回答編集履歴
2
mysqli_stmt_bind_param
answer
CHANGED
@@ -144,7 +144,7 @@
|
|
144
144
|
if (!is_null($name) && !is_null($comment)) {
|
145
145
|
$query = 'INSERT INTO `comment_table`(`name`, `comment`, `date`) VALUES(?, ?, ?)';
|
146
146
|
$stmt = mysqli_prepare($link, $query);
|
147
|
-
|
147
|
+
mysqli_stmt_bind_param($stmt, "sss", $name, $comment, $date);
|
148
148
|
$result = mysqli_stmt_execute($stmt);
|
149
149
|
if ($result === FALSE) {
|
150
150
|
$errors[] = '登録に失敗しました';
|
1
見直し
answer
CHANGED
@@ -92,4 +92,110 @@
|
|
92
92
|
</ul>
|
93
93
|
</body>
|
94
94
|
</html>
|
95
|
+
```
|
96
|
+
|
97
|
+
で、さらに直した:
|
98
|
+
|
99
|
+
```php
|
100
|
+
<?php
|
101
|
+
date_default_timezone_set('Asia/Tokyo');
|
102
|
+
$name = null;
|
103
|
+
$comment = null;
|
104
|
+
$date = date("Y-m-d H:i:s");
|
105
|
+
$errors = array();
|
106
|
+
$host = '';
|
107
|
+
$username = '';
|
108
|
+
$passwd = '';
|
109
|
+
$dbname = '';
|
110
|
+
$link = mysqli_connect($host,$username,$passwd,$dbname);
|
111
|
+
|
112
|
+
if($link !== FALSE){
|
113
|
+
mysqli_set_charset($link, 'utf8');
|
114
|
+
$query = 'SELECT name,comment,date FROM comment_table';
|
115
|
+
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
116
|
+
if (isset($_POST['name'])) {
|
117
|
+
if (mb_strlen($_POST['name']) === 0) {
|
118
|
+
$errors['name'] = '名前を入力してください';
|
119
|
+
}
|
120
|
+
elseif (mb_strlen($_POST['name']) > 20) {
|
121
|
+
$errors['name'] = '名前は20文字以内で入力してください';
|
122
|
+
}
|
123
|
+
else {
|
124
|
+
$name = $_POST['name'];
|
125
|
+
}
|
126
|
+
}
|
127
|
+
else {
|
128
|
+
$errors['name'] = '名前を入力してください';
|
129
|
+
}
|
130
|
+
}
|
131
|
+
|
132
|
+
if (isset($_POST['comment']) !== TRUE) {
|
133
|
+
if (mb_strlen($_POST['comment']) === 0) {
|
134
|
+
$errors['comment'] = 'ひとことを入力してください';
|
135
|
+
} elseif (mb_strlen($_POST['comment']) > 20) {
|
136
|
+
$errors['comment'] = 'ひとことは100文字以内で入力してください';
|
137
|
+
} else {
|
138
|
+
$name = $_POST['comment'];
|
139
|
+
}
|
140
|
+
}
|
141
|
+
else {
|
142
|
+
$errors['comment'] = 'ひとことを入力してください';
|
143
|
+
}
|
144
|
+
if (!is_null($name) && !is_null($comment)) {
|
145
|
+
$query = 'INSERT INTO `comment_table`(`name`, `comment`, `date`) VALUES(?, ?, ?)';
|
146
|
+
$stmt = mysqli_prepare($link, $query);
|
147
|
+
mysqli_bind_param($stmt, "sss", $name, $comment, $date);
|
148
|
+
$result = mysqli_stmt_execute($stmt);
|
149
|
+
if ($result === FALSE) {
|
150
|
+
$errors[] = '登録に失敗しました';
|
151
|
+
}
|
152
|
+
}
|
153
|
+
|
154
|
+
$data = array();
|
155
|
+
$query = 'SELECT `name`, `comment`, `date` FROM `comment_table` ORDER BY `date` DESC';
|
156
|
+
$result = mysqli_query($link,$query);
|
157
|
+
|
158
|
+
while($row = mysqli_fetch_array($result)){
|
159
|
+
$data[] = $row;
|
160
|
+
}
|
161
|
+
|
162
|
+
}
|
163
|
+
?>
|
164
|
+
<!DOCTYPE html>
|
165
|
+
<html lang="ja">
|
166
|
+
<head>
|
167
|
+
<meta charset="UTF-8">
|
168
|
+
<title></title>
|
169
|
+
</head>
|
170
|
+
<body>
|
171
|
+
<h1>ひとこと掲示板</h1>
|
172
|
+
<form method="post">
|
173
|
+
<?php if (count($errors) > 0) { ?>
|
174
|
+
<ul>
|
175
|
+
<?php foreach ($errors as $value){ ?>
|
176
|
+
<li><?php echo htmlspecialchars($value, ENT_QUOTES, 'UTF-8'); ?></li>
|
177
|
+
<?php } ?>
|
178
|
+
</ul>
|
179
|
+
<?php } ?>
|
180
|
+
<p>名前 :
|
181
|
+
<input type="text" name="name">
|
182
|
+
ひとこと :
|
183
|
+
<input type="text" name="comment" size="60">
|
184
|
+
<input type="submit" value="送信">
|
185
|
+
</p>
|
186
|
+
</form>
|
187
|
+
|
188
|
+
<ul>
|
189
|
+
<?php if(!empty($data)){ ?>
|
190
|
+
<?php foreach ($data as $values) { ?>
|
191
|
+
<li>
|
192
|
+
<?php echo htmlspecialchars($values['name'],ENT_QUOTES,'UTF-8'); ?>
|
193
|
+
<?php echo htmlspecialchars($values['comment'],ENT_QUOTES,'UTF-8'); ?>
|
194
|
+
<?php echo htmlspecialchars($values['date'],ENT_QUOTES,'UTF-8'); ?>
|
195
|
+
</li>
|
196
|
+
<?php } ?>
|
197
|
+
<?php } ?>
|
198
|
+
</ul>
|
199
|
+
</body>
|
200
|
+
</html>
|
95
201
|
```
|