与我的PHP老师有趣的讨论 [英] Interesting Discussion with my PHP Teacher

问题描述

我正在做一个网站开发课程，在练习期间我的老师

让我在家里做我遇到了错误。令人惊讶的是，在课堂上进行练习的那些人没有收到这些错误。我告诉他

关于错误，我们得出结论，这是因为运行php 4.3.2的类中的

计算机而我的计算机运行的是php 4.3.6。

然而我被告知我解决问题的方式是uneligant代码。他说

我不应该按照我的方式进行编码，即使我根据示例编写代码

我从各种php网站上读取，因为如果表单我会遇到麻烦

传递了许多变量，或者我必须在文件之间传递变量。我认为我这样做的方式是正确，干净，整洁的方式，

但我被告知这是新学习php编码器的方式所以他们可以理解，我不应该这样做。有问题的代码行是

以下。


教师代码：


< ？php


//如果没有输入所有字段，则返回输入页面

//标题重定向必须出现在页面顶部的任何屏幕之前

输出

if（（！$ _ POST [product_no]）||（！$ _ POST [product_name]）||（！$ _ POST [unit]）|| < br $>
（！$ _ POST [unit_price]）||（！$ _ POST [查询]））{

header（''Location：add_record.htm''）;

退出;

}


//从主机名，用户名，密码上的包含文件获取连接信息，

和数据库名称

include（''connect_info.php''）;


//连接MySQL服务器并在变量<中存储连接信息br $>
$ connection

$ connection = @mysql_connect（$ hostname，$ username，$ password）或

die（''无法连接MySQL服务器。''）;


//选择数据库并存储连接变量$ db_selected中的离子信息

$ db_selected = @mysql_select_db（$ db_name，$ connection）或死（''不能

连接到数据库。''）;


//构造SQL语句

$ sql_statement =" INSERT INTO product_table（product_no，product_name，

unit，unit_price，inquiry ）VALUES（''$ _POST [product_no]''，

''$ _POST [product_name]''，''$ _POST [unit]''，''$ _POST [unit_price]'' ，

''$ _POST [查询]''）" ;;


//执行SQL语句插入记录

@mysql_query（$ sql_statement，$ connection）或死（''无法查询表'。'）;


？>

----- -------------------------------------------------- ---------------------

---------

php中导致的错误4.3.6由此代码：


注意：使用未定义的常量product_no - 假设''product_no''在

C：\ Inetpub \ wwwroot中第5行上的\\ class_work\original_do_add_reco rd.php


注意：使用未定义的常量product_name - 假设''product_name''在

C：\中第5行的Inetpub \ www.root \class_work\original_do_add_reco rd.php

注意：使用未定义的常量单位 - 假定''单位''

C：\ Inetpub \ www.root \class_work \ original_do_add_reco rd.php第5行


注意：使用未定义的常量unit_price - 假设''unit_price''在

C：\ Inetpub \ www.root \class_work \ original_do_add_reco rd.php第5行


注意：使用未定义的常量查询 - 假设''查询''在

C：\ Inetpub \ www.root \class_work \ original_do_add_reco rd.php第5行

----------- -------------------------------------------------- -----------

我的代码：

<？php


$ product_no = $ _P OST [ product_no]; //这是老师不喜欢的

代码的一部分

$ product_name = $ _POST [''product_name''];

$ unit = $ _POST [''unit''];

$ unit_price = $ _POST [''unit_price''];

$ inquiry = $ _POST [''查询''];​​

//如果没有输入所有字段，则返回输入页面

//标题重定向必须出现在页面顶部的任何屏幕之前

输出

if（！$ product_no ||！$ product_name ||！$ unit ||！$ unit_price ||！$ inquiry）

{

header（''Location：add_record.htm''）;

退出;

}


//从主机名，用户名，密码，

和数据库名称获取包含文件的连接信息

include（''connect_info.php''）;


//连接MySQL服务器并在变量中存储连接信息

$ connection

$ connection = @mysql_connect（$ hostname， $ username，$ password）或

die（''无法连接到MySQL服务器。'）;


//选择数据库并在变量$ db_selected中存储连接信息

$ db_selected = @mysql_select_db（$ db_name，$ connection）或死（''不能

连接到数据库。'）;


//构造SQL语句

$ sql_statement =" INSERT INTO product_table（product_no，product_name，

unit，unit_price，inquiry）VALUES（''product_no''，''$ product_name ''，''$ unit''，

''$ unit_price''，''$ inquiry''）" ;;


//执行要插入记录的SQL语句

@mysql_query（$ sql_statement，$ connection）或死（''无法查询表。''）;


？>

------------------------------------------ ----------------------------------

-------


那么我的代码真的那么糟糕吗？如果我的方式

真的那么糟糕，我怎样才能让代码工作？我认为老师的代码在php 4.3.6中给我

错误的原因是因为代码没有引用发布的表格

值。例如$ _POST [product_no]而不是$ _POST [''product_no'']。

这可以很容易地在第5行发生错误，但是我无法修复

它是否构造了sql语句，因为引号太多。

例如：


$ sql_statement =" INSERT INTO product_table （product_no，product_name，unit，

unit_price，inquiry）VALUES（'$ _POST [product_no]''，''$ _POST [product_name]''，

' '$ _POST [unit]''，''$ _ POST [unit_price]''，''$ _POST [查询]''）" ;;


需要：


$ sql_statement =" INSERT INTO product_table（product_no，product_name，unit，

unit_price，inquiry）VALUES（''$ _POST [''product_no''] ''，

''$ _POST [''product_name'']''，''$ _POST [''unit'']''，''$ _POST [''unit_price''] ''，

''$ _POST [''查询'']''）" ;;


当然会给你一个解析错误。


我急切地等待着大家对此的看法:)


-

-Robert Smith

----------------------- -------------------------------------------------- ---

---------------------------------

如果您希望通过电子邮件回复，请从我的电子邮件地址中删除''nospam。''。

I''m doing a website development course and during an exercise my teacher
gave me to do at home I was confronted with errors. Surprisingly, those
that did the exercise in class did not receive these errors. I told him
about the errors and we concluded that this was happening due to the
computers in class running php 4.3.2 and my computer is running php 4.3.6.
However I was told the way I solved the problem was uneligant code. He said
I should not code the way I did, even though I based the code from examples
I read from various php websites, because I would have trouble if a form
passed many variables, or if I had to pass variables between files. I
thought the way I was doing it was the correct, neat and tidy way to do it,
but I was told that it was the way new learning php coders do it so they can
understand, and I shouldn''t do it that way. The line of code in question is
below.

