1

这是我的代码(为长度道歉):

$companyid = $_SESSION["companyid"];

$_SESSION["youtubeurl"] = mysql_real_escape_string($_POST["youtubeurl"]);
$_SESSION["logourl"] = mysql_real_escape_string($_POST["logourl"]);

$_SESSION["plan1head"] = mysql_real_escape_string($_POST["plan1head"]);
$_SESSION["plan1description"] = mysql_real_escape_string($_POST["plan1description"]);
$_SESSION["plan1headline1"] = mysql_real_escape_string($_POST["plan1headline1"]);
$_SESSION["plan1price1"] = mysql_real_escape_string($_POST["plan1price1"]);
$_SESSION["plan1headline2"] = mysql_real_escape_string($_POST["plan1headline2"]);
$_SESSION["plan1price2"] = mysql_real_escape_string($_POST["plan1price2"]);

$_SESSION["plan2head"] = mysql_real_escape_string($_POST["plan2head"]);
$_SESSION["plan2description"] = mysql_real_escape_string($_POST["plan2description"]);
$_SESSION["plan2headline1"] = mysql_real_escape_string($_POST["plan2headline1"]);
$_SESSION["plan2price1"] = mysql_real_escape_string($_POST["plan2price1"]);
$_SESSION["plan2headline2"] = mysql_real_escape_string($_POST["plan2headline2"]);
$_SESSION["plan2price2"] = mysql_real_escape_string($_POST["plan2price2"]);

$_SESSION["plan3head"] = mysql_real_escape_string($_POST["plan3head"]);
$_SESSION["plan3description"] = mysql_real_escape_string($_POST["plan3description"]);
$_SESSION["plan3headline1"] = mysql_real_escape_string($_POST["plan3headline1"]);
$_SESSION["plan3price1"] = mysql_real_escape_string($_POST["plan3price1"]);
$_SESSION["plan3headline2"] = mysql_real_escape_string($_POST["plan3headline2"]);
$_SESSION["plan3price2"] = mysql_real_escape_string($_POST["plan3price2"]);

$_SESSION["plan1price1type"] = $_POST["plan1price1type"];
$_SESSION["plan1price2type"] = $_POST["plan1price2type"];
$_SESSION["plan2price1type"] = $_POST["plan2price1type"];
$_SESSION["plan2price2type"] = $_POST["plan2price2type"];
$_SESSION["plan3price1type"] = $_POST["plan3price1type"];
$_SESSION["plan3price2type"] = $_POST["plan3price2type"];

mysql_connect("localhost", "name", "password") or die(mysql_error());
mysql_select_db("database") or die(mysql_error());

$getstats = mysql_query("SELECT * FROM company WHERE companyid =   
'$companyid'");

$stats = mysql_fetch_array($getstats);

$calculaterating = $stats["ratingscore"] / $stats["ratingcount"];

if (!$calculaterating) {

$rating = "None";

} else {

$rating = $calculaterating;

}

$usage = $stats["usage"];

if(isset($_POST["submitpreview"])) {

$companyid = $_SESSION["companyid"];

$youtubeurl = $_SESSION["youtubeurl"];
$logourl = $_SESSION["logourl"];

$plan1head = $_SESSION["plan1head"];
$plan1description = $_SESSION["plan1description"];
$plan1headline1 = $_SESSION["plan1headline1"];
$plan1price1 = $_SESSION["plan1price1"];
$plan1headline2 = $_SESSION["plan1headline2"];
$plan1price2 = $_SESSION["plan1price2"];

$plan2head = $_SESSION["plan2head"];
$plan2description = $_SESSION["plan2description"];
$plan2headline1 = $_SESSION["plan2headline1"];
$plan2price1 = $_SESSION["plan2price1"];
$plan2headline2 = $_SESSION["plan2headline2"];
$plan2price2 = $_SESSION["plan2price2"];

$plan3head = $_SESSION["plan3head"];
$plan3description = $_SESSION["plan3description"];
$plan3headline1 = $_SESSION["plan3headline1"];
$plan3price1 = $_SESSION["plan3price1"];
$plan3headline2 = $_SESSION["plan3headline2"];
$plan3price2 = $_SESSION["plan3price2"];

$headlines = $_SESSION["headlines"];

$plan1price1type = $_SESSION["plan1price1type"];
$plan1price2type = $_SESSION["plan1price2type"];
$plan2price1type = $_SESSION["plan2price1type"];
$plan2price2type = $_SESSION["plan2price2type"];
$plan3price1type = $_SESSION["plan3price1type"];
$plan3price2type = $_SESSION["plan3price2type"];

mysql_connect("localhost", "name", "password") or die(mysql_error());
mysql_select_db("database") or die(mysql_error());

$islisted = mysql_query("SELECT * FROM companypage WHERE companyid = '$companyid'");

if ($islisted) {
mysql_query("UPDATE companypage SET
plan1head = '$plan1head',
plan1description = '$plan1description',
plan1price1type = '$plan1price1type',
plan1headline1 = '$plan1headline1',
plan1price1 = '$plan1price1',
plan1price2type = '$plan1price2type',
plan1headline2 = '$plan1headline2',
plan1price2 = '$plan1price2',
plan2head = '$plan2head', 
plan2description = '$plan2description',
plan2price1type = '$plan2price1type',
plan2headline1 = '$plan2headline1',
plan2price1 = '$plan2price1',
plan2price2type = '$plan2price2type',
plan2headline2 = '$plan2headline2',
plan2price2 = '$plan2price2',
plan3head = '$plan3head',
plan3description = '$plan3description',
plan3price1type = '$plan3price1type',
plan3headline1 = '$plan3headline1',
plan3price1 = '$plan3price1',
plan3price2type = '$plan3price2type',
plan3headline2 = '$plan3headline2',
plan3price2 = '$plan3price2',
logourl = '$logourl',
youtubeurl = '$youtubeurl',
headlines = '$headlines'
WHERE companyid='$companyid'") or die(mysql_error());

} else {

mysql_query("INSERT INTO companypage (
companyid,
    plan1head,
plan1description,
plan1price1type,
plan1headline1,
plan1price1,
plan1price2type,
plan1headline2,
plan1price2,
plan2head,
plan2description,
plan2price1type,
plan2headline1,
plan2price1,
plan2price2type,
plan2headline2,
plan2price2,
plan3head,
plan3description,
plan3price1type,
plan3headline1,
plan3price1,
plan3price2type,
plan3headline2,
plan3price2,
logourl,
youtubeurl,
headlines) 

VALUES(
    '$companyid',
'$plan1head',
'$plan1description',
'$plan1price1type',
'$plan1headline1',
'$plan1price1',
'$plan1price2type',
'$plan1headline2',
'$plan1price2',
'$plan2head',
'$plan2description',
'$plan2price1type',
'$plan2headline1',
'$plan2price1',
'$plan2price2type',
'$plan2headline2',
'$plan2price2',
'$plan3head',
'$plan3description',
'$plan3price1type',
'$plan3headline1',
'$plan3price1',
'$plan3price2type',
'$plan3headline2',
'$plan3price2',
'$logourl',
'$youtubeurl',
'$headlines')
") or die(mysql_error());

}

echo "<script>window.close();</script";

}

本质上,这里发生的事情是用户有一个自己的页面,可以通过一系列表单、下拉菜单等进行更改。要创建或更新他们的页面,他们填写表单并点击预览按钮,这是一个 target_blank,然后会弹出一个新选项卡,预览他们的页面会是什么样子。上一页中的所有变量都首先插入会话中以供以后使用。“预览”页面上有一个更新按钮。如果他们喜欢他们看到的内容,他们会点击更新按钮(从而在 PHP 代码中执行“提交预览”)。然后 PHP 代码检查他们是否创建了页面,并将它们添加到表中或根据变量更新其当前表。

这是我的问题。首次加载预览页面时,所有变量(会话或 POST)都会正确显示。但是,当执行提交预览并将信息存储在数据库中时,会存储以下内容:companyid 存储为 0,其他所有内容在表中存储为空白(即使它不应该接受空值?) . 这适用于插入和更新。所以这显然让我觉得我的会话变量(从 $_POST 变量在页面的第一个加载,我知道这是正确的,因为它们显示在预览页面上)在某种程度上是错误的当我在执行提交预览时将它们传递回正常变量时传递错误。但真正让我难过的是 companyid 也没有被正确存储(存储为 0 而不是正确的 id),即使当我在其他地方回显它时它显示正确。我确定我在做的是一个简单的愚蠢错误,但我无法弄清楚。

感谢您的帮助,并对代码和问题的长度感到抱歉。

4

2 回答 2

2

你不见了

session_start();

这必须是您希望使用会话变量的任何文件的第一行。

请参阅有关该主题的php.net 文档

于 2013-02-11T17:30:27.990 回答
2

如果那是您的实际脚本,那么您在执行所有这些 mysql_real_escape_string() 调用时还没有连接到 MySQL。您必须连接才能使用此功能。现在它只会返回一长串布尔 FALSE 值来表示错误。

将您的数据库连接代码移动到脚本的开头,它应该开始更好地工作。但当然,您应该升级到 mysqli 或 PDO,因为 mysql_*() 已被弃用。

当然,永远不要假设数据库操作已经成功。始终检查返回值是否失败,例如:

$var = mysql_real_escape_string($_POST['var']) or die(mysql_error());
                                              ^^^^^^^^^^^^^^^^^^^^^^

会告诉你问题是什么。

于 2013-02-11T17:36:07.097 回答