WAMP - PHP/MySQL - 为什么我的 POST 调用被破坏
编辑:损坏已修复 - 主要问题似乎是 php/mysql 连接
在尝试学习如何在网页上使用 MySQL 数据库时,我正在遵循通过 PHP 连接到 MySQL 实例的基本教程(全部通过管理) WAMP2)
教程:http://www.freewebmasterhelp.com/tutorials/phpmysql/4使用 PHP_SELF 方法(据我所知,该方法现在已被弃用)。
我尝试了一些我发现的其他建议,但我找不到在 apache 日志中看到的以下错误的解决方案:
(20024)The given path is misformatted or contained invalid characters: Cannot map POST /%3C$SEARCH.PHP%3E HTTP/1.1 to file, referer: http://localhost/search.php
此错误阻止返回 HTML 页面,并且我收到 403 错误在我的浏览器中,
这行 HTML/PHP 似乎是罪魁祸首:
<form name="search" method="post" action="<?=$PHP_SELF?>">
我看到了一些建议,说要么打开 Short_open_tag (根据某些人的说法,这是一个坏主意),要么更改
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
我无法让这些方法中的任何一个起作用,并且想知道是否有人可以让我知道这次我错过了什么愚蠢的事情......
我正在使用的整个 php 文件是:
<?php
// // This is only displayed if they have submitted the form
if ($searching =="yes")
{
echo "<h2>Results</h2><p>";
//If they did not enter a search term we give them an error
if ($find == "")
{
echo "<p>You forgot to enter a search term";
exit;
}
include("dbinfo.php");
mysql_connect($host,$username,$password);
mysql_select_db("database") or die(mysql_error());
// We preform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);
//Now we search for our search term, in the field the user specified
$data = mysql_query("SELECT * FROM main WHERE upper($field) LIKE'%$find%'");
//And we display the results
while($result = mysql_fetch_array( $data ))
{
echo $result['Item1'];
echo " ";
echo $result['Item2'];
echo "<br>";
echo "<br>";
}
//This counts the number or results - and if there wasn't any it gives them a little message explaining that
$anymatches=mysql_num_rows($data);
if ($anymatches == 0)
{
echo "Sorry, but we can not find an entry to match your query<br><br>";
}
//And we remind them what they searched for
echo "<b>Searched For:</b> " .$find;
}
?>
<h2>Search</h2>
<form name="search" method="post" action="<?=$PHP_SELF?>">
Seach for: <input type="text" name="find" /> in
<Select NAME="field">
<Option VALUE="item1">Item1</option>
<Option VALUE="item2">Item2</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>
EDIT: Mangling is fixed - primary issue appears to be the php/mysql connection
In an attempt to learn how to use a MySQL db on a webpage, I'm following a basic tutorial for connecting to a MySQL instance via PHP (all managed through WAMP2)
The tutorial: http://www.freewebmasterhelp.com/tutorials/phpmysql/4 uses a PHP_SELF method (that I understand is now depreciated).
I've tried a few other suggestions that I've found doted around, but I can't find resolution to the following error I see in the apache log:
(20024)The given path is misformatted or contained invalid characters: Cannot map POST /%3C$SEARCH.PHP%3E HTTP/1.1 to file, referer: http://localhost/search.php
This error prevents the HTML page from being returned, and I get a 403 error in my browser
It appears that this line of HTML/PHP is the culprit:
<form name="search" method="post" action="<?=$PHP_SELF?>">
I have seen suggestions that say to either turn on short_open_tag (a bad idea according to some), change the
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
I can't get any of these methods to work, and wondered if anyone could let me know what dumb thing I've missed this time...
The whole php file I am using is:
<?php
// // This is only displayed if they have submitted the form
if ($searching =="yes")
{
echo "<h2>Results</h2><p>";
//If they did not enter a search term we give them an error
if ($find == "")
{
echo "<p>You forgot to enter a search term";
exit;
}
include("dbinfo.php");
mysql_connect($host,$username,$password);
mysql_select_db("database") or die(mysql_error());
// We preform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);
//Now we search for our search term, in the field the user specified
$data = mysql_query("SELECT * FROM main WHERE upper($field) LIKE'%$find%'");
//And we display the results
while($result = mysql_fetch_array( $data ))
{
echo $result['Item1'];
echo " ";
echo $result['Item2'];
echo "<br>";
echo "<br>";
}
//This counts the number or results - and if there wasn't any it gives them a little message explaining that
$anymatches=mysql_num_rows($data);
if ($anymatches == 0)
{
echo "Sorry, but we can not find an entry to match your query<br><br>";
}
//And we remind them what they searched for
echo "<b>Searched For:</b> " .$find;
}
?>
<h2>Search</h2>
<form name="search" method="post" action="<?=$PHP_SELF?>">
Seach for: <input type="text" name="find" /> in
<Select NAME="field">
<Option VALUE="item1">Item1</option>
<Option VALUE="item2">Item2</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
避免使用短标签,它们已经过时了,请确保使用:
加载页面时表单的 html 是什么样子?
编辑:
在审查了我的答案之后,我想稍微改一下,因为它们并不是“过时”的,但它们通常确实会引起问题(对于那些不知道如何完全设置 php 的人),所以对于初学者我建议避免使用它们。
Avoid shortags, they are out of date, make sure to be using:
What does the form's html look like when you load the page?
EDIT:
After reviewing my answer I'd like to rephrase it a bit, as they are not "out of date" per say, but they generally do cause problems (for those that don't know how to set up php fully), so for beginners I'd suggest avoiding them.
我确信这可能是糟糕的设计,但在这种情况下我总是对脚本名称进行硬编码(因此,只是
action="search.php")。I'm sure this is probably bad design, but I've always just hard-coded the script name in cases like that (so, just
action="search.php").$_SERVER['PHP_SELF'] 变量包含 php 脚本的完整路径,例如:
/your_server_path/your_file_name.php
显然,启动时,您的脚本找不到该文件,因为它正在寻找类似的内容
/your_server_path/your_server_path/your_file_name.php
尝试执行以下操作:
The $_SERVER['PHP_SELF'] variable contains the full path of your php script, for example:
/your_server_path/your_file_name.php
Obviously, when launched, your script can't find the file because it's looking for something like
/your_server_path/your_server_path/your_file_name.php
Try to do something like this: