我试图为我正在工作的网站创建一个验证表单,并且如果帖子请求在没有验证的情况下工作,那么只要我开始引入一个简单的计数来阻止查询被发送,它就会停止工作
<?php
$ErrorCount = 0;
$StudentNO = $_POST['updateid'];
$editfirst = $_POST['updatefirst'];
$editSurname = $_POST['updatesurn'];
$editfirst = test_input($editfirst);
$editSurname = test_input($editSurname);
$StudentNO = test_input2($StudentNO);
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
$data = preg_replace("/[^a-zA-Z]/", "", $data);
if(preg_match('/drop table/i', $data)) {
$data == null;
}
if($data == null) {
$ErrorCount++;
}
}
function test_input2($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
$data = preg_replace("/[^a-zA-Z]/", "", $data);
if(preg_match('/drop table/i', $data)) {
$data == null;
}
if(strlen($StudentNO) != 6) {
$ErrorCount++;
}
if($data == null) {
$ErrorCount++;
}
}
if($ErrorCount == 0) {
$server = 'sql.rde.hull.ac.uk';
$connectionInfo = array("Database"=>"rde_556278");
$conn = sqlsrv_connect($server, $connectionInfo);
$updateQuery = "UPDATE Users SET Firstname = '$editfirst', Surname = '$editSurname' WHERE StudentID = '$StudentNO';";
$result = sqlsrv_query($conn, $updateQuery);
sqlsrv_free_stmt( $updateQuery);
sqlsrv_close($conn);
}
?>
问题是错误计数没有被增加或传递给任何东西,任何帮助,因为我无法看到我的错误。我是非常新的PHP
<?php
updateQuery = "INSERT INTO Locations (StudentID, ,[Location], [DateTime]) VALUES (?, ?, GETDATE());";
$params = array($UpdateStudent, $UpdateLocation);
$result = sqlsrv_query($conn, $updateQuery, $params);
?>
您是否尝试将功能定义更改为:
function test_input($data,$ErrorCount) { /*code....*/ }
function test_input2($data,$ErrorCount) { /*code....*/ }