php为什么一个变量会在post后发生变化？

Question

我遇到了一个变量的问题。

只要在页面加载我设置一个变量来存储，像这样的“GET”值：

$currentItemID = htmlspecialchars($_GET["id"]); 

多数民众赞成不错。

然后，我将$ currentItemID的值加载到表单中，以便用户可以更新这些值。

还是很好的。

但是只要用户提交表单，$ currentItemID的值就会丢失。

这意味着当我尝试更新数据库中的id = $ currentItemID时，它不知道如何更新，因为id已丢失。更奇怪的是，sql实际上是用一个ID值执行的。

代码的削减版本如下：

<?php 
//set current item ID 
$currentItemID = htmlspecialchars($_GET["id"]); 
echo"at start = $currentItemID"; 

// Setup defaults. 
$error = 0; //input errors 
$up_error = 0; //title and description error counter - used to only show error message once. 
$clean = array(); 
$clean_name = ""; 
$clean_description = ""; 
$clean_price = ""; 
$clean_pic = ""; 
$clean_status = ""; 
$clean_quantity = ""; 

//if all input is valid then... 
if (isset($_POST['add'])) 
{ 
echo"inside post = $currentItemID"; 
    //clear error message 
    $errmsg = ''; 

    // validate 'name': must consist of alphanumeric characters only. 
    $_POST['name'] = isset($_POST['name']) ? $_POST['name'] : ''; 
    if(preg_match('/^[a-z\d\w\s+,._-]{1,20}$/i',$_POST['name'])) 
     {$clean_name = $_POST['name'];} 
    else 
     {$error++;$errmsg .= 'Invalid name. ';} 

    //validate 'description': must consist of alphabet characters, numbers white space character or , . _ and - 
    $_POST['description'] = isset($_POST['description']) ? $_POST['description'] : ''; 
    //thought i'ld add another ten characters to allow a bit more text. 
    if(preg_match('/^[a-z\d\w\s,.]{1,90}$/i',$_POST['description'])) 
     {$clean_description = $_POST['description'];} 
    else{$error++; $errmsg .= 'Invalid description. ';} 

    // validate 'price': must be number - with or without 2 decimal places. 
    $_POST['price'] = isset($_POST['price']) ? $_POST['price'] : ''; 
    if(preg_match('/^\d+(\.\d{2})?$/',$_POST['price'])) 
     {$clean_price = $_POST['price'];} 
    else 
     {$error++; $errmsg .= 'Invalid price. ';} 

    // validate 'pic': must consist of alphanumeric characters only. 
    //$_POST['pic'] = isset($_POST['pic']) ? $_POST['pic'] : ''; 
    //if(preg_match('/\.(jpg|gif|jpeg)$/i',$_POST['pic'])) 
     //{$clean_price = $_POST['pic'];} 
    //else 
     //{$error++; $errmsg .= 'Invalid pic. ';} 

    // validate 'quantity': must consist of numbers only. 
    //$_POST['pic'] = isset($_POST['pic']) ? $_POST['pic'] : ''; 
    //if(preg_match('/\.(jpg|gif|jpeg)$/i',$_POST['pic'])) 
     //{ 
     $clean_quantity = $_POST['quantity']; 
     //} 
    //else 
     //{$error++; $errmsg .= 'Invalid pic. ';} 

    // validate 'status': must be one of the drop down options. 
    $_POST['status'] = isset($_POST['status']) ? $_POST['status'] : ''; 
    if($_POST['status']=='available'||$_POST['status']=='unavailable'||$_POST['status']=='ebay'||$_POST['status']=='new') 
     {$clean_status = $_POST['status'];} 
    else 
     {$error++; $errmsg .= 'Invalid status. ';} 

    // validate 'catagory': must be one of the drop down options. 
    /* 
    $_POST['catagory'] = isset($_POST['catagory']) ? $_POST['catagory'] : ''; 
    if($_POST['catagory']=='cd'||$_POST['catagory']=='tshirt') 
     {$clean_status = $_POST['catagory'];} 
    else 
     {$error++; $errmsg .= 'Invalid catagory. ';}*/ 
} 


if (isset($_POST['add']) && ($error==0)) 
{     


    // open connection 
    $connection = mysql_connect($host, $user, $pass) or die ("Unable to connect!"); 
    // select database 
    mysql_select_db($db) or die ("Unable to select database!"); 
    // create query 
    $query = "UPDATE paulyout_pauly.products 
      SET 
      name='$clean_name', description='$clean_description', 
      price='$clean_price', status='$clean_status', quantity='$clean_quantity' 
      WHERE id='$currentItemID';";  

