当我们向数据库插入数据时如果不先进行数据校验就会带来一个“由恶意刷新或者错误操作的非正常数据写入”。如果只是手动刷新插入页,造成的危害是有限的,因为我相信没人能坐在那里用自己稚嫩的小爪子玩命的点击10的N次方“刷新”从而给我的数据库带来灾难。但只要稍微有些脚本编辑常识的人都会通过一种简便的方法来用计算机进行自动刷新,那样可就不好玩了。所以我们要建立一种机制来预防这类事情发生。方法有很多种,有基于HTTP的,也有直接操作数据库的。这次我用的是直接对数据库进行预处理,方法很简单:
1 $sql="insert into matt(first_name, last_name, department, classification, employee_type, date)
2 values('$first_name','$last_name','$department','$classification','$employee_type',now())";
3
4 $sql_check="select count(*) as count_result from matt where first_name like '%".$first_name."%' and last_name like '%".$last_name."%'";
5
6 /* 检查输入框是否为空*/
7
8 switch($first_name)
9 {
10 case is_null($first_name):
11 echo "Please leave you first_name";
12 break;
13 case !is_null($first_name):
14 switch($last_name)
15 {
16 case is_null($last_name):
17 echo "Please leave your last name!";
18 break;
19 case !is_null($last_name):
20 /* 确定数据库内无重复记录 */
21 $check=mysql_query($sql_check);
22 $row=mysql_fetch_array($check);
23 $count_result=$row['count_result'];
24 if($count_result==0)
25 {
26 $result=mysql_query($sql);
27 if($result)
28 {echo "Your information have been submit. <br><strong>This page will be back to homepage in 2 seconds!</strong>";?>
29 <script>
30 setTimeout("window.location='http://www.fhsu.edu/affirm/harassment/submit.php'",1500);
31 </script>
32 <?php }
33 else
34 {echo "sorry, error!";}
35 }
36 else
37 {echo "Someone has the same first/last name with you. <br><strong>This page will be back to homepage in 2 seconds!</strong>";?>
38 <script>
39 setTimeout("window.location='http://www.fhsu.edu/affirm/harassment/submit.php'",1500);
40 </script>
41 <?php }
42 break;
43 }
44 break;
45
2 values('$first_name','$last_name','$department','$classification','$employee_type',now())";
3
4 $sql_check="select count(*) as count_result from matt where first_name like '%".$first_name."%' and last_name like '%".$last_name."%'";
5
6 /* 检查输入框是否为空*/
7
8 switch($first_name)
9 {
10 case is_null($first_name):
11 echo "Please leave you first_name";
12 break;
13 case !is_null($first_name):
14 switch($last_name)
15 {
16 case is_null($last_name):
17 echo "Please leave your last name!";
18 break;
19 case !is_null($last_name):
20 /* 确定数据库内无重复记录 */
21 $check=mysql_query($sql_check);
22 $row=mysql_fetch_array($check);
23 $count_result=$row['count_result'];
24 if($count_result==0)
25 {
26 $result=mysql_query($sql);
27 if($result)
28 {echo "Your information have been submit. <br><strong>This page will be back to homepage in 2 seconds!</strong>";?>
29 <script>
30 setTimeout("window.location='http://www.fhsu.edu/affirm/harassment/submit.php'",1500);
31 </script>
32 <?php }
33 else
34 {echo "sorry, error!";}
35 }
36 else
37 {echo "Someone has the same first/last name with you. <br><strong>This page will be back to homepage in 2 seconds!</strong>";?>
38 <script>
39 setTimeout("window.location='http://www.fhsu.edu/affirm/harassment/submit.php'",1500);
40 </script>
41 <?php }
42 break;
43 }
44 break;
45
动态分页 代码写的很清晰,我就不做细讲了:
1 //预定义变量page
2 if(isset($_GET['page']))
3 { $page=intval($_GET['page']);}
4 else
5 { $page=1;}
6
7 /*页数集算法*/
8 $sql="select count(*) as count from matt";
9 $result=mysql_query($sql);
10 $row=mysql_fetch_array($result);
11 $count=$row['count'];
12 if($count)
13 {
14 switch($count)
15 {
16 case $count<$page_size:
17 $page_count=1;
18 break;
19 case $count%$page_size!=0:
20 $page_count=(int)($count/$page_size)+1;
21 break;
22 case $count%$page_size=0:
23 $page_count=$count/$page_size;
24 break;
25 }
26 }
27 /*分页算法*/
28 switch($page)
29 {
30 case $page==1:
31 $page_string='<a href=?page='.($page+1).'>Next Page</a> | <a href=?page='.$page_count.'>End Page</a>';
32 break;
33 case $page<=$page_count&&$page>1:
34 $page_string='<a href=?page=1>First Page</a> | <a href=?page='.($page-1).'>Previous Page</a> | <a href=?page='.($page+1).'>Next Page</a> | <a href=?page='.$page_count.'>End Page</a>';
35 break;
36 case $page=$page_count:
37 $page_string='<a href=?page=1>First Page</a>|<a href=?page='.($page-1).'>Previous Page</a>|';
38 break;
39
40 }
41
42 $start=($page-1)*$page_size;
