|
<?php include_once("conn.php");
function filterTextarea($source) { $source = htmlspecialchars(trim($source)); $source = str_replace("\r\n", "<br>", $source); return $source; } ?> <!doctype html> <html> <head> <title>Form</title> <script> function checkForm() { // stop submitting if the content is empty var textarea = document.getElementById("content"); var content = textarea.value; if (content == ""){ textarea.focus(); return false; } } </script> </head>
<body> <?php if (isset($_POST["content"])) { // if the form has been submitted $content = filterTextarea($_POST["content"]); if (mb_strlen($content) >= 500) { echo "The content is too long."; } else { $sql = "INSERT INTO Contents (Content, TimeCreated) VALUES (:content, NOW())"; $stmt = $dbh->prepare($sql); $stmt->bindParam(":content", $content); $stmt->execute(); if ($stmt->rowCount()) { echo "Your content has been successfully saved."; } else { echo "An error occurred when saving your content."; } } } else { ?> <form onsubmit="return checkForm()" method="post"> <label>Content:</label><br> <textarea style="width:300px;height:100px" id="content" name="content"></textarea><br> <button>Submit</button> </form> <?php } ?> </body> </html>
|
|
插入的一條數據例子: <script><br>hablar
|
|
數據表: CREATE TABLE `Contents` (
`ContentID` int(11) NOT NULL AUTO_INCREMENT,
`Content` varchar(500) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`TimeCreated` datetime NOT NULL,
PRIMARY KEY (`ContentID`)
) ENGINE=InnoDB AUTO_INCREMENT=17 DEFAULT CHARSET=latin1
|
|
CONN: <?php define("DB_PW", "密碼");
try { $dbh = new PDO("mysql:host=localhost;dbname=test", "用戶名", DB_PW, array(PDO::ATTR_PERSISTENT => true)); } catch (PDOException $e) { trigger_error($e->getMessage(), E_USER_ERROR); } ?>
|
|
<?php include_once("conn.php"); ?> <!doctype html> <html> <head> <title>View</title> </head>
<body> <?php $sql = "SELECT * FROM Contents ORDER BY ContentID ASC"; $stmt = $dbh->query($sql); ?> <ol> <?php foreach ($stmt as $row): ?> <li><?php echo $row["Content"]; ?></li> <?php endforeach; ?> </ol> </body> </html>
|
|
<!doctype html>
<html>
<head>
<title>View</title>
</head>
<body>
<ol>
<li>Array</li>
<li>firebird, mysql, odbc, pgsql, sqlite</li>
<li>Initiates a transaction</li>
<li>數據表中已經有相同的內容了。</li>
<li>Oh baaaaah!</li>
<li>Parse error: syntax error, unexpected '/' in /var/www/html/temp/11330/2.php on line 27</li>
<li>295956</li>
<li>744210</li>
<li>1740</li>
<li>997732</li>
<li>856175</li>
<li>120648</li>
<li>76537</li>
<li>248696</li>
<li>779802</li>
<li>d<script><br>hablar</li>
</ol>
</body>
</html>
|
|
<!doctype html> <html> <head> <title>View</title> </head>
<body> <ol> <li>Array</li> <li>firebird, mysql, odbc, pgsql, sqlite</li> <li>Initiates a transaction</li> <li>數據表中已經有相同的內容了。</li> <li>Oh baaaaah!</li> <li>Parse error: syntax error, unexpected '/' in /var/www/html/temp/11330/2.php on line 27</li> <li>295956</li> <li>744210</li> <li>1740</li> <li>997732</li> <li>856175</li> <li>120648</li> <li>76537</li> <li>248696</li> <li>779802</li> <li>d<script><br>hablar</li> </ol> </body> </html>
|
|
解決時區問題和中文亂碼問題: <?php define("DB_PW", "密碼");
date_default_timezone_set("Etc/GMT"); // Time zone for date library in PHP
mb_internal_encoding("UTF-8"); // Charset for mbstring library in PHP
try { $dbh = new PDO("mysql:host=localhost;dbname=test", "用戶名", DB_PW, array(PDO::ATTR_PERSISTENT => true)); $dbh->exec("SET time_zone = '+0:00'"); $dbh->exec("SET names utf8"); } catch (PDOException $e) { trigger_error($e->getMessage(), E_USER_ERROR); } ?>
|
|
|