php 中的中断循环问题
issue with breaking loop in php
if((isset($_POST['page_id'])) && (isset($_POST['page_title'])) && (isset($_POST['page_file_name']))) {
$_POST['page_id'];
$page_id = $_POST['page_id'];
$page_title = $_POST['page_title'];
$page_file_name = $_POST['page_file_name'].".txt";
//to check if id or page already exists in database or not
$sql_page_check = "SELECT * FROM page";
$sql_page_check_result = mysqli_query($conn,$sql_page_check);
if($sql_page_check_result == true){
if(mysqli_num_rows($sql_page_check_result)>0){
$pages_present = mysqli_num_rows($sql_page_check_result);
while($page = mysqli_fetch_assoc($sql_page_check_result)){
if(($page['page_id']==$page_id) || ($page['page_title']==$page_title) || ($page['page_file_name']==$page_file_name)){
echo "Page Id ($page_id) /$page_title / $page_file_name already exists in database, please check and try again";
break1;
}
elseif(($page_id=="") || ($page_title=="") || ($page_link=="")){
echo ("<b style='color:red;'>Please fill all fields.</b>");
break;
}
else{
if(!file_exists("../pages/".$page_file_name)){
fopen("../pages/".$page_file_name,"w");
$sql_add_menu = "INSERT INTO page VALUES('$page_id','$page_title','$page_file_name')";
$sql_add_menu_result = mysqli_query($conn,$sql_add_menu);
if($sql_add_menu_result == true){
echo"<b style='color:green;'>$page_title Page Added</b>";
}
}
}
}
}
}
}
include "footer.php";
问题是必须显示的每条错误消息都在循环内并显示多次,如果我使用 break,die,exit 底部的 footer.php 不会显示,还有其他部分不起作用!
你不需要循环。只需执行一个使用 WHERE 子句的查询即可查看是否有任何输入已在数据库中。并使用准备好的查询来防止 SQL 注入。
您还应该在查询之前检查字段是否为空。
if(($page_id=="") || ($page_title=="") || ($page_link=="")){
echo ("<b style='color:red;'>Please fill all fields.</b>");
} else {
$sql_page_check = "SELECT 1 FROM page WHERE page_id = ? OR page_title = ? OR page_file_name = ?";
$stmt_page_check = mysqli_prepare($conn, $sql_page_check);
mysqli_stmt_bind_param($stmt_page_check, "iss", $page_id, $page_title, $page_file_name);
mysqli_stmt_execute($stmt_page_check);
if (mysql_stmt_num_rows($stmt_page_check) != 0) {
echo "Page Id ($page_id) /$page_title / $page_file_name already exists in database, please check and try again";
} else {
if (!file_exists ("../pages/".$page_file_name) {
fopen("../pages/".$page_file_name,"w");
}
$sql_add_menu = "INSERT INTO page VALUES(?, ?, ?)";
$stmt_add_menu = mysqli_prepare($conn, $sql_add_menu);
mysql_stmt_bind_param($stmt_add_menu, "iss", $page_id, $page_title, $page_file_name);
$sql_add_menu_result = mysqli_stmt_execute($stmt_add_menu);
if($sql_add_menu_result){
echo "<b style='color:green;'>$page_title Page Added</b>";
}
}
}
if((isset($_POST['page_id'])) && (isset($_POST['page_title'])) && (isset($_POST['page_file_name']))) {
$_POST['page_id'];
$page_id = $_POST['page_id'];
$page_title = $_POST['page_title'];
$page_file_name = $_POST['page_file_name'].".txt";
//to check if id or page already exists in database or not
$sql_page_check = "SELECT * FROM page";
$sql_page_check_result = mysqli_query($conn,$sql_page_check);
if($sql_page_check_result == true){
if(mysqli_num_rows($sql_page_check_result)>0){
$pages_present = mysqli_num_rows($sql_page_check_result);
while($page = mysqli_fetch_assoc($sql_page_check_result)){
if(($page['page_id']==$page_id) || ($page['page_title']==$page_title) || ($page['page_file_name']==$page_file_name)){
echo "Page Id ($page_id) /$page_title / $page_file_name already exists in database, please check and try again";
break1;
}
elseif(($page_id=="") || ($page_title=="") || ($page_link=="")){
echo ("<b style='color:red;'>Please fill all fields.</b>");
break;
}
else{
if(!file_exists("../pages/".$page_file_name)){
fopen("../pages/".$page_file_name,"w");
$sql_add_menu = "INSERT INTO page VALUES('$page_id','$page_title','$page_file_name')";
$sql_add_menu_result = mysqli_query($conn,$sql_add_menu);
if($sql_add_menu_result == true){
echo"<b style='color:green;'>$page_title Page Added</b>";
}
}
}
}
}
}
}
include "footer.php";
问题是必须显示的每条错误消息都在循环内并显示多次,如果我使用 break,die,exit 底部的 footer.php 不会显示,还有其他部分不起作用!
你不需要循环。只需执行一个使用 WHERE 子句的查询即可查看是否有任何输入已在数据库中。并使用准备好的查询来防止 SQL 注入。
您还应该在查询之前检查字段是否为空。
if(($page_id=="") || ($page_title=="") || ($page_link=="")){
echo ("<b style='color:red;'>Please fill all fields.</b>");
} else {
$sql_page_check = "SELECT 1 FROM page WHERE page_id = ? OR page_title = ? OR page_file_name = ?";
$stmt_page_check = mysqli_prepare($conn, $sql_page_check);
mysqli_stmt_bind_param($stmt_page_check, "iss", $page_id, $page_title, $page_file_name);
mysqli_stmt_execute($stmt_page_check);
if (mysql_stmt_num_rows($stmt_page_check) != 0) {
echo "Page Id ($page_id) /$page_title / $page_file_name already exists in database, please check and try again";
} else {
if (!file_exists ("../pages/".$page_file_name) {
fopen("../pages/".$page_file_name,"w");
}
$sql_add_menu = "INSERT INTO page VALUES(?, ?, ?)";
$stmt_add_menu = mysqli_prepare($conn, $sql_add_menu);
mysql_stmt_bind_param($stmt_add_menu, "iss", $page_id, $page_title, $page_file_name);
$sql_add_menu_result = mysqli_stmt_execute($stmt_add_menu);
if($sql_add_menu_result){
echo "<b style='color:green;'>$page_title Page Added</b>";
}
}
}