PHP MySQL insert into with GET method

2019-08-30 06:33发布

站内问答 / PHP
1882 1 6

I am trying admin panel work. I downloaded this example admin panel design: http://medialoot.com/item/html5-admin-template/

HTML structure: http://pastebin.ubuntu.com/5940949/

I tried PHP code,

<?php
if(isset($_GET['submit'])){
    if($_FILES["carImage"]["error"] > 0){
    echo '<script type="text/javascript">alert('."File not upload" . $_FILES["carImage"]["error"].');</script>';
    }else{
        if(!is_dir("../inc/imj/cars")){
            mkdir("../inc/imj/cars");
        }
        $carImage_ = "../inc/imj/cars".$_FILES["carImage"]["name"];
        move_uploaded_file($_FILES["carImage"]["tmp_name"],$carImage_);

        mysql_query("

        INSERT INTO contents ('indexId','catId','carModelName','carCash','carImage','carAlt','carTitle','carKMH','carWeight','carWheelInch','carColur','info')
        VALUES (NULL,'".$_GET['catId']."','".$_GET['carModelName']."','".$_GET['carCash']."','".$carImage_."','".$_GET['carAlt']."','".$_GET['carTitle']."','".$_GET['carKMH']."','".$_GET['carWeight']."','".$_GET['carWheelInch']."','".$_GET['carColur']."','".$_GET['info']."')

        ");

    }
}       
?>

I tried alternative query code,

mysql_query("

INSERT INTO contents ('indexId','catId','carModelName','carCash','carImage','carAlt','carTitle','carKMH','carWeight','carWheelInch','carColur','info')
VALUES (NULL,".$_GET['catId'].",".$_GET['carModelName'].",".$_GET['carCash'].",".$carImage_.",".$_GET['carAlt'].",".$_GET['carTitle'].",".$_GET['carKMH'].",".$_GET['carWeight'].",".$_GET['carWheelInch'].",".$_GET['carColur'].",".$_GET['info'].")

");

I guess file not uploading. so not working.

Because errors;

Notice: Undefined index: carImage in ..

Notice: Undefined index: bilgi in ..

note: TABLE contents.indexId is primary key and auto increment.

How solve we do?

Thank you for your interest.

UPDATE

Image upload problem is;

<?php
$catId = isset($_GET['catId']) ? $_GET['catId'] : "";
$carModelName = isset($_GET['carModelName']) ? $_GET['carModelName'] : "";
$carCash = isset($_GET['carCash']) ? $_GET['carCash'] : "";
$carAlt = isset($_GET['carAlt']) ? $_GET['carAlt'] : "";
$carTitle = isset($_GET['carTitle']) ? $_GET['carTitle'] : "";
$carKMH = isset($_GET['carKMH']) ? $_GET['carKMH'] : "";
$carWeight = isset($_GET['carWeight']) ? $_GET['carWeight'] : "";
$carWheelInch = isset($_GET['carWheelInch']) ? $_GET['carWheelInch'] : "";
$carColur = isset($_GET['carColur']) ? $_GET['carColur'] : "";
$info = isset($_GET['info']) ? $_GET['info'] : "";
if(isset($_GET['submit'])){
    if($_FILES["carImage"]["error"] > 0){
    echo '<script type="text/javascript">alert('."File not upload" . $_FILES["carImage"]["error"].');</script>';
    }else{

        $carUrl_ = "../inc/imj/urun";
        if(!is_dir($carUrl_)){mkdir($carUrl_);}

        $carImage_ = $carUrl_.$_FILES["carImage"]["name"];
        $carUrlName = $_FILES["carImage"]["name"];
        move_uploaded_file($_FILES["carImage"]["tmp_name"],$carImage_);

        mysql_query("

        INSERT INTO contents ('indexId','catId','carModelName','carCash','carImage','carAlt','carTitle','carKMH','carWeight','carWheelInch','carColur','info')
        VALUES (".$catId.",".$_GET['carModelName'].",".$_GET['carCash'].",".$carUrlName.",".$carAlt.",".$carTitle.",".$carKMH.",".$carWeight.",".$carWheelInch.",".$carColur.",".$info.")

        ");

    }
}       
?>

Update 2

<?php
$catId = isset($_GET['catId']) ? $_GET['catId'] : "";
$carModelName = isset($_GET['carModelName']) ? $_GET['carModelName'] : "";
$carCash = isset($_GET['carCash']) ? $_GET['carCash'] : "";
$carAlt = isset($_GET['carAlt']) ? $_GET['carAlt'] : "";
$carTitle = isset($_GET['carTitle']) ? $_GET['carTitle'] : "";
$carKMH = isset($_GET['carKMH']) ? $_GET['carKMH'] : "";
$carWeight = isset($_GET['carWeight']) ? $_GET['carWeight'] : "";
$carWheelInch = isset($_GET['carWheelInch']) ? $_GET['carWheelInch'] : "";
$carColur = isset($_GET['carColur']) ? $_GET['carColur'] : "";
$info = isset($_GET['info']) ? $_GET['info'] : "";
if(isset($_GET['submit'])){

        mysql_query("

        INSERT INTO contents ('indexId','catId','carModelName','carCash','carImage','carAlt','carTitle','carKMH','carWeight','carWheelInch','carColur','info')
        VALUES (".$catId.",".$_GET['carModelName'].",".$_GET['carCash'].",tryImg.png,".$carAlt.",".$carTitle.",".$carKMH.",".$carWeight.",".$carWheelInch.",".$carColur.",".$info.")

        ");

}       
?>

1条回答
时光不老,我们不散
2楼-- · 2019-08-30 06:55

For each variable in get, check if the variable was set before using it in mysql insert statement.

$variable = (isset($_GET['variable'])) ? $_GET['variable'] : "";

And do not insert indexId, it will be incremented automatically, you can just drop it from query statement.

mysql_query("

INSERT INTO contents ('catId','carModelName','carCash','carImage','carAlt','carTitle','carKMH','carWeight','carWheelInch','carColur','info')
VALUES (".$_GET['catId'].",".$_GET['carModelName'].",".$_GET['carCash'].",".$carImage_.",".$_GET['carAlt'].",".$_GET['carTitle'].",".$_GET['carKMH'].",".$_GET['carWeight'].",".$_GET['carWheelInch'].",".$_GET['carColur'].",".$_GET['info'].")

");

Update

When a user leave a field empty,

isset($_GET['that-field'])

returns false, i.e. value not set.

else isset returns true, i.e. user set the value for that variable.

So you cannot use $_GET['var'] without knowing var was given some value or not. If user did not give any value, you will have to set it yourself before entering it to database.

So use,

if(isset($_GET['variable'])){
   $variable = $_GET['variable'];
} else{
   $variable = "";
}

You will have to do it for all variables, before you run the mysql query, and use '$variable' there instead of $_GET['variable'].

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)