兴并继续我的项目。
我想确保q1q1是不一样的Q1Q2等之前,我允许它被插入到数据库
<?php include 'header.php'; ?>
<div class="container">
<table class="table table-bordered">
<thead>
<tr>
<th colspan='2'><u>Add Paper</u></th>
</tr>
</thead>
<tbody>
<form method="post" action="paper_entry.php">
<tr>
<td>Examination </td>
<td><input type="text" required="required" class="form-control" name="examination"></td>
</tr>
<tr>
<td>Subject </td>
<td><input type="text" required="required" class="form-control" name="subject"></td>
</tr>
<tr>
<td>Subject Code </td>
<td><input type="text" required="required" class="form-control" name="subject_code"></td>
</tr>
<tr>
<td>Category</td>
<td><input type="text" required="required" class="form-control" name="category"></td>
</tr>
<tr>
<td>Month & Year:</td>
<td><input type="text" required="required" class="form-control" name="month_year"></td>
</tr>
<input type="hidden" required="required" class="form-control" name="created_by" value="<?php echo $_SESSION ['user'] ?>">
<tr>
<td>Question 1 (1) :</td>
<td><input type="text" required="required" class="form-control" name="q1q1"></td>
</tr>
<tr>
<td>Question 1 (2) :</td>
<td><input type="text" required="required" class="form-control" name="q1q2"></td>
</tr>
<tr>
<td>Question 1 (3) :</td>
<td><input type="text" required="required" class="form-control" name="q1q3"></td>
</tr>
<tr>
<td>Question 1 (4) :</td>
<td><input type="text" required="required" class="form-control" name="q1q4"></td>
</tr>
<tr>
<td>Question 1 (5) :</td>
<td><input type="text" required="required" class="form-control" name="q1q5"></td>
</tr>
<tr>
<td>Question 1 (6) :</td>
<td><input type="text" required="required" class="form-control" name="q1q6"></td>
</tr>
<tr>
<td>Question 1 (7) :</td>
<td><input type="text" required="required" class="form-control" name="q1q7"></td>
</tr>
<tr>
<td>Question 1 (8) :</td>
<td><input type="text" required="required" class="form-control" name="q1q8"></td>
</tr>
<tr>
<td>Question 2 (A) :</td>
<td><input type="text" required="required" class="form-control" name="q2qa"></td>
</tr>
<tr>
<td>Question 2 (B) :</td>
<td><input type="text" required="required" class="form-control" name="q2qb"></td>
</tr>
<tr>
<td>Question 2 (Or A) :</td>
<td><input type="text" required="required" class="form-control" name="q2qoa"></td>
</tr>
<tr>
<td>Question 2 (Or B) :</td>
<td><input type="text" required="required" class="form-control" name="q2qob"></td>
</tr>
<tr>
<td>Question 3 (A) :</td>
<td><input type="text" required="required" class="form-control" name="q3qa"></td>
</tr>
<tr>
<td>Question 3 (B) :</td>
<td><input type="text" required="required" class="form-control" name="q3qb"></td>
</tr>
<tr>
<td>Question 3 (Or B) :</td>
<td><input type="text" required="required" class="form-control" name="q3qob"></td>
</tr>
<tr>
<td>Question 4 (A) :</td>
<td><input type="text" required="required" class="form-control" name="q4qa"></td>
</tr>
<tr>
<td>Question 4 (B) :</td>
<td><input type="text" required="required" class="form-control" name="q4qb"></td>
</tr>
<tr>
<td>Question 5 (1) :</td>
<td><input type="text" required="required" class="form-control" name="q5q1"></td>
</tr>
<tr>
<td>Question 5 (2) :</td>
<td><input type="text" required="required" class="form-control" name="q5q2"></td>
</tr>
<tr>
<td>Question 5 (3) :</td>
<td><input type="text" required="required" class="form-control" name="q5q3"></td>
</tr>
<tr>
<td>Submit : </td>
<td><input type="submit" name="submit"></td>
</tr>
</tbody>
</table>
</div>
paper_entry.php
<?php
include 'header1.php';
$examination = $_POST["examination"];
$subject = $_POST["subject"];
$subject_code = $_POST["subject_code"];
$category = $_POST["category"];
$month_year = $_POST["month_year"];
$created_by = $_POST["created_by"];
$q1q1 = $_POST["q1q1"];
$q1q2 = $_POST["q1q2"];
$q1q3 = $_POST["q1q3"];
$q1q4 = $_POST["q1q4"];
$q1q5 = $_POST["q1q5"];
$q1q6 = $_POST["q1q6"];
$q1q7 = $_POST["q1q7"];
$q1q8 = $_POST["q1q8"];
$q2qa = $_POST["q2qa"];
$q2qb = $_POST["q2qb"];
$q2qoa = $_POST["q2qoa"];
$q2qob = $_POST["q2qob"];
$q3qa = $_POST["q3qa"];
$q3qb = $_POST["q3qb"];
$q3qob = $_POST["q3qob"];
$q4qa = $_POST["q4qa"];
$q4qb = $_POST["q4qb"];
$q5q1 = $_POST["q5q1"];
$q5q2 = $_POST["q5q2"];
$q5q3 = $_POST["q5q3"];
include 'dbconnect.php';
$sql = "INSERT INTO paper (id , examination, subject,subject_code,category,month_year,created_by,q1q1,q1q2,q1q3,q1q4,q1q5,q1q6,q1q7,q1q8,q2qa,q2qb,q2qoa,q2qob,q3qa,q3qb,q3qob,q4qa,q4qb,q5q1,q5q2,q5q3)
VALUES ('','$examination','$subject','$subject_code','$category','$month_year','$created_by','$q1q1','$q1q2','$q1q3','$q1q4','$q1q5','$q1q6','$q1q7','$q1q8','$q2qa','$q2qb','$q2qoa','$q2qob','$q3qa','$q3qb','$q3qob','$q4qa','$q4qb','$q5q1','$q5q2','$q5q3')";
if (mysqli_query($conn, $sql)) {
echo "<center> <h2><a href='paper_list.php'> Paper Added, Click Here For List. </h2> </center></a>";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
include 'footer.php';
?>
表单不能是表格的子元素 –
[Little Bobby](http://bobby-tables.com/)表示*** [您的脚本存在SQL注入攻击风险。](http:/ /stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)***。即使[转义字符串](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)是不安全的! –
请不要忽视我的不道德编码,因为这只是我正在尝试做的大学常规项目,它不会在现实中使用。我只是无法验证每个字段,以便在任何字段中没有类似的值,并且如果有的话应该给出错误。我试过比较字符串,但它一次只接受2个变量,我想比较将要在数据库中进行的所有变量并交叉检查重复条目。 – Mohsin