Used to display error messages and success messages, you can also directly echo the error message, here I just want my error information page beautiful point, defined a page output function bale.
Copy Code code as follows:
<?php
savecomment.php//Everyone should not look at the comments, after reading this article, and then look back
Require ("config.php");
Mysql_connect ($servername, $dbusername, $dbpassword) or Die ("database connection failed");
$name =$_post[' name '];
$content =$_post[' content '];
$blogid =$_post[' blogID '];
$datearray =getdate (Time ());
$date =date ("y-m-d h:i:s", $datearray [0]);
if (!empty ($name) &&!empty ($content)) {
Use the empty function to determine if the form is not empty then down.
if (strlen ($name) > 20) {
The length of $name is judged by the non null judgment.
Error ("name more than 20 bytes (20 English or 10 Chinese characters) <br>");
}
F (!is_numeric ($_post[' blogID ')) {
Error ("Hidden data has been illegally modified, please return to <br>");
}
Since $blogid is to be placed in select, this variable is used to indicate which article the comment belongs to, it is of type int, although it is a hidden variable, but the attacker can also modify the remote commit locally, so we need to check the type before putting it in the select.
$blogsql = "SELECT * from $comment _table Where blogid= $blogid"
$blogresult = Mysql_db_query ($dbname, $blogsql);
$blog = Mysql_fetch_array ($blogresult);
if (strlen ($name) = = strlen ($blog [name]) && strlen ($content) = = strlen ($blog [content])) {
Query the length of the two fields in the database, because the name may be the same length, but two are the same probability of appearing in the same situation is quite small, so use && judgment.
Error ("You want to submit the content of the comments already exist, please return to <br>");
}
Here we start to judge the time interval. For more detailed instructions, see the post below.
Session_Start ();
if (session_is_registered) && time ()-$_session[' Times ']<60*2} {error ("Sorry, your two-time interval is less than 2 minutes <br& gt; ");
} else {
$sql = "Insert into $comment _table (date,name,content,blogid) VALUES (' $date ', ' $name ', ' $content ', ' $blogid ')"
Mysql_db_query ($dbname, $sql);
Mysql_close ();
$time =time ();
Session_register ("Time");
Succeed ("Comments submitted successfully <br>");
}}
End non-null judgment
Error ("You have not completed all Forms <br>");
?>
Above is a file that records the comment data. The form is as follows:
Copy Code code as follows:
<form action= "savecomment.php" method= "POST" >
<input type= "hidden" name= "blogID" value= "<?= $row [blogid]?>" >
Your name: <input name= "name" type= "text" size= "maxlength=" >
Comments: <textarea name= "Content" cols= "rows=" "8" ></textarea>
<input type= "Submit" name= "Submission" value= "submitted" ></form>
Current 1/2 page
12 Next read the full text
