>end Web开发人员,我得到了另一个团队完成的CMS,我必须与我的前端链接。我做了一些修改,但由于我缺乏 php 知识,我在这里遇到了一些问题。
我的用户可以填写一个表单,其中 1 个文本字段要求提供他们的照片链接。我想检查输入的值是否等于我想要的值,然后我将查询插入默认头像照片链接到mysql进行处理。
我在 PHP 上尝试过的代码
// check if the variable $photo is empty, if it is, insert the default image link
if($photo = ""){
$photo="images/avatarDefault.png";
}
似乎不起作用
<?php
if($_SERVER["REQUEST_METHOD"] === "POST")
{
//Used to establish connection with the database
include 'dbAuthen.php';
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
//Used to Validate User input
$valid = true;
//Getting Data from the POST
$username = sanitizeInput($_POST['username']);
$displayname = sanitizeInput($_POST['displayname']);
$password = sanitizeInput($_POST['password']);
//hash the password using Bcrypt - this is to prevent
//incompatibility from using PASSWORD_DEFAULT when the default PHP hashing algorithm is changed from bcrypt
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
//Determining Type of the User
//if B - User is student
//if A - User is adin
if($_POST['type'] == 'true')
$type = 'B';
else
$type = 'A';
$email = sanitizeInput($_POST['email']);
$tutorGroup = sanitizeInput($_POST['tutorGroup']);
$courseID = sanitizeInput($_POST['courseID']);
$description = sanitizeInput($_POST['desc']);
$courseYear = date("Y");
$website = sanitizeInput($_POST['website']);
$skillSets = sanitizeInput($_POST['skillSets']);
$specialisation = sanitizeInput($_POST['specialisation']);
$photo = sanitizeInput($_POST['photo']);
// this is what i tried, checking if the value entered is empty, but doesn't work
if($photo = ""){
$photo="images/avatarDefault.png";
}
$resume = sanitizeInput($_POST['resume']);
//Validation for Username
$sql = "SELECT * FROM Users WHERE UserID= '$username'";
if (mysqli_num_rows(mysqli_query($con,$sql)) > 0){
echo 'User already exists! Please Change the Username!<br>';
$valid = false;
}
if($valid){
//Incomplete SQL Query
$sql = "INSERT INTO Users
VALUES ('$username','$displayname','$hashed_password','$type','$email', '$tutorGroup', ";
//Conditionally Concatenate Values
if(empty($courseID))
{
$sql = $sql . "NULL";
}
else
{
$sql = $sql . " '$courseID' ";
}
//Completed SQL Query
$sql = $sql . ", '$description', '$skillSets', '$specialisation', '$website', '$courseYear', '$photo', '$resume', DEFAULT)";
//retval from the SQL Query
if (!mysqli_query($con,$sql))
{
echo '*Error*: '. mysqli_error($con);
}
else
{
echo "*Success*: User Added!";
}
}
//if student create folder for them
if ($type == 'B')
{
//Store current reporting error
$oldErrorReporting = error_reporting();
//Remove E_WARNING from current error reporting level to prevent users from seeing code
error_reporting($oldErrorReporting ^ E_WARNING);
//Set current reporting error();
error_reporting($oldErrorReporting);
}
mysqli_close($con);
}
}
function sanitizeInput($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
我尝试在MySQL上找到一种插入默认值的方法,但这似乎是不可能的,所以我别无选择,只能通过PHP查询插入。
我有逻辑,但我不确定如何在 php 上实现我缺乏知识,我正在考虑检查1) 如果照片链接没有.png/.jpg字样,$photo != ".png"
2)如果照片链接长度太低$.photo.length < 10
有人可以帮助我查看代码并告诉我我做错了什么吗?谢谢!
使用默认值的一种非常简单的方法可能是:
$photo = isset($photo) ? $photo : 'images/avatarDefault.png' ;
它的工作原理是它首先询问照片是否已设置,如果是,请使用所有现成的插入值,否则插入您的默认值,
另一种(非常相似)使用的方法:
$photo = !empty($photo) ? $photo : 'images/avatarDefault.png' ;
更新
检查它是否包含某个"扩展名"将是一个简单的重写
$photo = preg_match('#'b(.jpg|.png)'b#', $photo ) ? $photo : "images/avatarDefault.png" ;
这样,它会检查$photo中的文本/图像链接是否包含.png文件类型,如果没有,则会插入您的默认图像
我注意到的第一件事是使用 double =
if($photo == ""){
//...
}