关于php字符串长度的问题
bellow是一个插入数据到表中的脚本。我已经使用strlen()函数检查字符串的长度,如果字符串的长度低于限制但它不会停止查询向表中添加另一行,则会返回错误。我怎样才能做到这一点。非常感谢您关于php字符串长度的问题
<?php
$con=mysqli_connect("localhost","zzzz","xxxxzzz2","my_project");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
//$sql="INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
//VALUES
//('$_POST[ProductName]','$_POST[ProductCond]','$_POST[ProductPrice]','$_POST[ProductCat]','$_POST[ProductRegion]','$_POST[Email]','$_POST[PhoneNumber]')";
$sql="INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
VALUES
('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
//here is the part in question
if (strlen($ProductName) < 10)
{
die('Error: ' . mysqli_error($sql));
}
echo "1 record added";
mysqli_close($con);
?>
你插入后检查字符串的长度,你需要插入之前做检查,这样的:
<?php
$con=mysqli_connect("localhost","zzzz","xxxxzzz2","my_project");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if (strlen($ProductName) < 10)
{
die('Error: product name too short!');
}
$sql="INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
VALUES
('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
//here is the part in question
echo "1 record added";
mysqli_close($con);
?>
编辑使用die
不被认为是最佳做法。更好的方式来做到这一点,是在if
声明它包装(例如),像这样:
<?php
$con=mysqli_connect("localhost","zzzz","xxxxzzz2","my_project");
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
} elseif (strlen($ProductName) < 10) {
echo 'Error: product name too short!';
} else {
$sql= "INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
VALUES
('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')";
if (!mysqli_query($con,$sql)) {
echo 'Error: ' . mysqli_error($con);
} else {
echo "1 record added";
}
}
mysqli_close($con);
?>
基于您的评论编辑2,如果你想检查字符串ISN “T超过50个字符,你可以使用这样的事情:
<?php
$con=mysqli_connect("localhost","zzzz","xxxxzzz2","my_project");
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
} elseif (strlen($ProductName) < 10) {
echo 'Error: product name too short!';
} elseif (strlen($ProductName) > 50) {
echo 'Error: product name too long!';
} else {
$sql= "INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
VALUES
('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')";
if (!mysqli_query($con,$sql)) {
echo 'Error: ' . mysqli_error($con);
} else {
echo "1 record added";
}
}
mysqli_close($con);
?>
我还有一个问题,你如何添加另一个条件,以便它也检查最大限制,例如> 50错误:必须小于... – user3463859
我尝试添加另一个,但如果它不起作用 – user3463859
请参阅我的第二个编辑 – trizz
脚本的命令有错误的,逻辑需要像这样:
<?php
$con=mysqli_connect("localhost","zxzxzx","zxzxzx","my_project");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
//$sql="INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
//VALUES
//('$_POST[ProductName]','$_POST[ProductCond]','$_POST[ProductPrice]','$_POST[ProductCat]','$_POST[ProductRegion]','$_POST[Email]','$_POST[PhoneNumber]')";
$sql="INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
VALUES
('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')";
// First thing is to ask your condition..
if (strlen($ProductName) < 10)
{
die('Error: ' . mysqli_error($sql));
}
echo "1 record added";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
mysqli_close($con);
?>
我建议你在查询中使用绑定参数来防止SQL注入。 PDO bindings
移动您的插入语句___after___长度检查....如果它在那之前,那么它会在那之前运行 –
但是PHP ___中的长字符串测试不会___生成MySQL错误,因此显示MySQLi错误如果strlen($ ProductName)
Mark是正确的,顺便说一句你在哪里给你的'$ ProductName'赋值? –