43 $sql_result="select * from matt limit $start, $page_size";
44
45 /*生成结果集*/
46 $result=mysql_query($sql_result);
47 while($row=mysql_fetch_array($result))
48 {
49 $id=$row['id'];
50 $first_name=$row['first_name'];
51 $last_name=$row['last_name'];
52 $department=$row['department'];
53 $classification=$row['classification'];
54 $employee_type=$row['employee_type'];
55 $date=$row['date'];
56 ?>
57 <tr>
58 <td align="left" height="20" width="50" bgcolor="#E4E4E4"><font size="2" color="#003366">
59 <?php echo($first_name); ?></font></li></td>
60 <td align="left" height="20" width="50" bgcolor="#E4E4E4"><font size="2"><?php echo($last_name); ?></font></td>
61 <td align="left" height="20" width="100" bgcolor="#E4E4E4"><font size="2"><?php echo($department); ?></font></td>
62 <td align="left" height="20" width="100" bgcolor="#E4E4E4"><font size="2"><?php echo($classification); ?></font></td>
63 <td align="center" height="20" width="100" bgcolor="#E4E4E4"><font size="2"><?php echo($employee_type); ?></font></td>
64 <td align="center" height="20" width="100" bgcolor="#E4E4E4"><font size="2"><?php echo($date); ?></font></td>
65 <td align="center" height="20" width="100" bgcolor="#E4E4E4"><font size="2"><?php echo("<a href=\"delete.php?id=$id\">"."[Delete]"."</a>"); ?></font></td>
66 </tr>
67
68 <?php } ?>
69 </table>
70
71 /*实现分页*/
72 <?php echo $page_string."<p>"."<strong>Toltal Pages:</strong> ".$page_count."<br>"."<strong>Each page will show:</strong>".$page_size." items"; ?>
73
2 if(isset($_GET['page']))
3 { $page=intval($_GET['page']);}
4 else
5 { $page=1;}
6
7 /*页数集算法*/
8 $sql="select count(*) as count from matt";
9 $result=mysql_query($sql);
10 $row=mysql_fetch_array($result);
11 $count=$row['count'];
12 if($count)
13 {
14 switch($count)
15 {
16 case $count<$page_size:
17 $page_count=1;
18 break;
19 case $count%$page_size!=0:
20 $page_count=(int)($count/$page_size)+1;
21 break;
22 case $count%$page_size=0:
23 $page_count=$count/$page_size;
24 break;
25 }
26 }
27 /*分页算法*/
28 switch($page)
29 {
30 case $page==1:
31 $page_string='<a href=?page='.($page+1).'>Next Page</a> | <a href=?page='.$page_count.'>End Page</a>';
32 break;
33 case $page<=$page_count&&$page>1:
34 $page_string='<a href=?page=1>First Page</a> | <a href=?page='.($page-1).'>Previous Page</a> | <a href=?page='.($page+1).'>Next Page</a> | <a href=?page='.$page_count.'>End Page</a>';
35 break;
36 case $page=$page_count:
37 $page_string='<a href=?page=1>First Page</a>|<a href=?page='.($page-1).'>Previous Page</a>|';
38 break;
39
40 }
41
42 $start=($page-1)*$page_size;
43 $sql_result="select * from matt limit $start, $page_size";
44
45 /*生成结果集*/
46 $result=mysql_query($sql_result);
47 while($row=mysql_fetch_array($result))
48 {
49 $id=$row['id'];
50 $first_name=$row['first_name'];
51 $last_name=$row['last_name'];
52 $department=$row['department'];
53 $classification=$row['classification'];
54 $employee_type=$row['employee_type'];
55 $date=$row['date'];
56 ?>
57 <tr>
58 <td align="left" height="20" width="50" bgcolor="#E4E4E4"><font size="2" color="#003366">
59 <?php echo($first_name); ?></font></li></td>
60 <td align="left" height="20" width="50" bgcolor="#E4E4E4"><font size="2"><?php echo($last_name); ?></font></td>
61 <td align="left" height="20" width="100" bgcolor="#E4E4E4"><font size="2"><?php echo($department); ?></font></td>
62 <td align="left" height="20" width="100" bgcolor="#E4E4E4"><font size="2"><?php echo($classification); ?></font></td>
63 <td align="center" height="20" width="100" bgcolor="#E4E4E4"><font size="2"><?php echo($employee_type); ?></font></td>
64 <td align="center" height="20" width="100" bgcolor="#E4E4E4"><font size="2"><?php echo($date); ?></font></td>
65 <td align="center" height="20" width="100" bgcolor="#E4E4E4"><font size="2"><?php echo("<a href=\"delete.php?id=$id\">"."[Delete]"."</a>"); ?></font></td>
66 </tr>
67
68 <?php } ?>
69 </table>
70
71 /*实现分页*/
72 <?php echo $page_string."<p>"."<strong>Toltal Pages:</strong> ".$page_count."<br>"."<strong>Each page will show:</strong>".$page_size." items"; ?>
73
效果图:
