在数据库中查找用户名并更改其状态字符串

时间:2016-01-02 05:07:32

标签: php html mysql

我有一个代码用HTML打印播放器的状态,但是我想在旁边添加一个按钮,当我点击它时我想要改变状态。

(有很多玩家在数据库和HTML上,我遇到的问题是,当我点击按钮时,所有玩家的状态都会改变,所以我需要找到一种方法来找到使用按钮通过steamid改变那个玩家的状态,我不知道该怎么做,这里是我试图做的管理面板:http://vanityrp.site.nfoservers.com/apply/admin.php

Admin.php:

<?php
$servername = "localhost";
$username = "------";
$password = "------";
$dbname = "-----";

$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
 die("Connection failed: " . $conn->connect_error);
}

$sql = "SELECT avatar, name, status FROM Apps";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
 // output data of each row
 while($row = $result->fetch_assoc()) {
     echo "
<form action='../apply/steamauth/status.php' method='post'>
<div class='advert'><img src='".$row["avatar"]. "'>\n</div><br>
<div name='username2' class='advert'>Username: ".$row["name"]. "\n<br></div>
<div class='advert'>Status: <font color='orange'>".$row["status"]."</font></div>\n<br>
<input type='submit' value='Deny' name='deny'/>
<input type='submit' value='Accept' name='accept'/>
<input type='submit' value='Remove' name='remove'/>
</form>
<hr> 

";

}
} else {
}
$conn->close();
?>

现在status.php:

<?php
$servername = "localhost";
$username = "-----";
$password = "----";
$dbname = "-----";

$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
 die("Connection failed: " . $conn->connect_error);
}

$denied = $_POST['deny'];
$accepted = $_POST['accept'];
$remove = $_POST['remove'];
$username = $_POST['username2'];

if($accepted){
$sql = "UPDATE Apps SET status = replace(status,'Pending','Accepted.');";
$sql = "UPDATE Apps SET status = replace(status,'Denied','Accepted.');";
}elseif($denied){
$sql = "UPDATE Apps SET status = replace(status,'Pending','Denied.');";
$sql = "UPDATE Apps SET status = replace(status,'Accepted','Denied.');";
}elseif($remove){
#$sql = "DELETE FROM Apps WHERE id=$username";
}
$result = $conn->query($sql);

if ($conn->query($sql) === TRUE) {
echo "App has been denied/accepted successfully.";

header( "refresh:3;url=http://vanityrp.site.nfoservers.com/apply/admin.php" );
} else {
echo "Error: " . $sql . "<br>" . $conn->error;

header("refresh:3;url=http://vanityrp.site.nfoservers.com/apply/admin.php");
}

?>

4 个答案:

答案 0 :(得分:0)

在代码中尝试以下更改

<form action='../apply/steamauth/status.php' method='post'>
<div class='advert'><img src='".$row["avatar"]. "'>\n</div><br>
<input type="hidden" name="userid" value='".$row["id"]."'/> <!--added a hidden variable "user your id column name in value"-->
<div name='username2' class='advert'>Username: ".$row["name"]. "\n<br></div>
<div class='advert'>Status: <font color='orange'>".$row["status"]."</font></div>\n<br>
<input type='submit' value='Deny' name='deny'/>
<input type='submit' value='Accept' name='accept'/>
<input type='submit' value='Remove' name='remove'/>
</form>

和status.php 

$denied = $_POST['deny'];
$accepted = $_POST['accept'];
$remove = $_POST['remove'];
$username = $_POST['username2'];
$id = $_POST['userid']; // get the hidden variable here

if($accepted){
  $sql = "UPDATE Apps SET `status` = 'Accepted.' where id = $id;"; //check the condition
}elseif($denied){
  $sql = "UPDATE Apps SET `status` = 'Denied.' where id = $id;";
}elseif($remove){
  #$sql = "DELETE FROM Apps WHERE id=$username";
}

答案 1 :(得分:0)

我认为这可以解决您的问题:

<?php
$servername = "localhost";
$username = "------";
$password = "------";
$dbname = "-----";

$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
 die("Connection failed: " . $conn->connect_error);
}

$sql = "SELECT id, avatar, name, status FROM Apps";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
 // output data of each row
 while($row = $result->fetch_assoc()) {
     echo "
<form action='../apply/steamauth/status.php' method='post'>
<div class='advert'><img src='".$row["avatar"]. "'>\n</div><br>
<div name='username2' class='advert'>Username: ".$row["name"]. "\n<br></div>
<div class='advert'>Status: <font color='orange'>".$row["status"]."</font></div>\n<br>
<input type='submit' value='".$row["id"]. "' name='deny'/>
<input type='submit' value='".$row["id"]. "' name='accept'/>
<input type='submit' value='".$row["id"]. "' name='remove'/>
</form>
<hr> 

";

}
} else {
}
$conn->close();
?>

+ 

<?php
$servername = "localhost";
$username = "-----";
$password = "----";
$dbname = "-----";

$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
 die("Connection failed: " . $conn->connect_error);
}

$denied = $_POST['deny'];
$accepted = $_POST['accept'];
$remove = $_POST['remove'];
$username = $_POST['username2'];

if($accepted){
$sql = "UPDATE Apps SET status = replace(status,'Pending','Accepted.') WHERE id='".$accepted."';";
$sql = "UPDATE Apps SET status = replace(status,'Denied','Accepted.') WHERE id='".$accepted."';";
}elseif($denied){
$sql = "UPDATE Apps SET status = replace(status,'Pending','Denied.') WHERE id='".$denied."';";
$sql = "UPDATE Apps SET status = replace(status,'Accepted','Denied.') WHERE id='".$denied."';";
}elseif($remove){
#$sql = "DELETE FROM Apps WHERE id={$remove}";
}
$result = $conn->query($sql);

if ($conn->query($sql) === TRUE) {
echo "App has been denied/accepted successfully.";

header( "refresh:3;url=http://vanityrp.site.nfoservers.com/apply/admin.php" );
} else {
echo "Error: " . $sql . "<br>" . $conn->error;

header("refresh:3;url=http://vanityrp.site.nfoservers.com/apply/admin.php");
}

?>

答案 2 :(得分:0)

更改您的查询以选择steamid 

$sql = "SELECT avatar, name, status, steamid FROM Apps";

然后在表单中添加一个隐藏输入,并将steamid作为值。

<input type='hidden' name='steamid' value='".$row['steamid']."' />

然后在你的status.php 

$steamid = $_POST['steamid'];

然后创建预准备语句以帮助防止SQL注入

$sql = "UPDATE Apps SET status = replace(status,'Pending','Accepted.') WHERE steamid = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("i", $steamid);
$stmt->execute();

答案 3 :(得分:-1)

试试这个

  if($accepted){
    $sql = "UPDATE Apps SET status = replace(status,'Pending','Accepted.') WHERE name='".$username."';";
    $sql = "UPDATE Apps SET status = replace(status,'Denied','Accepted.') WHERE name='".$username."';";
    }elseif($denied){
    $sql = "UPDATE Apps SET status = replace(status,'Pending','Denied.') WHERE name='".$username."';";
    $sql = "UPDATE Apps SET status = replace(status,'Accepted','Denied.') WHERE name='".$username."';";
    }elseif($remove){
    #$sql = "DELETE FROM Apps WHERE id={$remove}";
    }
相关问题
最新问题