The Teacher''s code:

<?php

//return to input page if not all fields have been entered
//header redirection must appear at the top of the page before any screen
output
if ((!$_POST[product_no]) || (!$_POST[product_name]) || (!$_POST[unit]) ||
(!$_POST[unit_price]) || (!$_POST[enquiry])) {
header(''Location: add_record.htm'');
exit;
}

//get connection info from include file on hostname, username, password,
and database name
include(''connect_info.php'');

//connect to MySQL server and store connection info in the variable
$connection
$connection = @mysql_connect($hostname, $username, $password) or
die(''Cannot connect to MySQL server.'');

//select database and store connection info in the variable $db_selected
$db_selected = @mysql_select_db($db_name, $connection) or die(''Cannot
connect to database.'');

//construct SQL statement
$sql_statement = "INSERT INTO product_table(product_no, product_name,
unit, unit_price, enquiry) VALUES (''$_POST[product_no]'',
''$_POST[product_name]'', ''$_POST[unit]'', ''$_POST[unit_price]'',
''$_POST[enquiry]'')";

//execute SQL statement to insert record
@mysql_query($sql_statement, $connection) or die(''Cannot query table.'');

?>
----------------------------------------------------------------------------
---------
Errors caused in php 4.3.6 by this code:

Notice: Use of undefined constant product_no - assumed ''product_no'' in
C:\Inetpub\wwwroot\class_work\original_do_add_reco rd.php on line 5

Notice: Use of undefined constant product_name - assumed ''product_name'' in
C:\Inetpub\wwwroot\class_work\original_do_add_reco rd.php on line 5

Notice: Use of undefined constant unit - assumed ''unit'' in
C:\Inetpub\wwwroot\class_work\original_do_add_reco rd.php on line 5

Notice: Use of undefined constant unit_price - assumed ''unit_price'' in
C:\Inetpub\wwwroot\class_work\original_do_add_reco rd.php on line 5

Notice: Use of undefined constant enquiry - assumed ''enquiry'' in
C:\Inetpub\wwwroot\class_work\original_do_add_reco rd.php on line 5
------------------------------------------------------------------------
My code:
<?php

$product_no = $_POST[''product_no'']; // This is the part of the
code the teacher didnt like
$product_name = $_POST[''product_name''];
$unit = $_POST[''unit''];
$unit_price = $_POST[''unit_price''];
$enquiry = $_POST[''enquiry''];
//return to input page if not all fields have been entered
//header redirection must appear at the top of the page before any screen
output
if (!$product_no || !$product_name || !$unit || !$unit_price || !$enquiry)
{
header(''Location: add_record.htm'');
exit;
}

//get connection info from include file on hostname, username, password,
and database name
include(''connect_info.php'');

//connect to MySQL server and store connection info in the variable
$connection
$connection = @mysql_connect($hostname, $username, $password) or
die(''Cannot connect to MySQL server.'');

//select database and store connection info in the variable $db_selected
$db_selected = @mysql_select_db($db_name, $connection) or die(''Cannot
connect to database.'');

//construct SQL statement
$sql_statement = "INSERT INTO product_table(product_no, product_name,
unit, unit_price, enquiry) VALUES (''$product_no'', ''$product_name'', ''$unit'',
''$unit_price'', ''$enquiry'')";

//execute SQL statement to insert record
@mysql_query($sql_statement, $connection) or die(''Cannot query table.'');

?>
----------------------------------------------------------------------------
-------

So is my code really that bad? How can I get the code to work if my way
really is that bad? I think the reason why the teacher''s code is giving me
errors in php 4.3.6 is because the code does not quote in the posted form
values. For example $_POST[product_no] instead of $_POST[''product_no''].
This can be easily fixed on line 5 where the error occurs, but I can''t fix
it wher the sql statement is constructed because there are too many quotes.
For example:

$sql_statement = "INSERT INTO product_table(product_no, product_name, unit,
unit_price, enquiry) VALUES (''$_POST[product_no]'', ''$_POST[product_name]'',
''$_POST[unit]'', ''$_POST[unit_price]'', ''$_POST[enquiry]'')";

needs to be:

$sql_statement = "INSERT INTO product_table(product_no, product_name, unit,
unit_price, enquiry) VALUES (''$_POST[''product_no'']'',
''$_POST[''product_name'']'', ''$_POST[''unit'']'', ''$_POST[''unit_price'']'',
''$_POST[''enquiry'']'')";

which of course will give you a parse error.

I eagerly await everyone''s opinions on this :)

--
-Robert Smith
----------------------------------------------------------------------------
---------------------------------
Remove ''nospam.'' from my email address if you wish to reply via email.

推荐答案

_POST [product_no]）|| （！

_POST[product_no]) || (!

_POST [product_name]）|| （！

_POST[product_name]) || (!

_POST [unit]）||

（！

_POST[unit]) ||
(!

这篇关于与我的PHP老师有趣的讨论的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！