我有一个简单的问题,但我不知道如何克服它。
这是我的表单页面
<div id="register">
<table border="0" cellpadding="0" cellspacing="0" align="center" width="1000px" >
<tr>
<td height="300px" width="300px" align="center">
</td>
<td height="300px" width="400px" align="center" background="Images/panel2.png">
<form action="reg_conn.php" method="post">
<FIELDSET>
<LEGEND>Register</LEGEND><P>
<table width="350px" cellpadding="0" cellspacing="0" border="0" align="center">
<tr>
<td align="center" width="50px"/>
<td align="center" width="100px">
<label for="username" >UserName:</label>
</td>
<td align="center" width="50px"/>
<td align="center" width="100px">
<input type="text" name="username" class="textfield"/>
</td>
<td align="center" width="50px"/>
</tr>
<tr>
<td colspan="5" align="center" height="10px"/>
</tr>
<tr>
<td align="center" width="50px"/>
<td align="center" width="100px">
<label for="name" >Name:</label>
</td>
<td align="center" width="50px"/>
<td align="center" width="100px">
<input type="text" name="name" class="textfield"/>
</td>
<td align="center" width="50px"/>
</tr>
<tr>
<td colspan="5" align="center" height="10px"/>
</tr>
<tr>
<td align="center" width="50px"/>
<td align="center" width="100px">
<label for="email" >Email:</label>
</td>
<td align="center" width="50px"/>
<td align="center" width="100px">
<input type="text" name="email" class="textfield"/>
</td>
<td align="center" width="50px"/>
</tr>
<tr>
<td colspan="5" align="center" height="10px"/>
</tr>
<tr>
<td align="center" width="50px"/>
<td align="center" width="100px">
<label for="password" >PassWord:</label>
</td>
<td align="center" width="50px"/>
<td align="center" width="100px">
<input type="password" name="password" class="textfield"/>
</td>
<td align="center" width="50px"/>
</tr>
<tr>
<td colspan="5" align="center" height="10px"/>
</tr>
<tr>
<td align="center" width="50px"/>
<td align="center" width="100px">
<label for="security_q" >Security Question:</label>
</td>
<td align="center" width="50px"/>
<td align="center" width="100px">
<select name="security_q" class="dropdown" style="width: 100px" >
<option value="My 1st Teacher">My 1st Teacher</option>
<option value="My 1st Pet">My 1st Teacher</option>
<option value="My 1st Crush">My 1st Crush</option>
</select>
</td>
<td align="center" width="50px"/>
</tr>
<tr>
<td colspan="5" align="center" height="10px"/>
</tr>
<tr>
<td align="center" width="50px"/>
<td align="center" width="100px">
<label for="security_a" >Security Answer:</label>
</td>
<td align="center" width="50px"/>
<td align="center" width="100px">
<input type="text" name="security_a" class="textfield"/>
</td>
<td align="center" width="50px"/>
</tr>
<tr>
<td colspan="5" align="center" height="10px"/>
</tr>
<tr>
<td align="center" width="50px"/>
<td align="center" width="250px" colspan="3">
<input type="submit" class="button" style="width: 200px; height: 20px;" />
</td>
<td align="center" width="50px"/>
</tr>
</table>
</FIELDSET>
</form>
</td>
<td height="300px" width="300px" align="center"/>
</tr>
</table>
</div>
而我的reg_conn.php文件如下:
<?php
include('connection.php');
$sql="INSERT INTO candidate_register_table (username, name, email, password, security_q, security_a)
VALUES
('$_POST[username]','$_POST[name]','$_POST[email]','$_POST[password]','$_POST[security_q]','$_POST[security_a]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
mysql_close($con);
?>
现在当我提交时,页面被重定向到 reg_conn.php 文件。我不想要那个;我想留在上一页。如何做到这一点?
最佳答案
您要找的是 Post-Redirect-Get .成功提交到您的数据库后,您将浏览器重定向回最终目的地。
首先要防止注入(inject)攻击:
include('connection.php');
$username = mysql_real_escape_string($_POST['username']);
$name = mysql_real_escape_string($_POST['name']);
$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);
$securityq = mysql_real_escape_string($_POST['security_q']);
$securitya = mysql_real_escape_string($_POST['security_a']);
// Use filtered values here, never direct from $_POST!!!!!
$sql="INSERT INTO candidate_register_table (username, name, email, password, security_q, security_a)
VALUES ('$username','$name','$email','$password','$security_q','$security_a')";
if (!mysql_query($sql,$con))
{
// Don't die(). Instead redirect with error.
$err=1;
}
mysql_close($con);
// Set an error parameter if there was a problem...
// this is optional, since a failure of mysql_query() would indicate a code problem
// rather than a problem with the user's input.
if (isset($err)) {
// And redirect back to the form with the error in the querystring
header("Location: http://example.com/form.php?err=1");
exit();
}
else {
// No error...
// And redirect back to the form...
header("Location: http://example.com/form.php");
exit();
}
在表单页面上,如果你想向用户显示一个错误,你可以这样做:
if (isset($_GET['err'])) {
echo "an error occurred...";
}
更健壮的实现会将错误消息设置到 $_SESSION
中,然后在屏幕上显示后将其unset()
。
关于php - 使用 POST 方法使用 PHP 在 MySQL 中插入数据后,停留在同一页面,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9338195/