我想提交时再次转到index.php?page = servers但是当我提交表单重定向是index.php?但在行动中是index.php?page = servers我该如何解决这个问题?
<form class="form-horizontal" action="index.php?page=servers">
<fieldset>
<legend>Add server</legend>
<div class="form-group">
<label for="inputEmail" class="col-lg-2 control-label">IP</label>
<div class="col-lg-10">
<input type="text" class="form-control" id="ipserver" placeholder="IP Adress">
</div>
</div>
<div class="form-group">
<label for="inputPassword" class="col-lg-2 control-label">Port</label>
<div class="col-lg-10">
<input type="text" class="form-control" id="portserver" placeholder="Port">
</div>
</div>
<div class="form-group">
<label for="select" class="col-lg-2 control-label">Type</label>
<div class="col-lg-10">
<select class="form-control" id="select">
<option>Half-Life (Counter-Stricke)</option>
<option>Minecraft</option>
</select>
</div>
</div>
<div class="form-group">
<div class="col-lg-10 col-lg-offset-2">
<button class="btn btn-default">Cancel</button>
<button type="submit" id="submit" class="btn btn-primary">Submit</button>
</div>
</div>
</fieldset>
</form>
和php
if(!empty($_POST['submit'])){
$ip_server = $_POST['ipserver'];
$port_server = $_POST['portserver'];
if ($ip_server == NULL || $port_server == NULL){
echo 'Моля попълнете всички полета.';
}else{
$type = "halflife";
$zone = 0;
$disabled = 0;
$status = 1;
$sql = ("INSERT INTO `lgsl` (type, ip, c_port, q_port, zone, disabled, status) VALUES ('$type', '$ip_server', '$port_server', '$port_server', '$zone', '$disabled', '$status')");
$result = mysql_query($sql);
echo 'Сървъра е успешно добавен!';
}
}
答案 0 :(得分:1)
What is the default form HTTP method?
您需要在表单标记中添加一个属性,以根据您的代码将其变为POST。
<form method="POST">
$_POST vs. $_SERVER['REQUEST_METHOD'] == 'POST'
要验证请求,请使用:
if( $_SERVER["REQUEST_METHOD"] == "POST" ) // or GET, if appropriate
如果您打算使用GET,则可以添加名为“page”的隐藏元素和值“servers”。
<input type="hidden" name="page" value="servers" />
答案 1 :(得分:0)
if(isset($_POST['submit'])){
$ip_server = mysql_real_escape_string($_POST['ipserver']);
$port_server = mysql_real_escape_string($_POST['portserver']);
if ($ip_server == NULL || $port_server == NULL){
echo 'Моля попълнете всички полета.';
} else {
$type = "halflife";
$zone = 0;
$disabled = 0;
$status = 1;
$sql = "INSERT INTO `lgsl` (type, ip, c_port, q_port, zone, disabled, status) VALUES ('$type', '$ip_server', '$port_server', '$port_server', '$zone', '$disabled', '$status')";
$result = mysql_query($sql);
echo 'Сървъра е успешно добавен!';
}
}
我添加了mysql_real_escape_string以阻止代码注入。
也可以在表单标记中使用method="post",例如<form method="post">
答案 2 :(得分:0)
您可能拥有自己想要的操作值,如下面的HTML所示:
<form name="myform" action="testform.php?query=string" method="POST">
<input name="data" type="text">
<input type="submit">
</form>
当前设置表单的方式,默认情况下,它会产生GET请求。但是,您对作为POST请求提交的表单的PHP测试!如果您确实打算将表单作为POST请求提交,则必须在action属性中将其指定为action="POST"。然后,更改提交表单的测试以检查POST是否具有值,如下所示:
<?php
if (isset($_POST) && $_POST != null){
echo ( htmlentities( $_SERVER['QUERY_STRING'] ) ); // adding more security
}
?>
注意:当方法为POST时,?query=string 部分不反映GET变量,而是反映QUERY_STRING。提交此表单后,它会重定向到testform.php?query=string。
顺便提一下,解析生成的查询字符串的一个方便的函数是parse_str,你可以用它来创建一个包含&#34;字符串&#34;的变量或关联数组。价值,如下:
<?php
$qs = htmlentities( $_SERVER['QUERY_STRING'] );
$str = substr( $qs, 1 ); // remove the '?'
// array option
parse_str( $str ,$arr);
echo $arr['query'],"\n";
// variable option
parse_str( $str );
echo $query;