    // execute query 
    mysql_query($query) or die ("Error in query: $query.".mysql_error()); 
    // close connection 
    mysql_close($connection); 
    echo"<p>Item succesfully updated.</p><a href=\"../\">Back to Control Panel</a>.</p>"; 
    echo(htmlspecialchars($_GET["id"])); 
    echo"what is going on"; 
    echo"currentItemID = $currentItemID"; 
    echo"$currentItemID"; 



} 

else //output error messages 
{if ($error>0) {echo "<p><strong>There were errors in your submission:</strong> $errmsg</p>\n";} 


///////////////////get existing item details: 
// open connection 
$connection = mysql_connect($host, $user, $pass) or die ("Unable to connect!"); 
// select database 
mysql_select_db($db) or die ("Unable to select database!"); 
// create query 
$query = "SELECT id, name, description, price, pic, status, quantity FROM products where id = '$currentItemID';"; 

// execute query 
$result = mysql_query($query) or die ("Error in query!"); 

//return results 
$counter = 0; 
if(mysql_num_rows($result) > 0) { 
    while(list($db_id, $db_name, $db_description, $db_price, $db_pic, $db_status, $db_quantity) = mysql_fetch_row($result)){ 


      //render form 
?> 
<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" id="save"><fieldset> 
<table id="site-form"> 
    <tr> 
    <td class="one_of_three"><label>Item Name:&nbsp;&nbsp;</label></td> 
    <td class="two_of_three"><input type="text" name="name" id="name" value="<?php echo"$db_name";?>"/></td> 
    <td><label class="errors" id="nameError">&nbsp;</label></td> 
    </tr> 
    <tr> 
    <td class="one_of_three"><label>Description:&nbsp;&nbsp;</label></td> 
    <td class="two_of_three"><textarea rows="10" cols="30" name="description" id="description"><?php echo"$db_description";?></textarea></td> 
    <td><label class="errors" id="descriptionError">&nbsp;</label></td> 
    </tr> 
    <tr> 
    <td class="one_of_three"><label>Price(£):&nbsp;&nbsp;</label></td> 
    <td class="two_of_three"><input type="text" name="price" id="price" value="<?php echo"$db_price";?>"/></td> 
    <td><label class="errors" id="priceError">&nbsp;</label></td> 
    </tr> 
    <tr> 
    <td class="one_of_three"><label>Quantity:&nbsp;&nbsp;</label></td> 
    <td class="two_of_three"><input type="text" name="quantity" id="quantity" value="<?php echo"$db_quantity";?>"/></td> 
    <td><label class="errors" id="quantityError">&nbsp;</label></td> 
    </tr> 
    <tr> 
    <td class="one_of_three"><label>Picture:&nbsp;&nbsp;</label></td> 
    <td class="two_of_three"><input type="file" name="userfile[]" id="pic"/></td> 
    <td><label class="errors" id="picError">&nbsp;</label></td> 
    </tr> 
    <tr> 
    <td class="one_of_three"><label>Status:&nbsp;&nbsp;</label></td> 
    <td class="two_of_three"> 
     <select name="status" id="status" value=""> 
     <option value="<?php echo"$db_status";?>"><?php echo(ucfirst(strtolower($db_status)));?></option> 
     <option value="available">Available</option> 
     <option value="new">New</option> 
     </select> 
    </td> 
    <td><label class="errors" id="statusError">&nbsp;</label></td> 
    </tr> 
    <!-- 
    <tr> 
    <td class="one_of_three"><label>Catagory:&nbsp;&nbsp;</label></td> 
    <td class="two_of_three"> 
     <select name="catagory" id="catagory"> 
     <option value="cd">CD</option> 
     <option value="tshirt">T-Shirt</option> 
     </select> 
    </td> 
    <td><label class="errors" id="statusError">&nbsp;</label></td> 
    </tr>--> 
    <tr> 
     <td class="one_of_three">&nbsp;</td> 
     <td class="two_of_three"><input name="add" id="save_button" type="submit" value="Add Item"/>&nbsp;&nbsp;<a href="../">Cancel</a>.</td> 
     <td>&nbsp;</td> 
    </tr> 
</table> 
</fieldset></form> 
<?php 


    } 
} 
else {echo "<p>Product not found.</p>";}//the item could not be found!!! 





// free result set from memory 
mysql_free_result($result); 
// close connection 
mysql_close($connection); 
} 
?> 


<?php ob_end_flush()?> 

Answer 1

您发布形式$_SERVER['PHP_SELF']。这样GET参数在提交时重置。 您应该改为$_SERVER['PHP_SELF']."?id=".$currentItemID。

OR

刚刚离开的行动领域的空白