更新“通过并确认”表单
来自其私人区域的用户向我发送更新自己级别的请求。 从底层开始,有三种类型的级别,'utente','delegato'和超级用户。
我实际上已准备好'utente'级别和'delegato'级别页面,通过填写一个简单的表单,他们将名为upgrade_liv的字段从'no'(默认值)更新为'si'。< / p>
我构建了一个php页面,我得到了这些请求(我自然是超级用户);通过我看到所有在upgrade_liv字段中具有值'si'的用户,我用数组构建它。这是形式:
$query_ver_liv_up="SELECT * from utenti WHERE upgrade_liv = 'si' order by id";
$result_ver_liv_up= mysql_query($query_ver_liv_up);
$utente_piu = 'delegato';
$delegato_piu = 'superuser';
// tabella upgrade
echo '<table border="1" width="1260px" style="margin-left:auto; margin-right:auto;">';
echo '<tr bgcolor="#bcc500"><td style="border: black 0px solid" height="30px"><b><center>UPGRADE LIVELLO UTENTI</center></b></td></tr>';
echo '</table>';
echo '<table border="1" width="1260px" style="margin-left:auto; margin-right:auto; margin-top:5px;">';
echo '<form method="post" name="ver_liv_upg_yes">';
echo '<tr bgcolor="#bb6500">';
echo '<td width="100px" style="border: black 1px solid"><center><b>Numero id</center></b></td>';
echo '<td width="300px" style="border: black 1px solid"><center><b>Nome e cognome</b></center></td>';
echo '<td width="120px" style="border: black 1px solid"><center><b>Livello</b></center></td>';
echo '<td width="120px" style="border: black 1px solid"><center><b>Upgrade</b></center></td>';
echo '<td width="180px" style="border: black 1px solid"><center><b>Livello richiesto</b></center></td>';
echo '<td width="120px" style="border: black 1px solid"><center><b>Pass</b></center></td>';
echo '<td width="120px" style="border: black 1px solid"><center><b>Conferma</b></center></td>';
echo '<td width="100px" style="border: black 1px solid"><center><b>Approva</b></center></td>';
echo '<td width="100px" style="border: black 1px solid"><center><b>Nega</b></center></td>';
echo '</tr>';
while($row_ver_liv_up = mysql_fetch_array($result_ver_liv_up))
{
echo '<tr>';
echo '<td style="border: black 1px solid"><center>'.$row_ver_liv_up['id']."</center></td>";
echo '<td style="border: black 1px solid"><center>'.$row_ver_liv_up['nome']." " .$row_ver_liv_up['cognome']."</center></td>";
echo '<td style="border: black 1px solid"><center>'.$row_ver_liv_up['tipo_user']."</center></td>";
echo '<td style="border: black 1px solid"><center>'.$row_ver_liv_up['upgrade_liv']."</center></td>";
echo '<td style="border: black 1px solid"><center>';
if ($row_ver_liv_up['tipo_user'] == 'utente'){
echo $utente_piu;}
if ($row_ver_liv_up['tipo_user'] == "delegato"){
echo $delegato_piu;}
echo '</center></td>';
echo '<td style="border: black 1px solid"><center>
<input name="pass" type="password" id="pass" value="" onfocus="if(this.value==\'pass\') this.value=\'\';" /></center></td>';
echo '<td style="border: black 1px solid"><center>
<input name="conferma" type="password" id="conferma" value="" onfocus="if(this.value==\'conferma\') this.value=\'\';" /></center></td>';
echo '<td style="border: black 1px solid"><center><input style="width: 100px;" name="ver_liv_upg_yes" type="submit" value="Approva" /></center></td>';
echo '<td style="border: black 1px solid"><center><input style="width: 100px;" name="ver_liv_upg_no" type="submit" value="Nega" /></center></td>';
echo '</tr>';
}
echo '</form>';
echo '</table>';
我使用的代码是:
if(isset($_POST['ver_liv_upg_yes']))
{
$pass = (isset($_POST['pass'])) ? trim($_POST['pass']) : '';
$conferma = (isset($_POST['conferma'])) ? trim($_POST['conferma']) : '';
$query = mysql_query("SELECT * FROM utenti WHERE id = '" . $_SESSION['login'] . "' LIMIT 1");
$loggato = $_SESSION['login'];
// Controllo la Password
$pass = $_POST['pass'];
if($pass == ""){echo'Campo password non compilato!<br>'; exit();}
elseif(strlen($pass) < 4 || strlen($pass) > 12)
{echo('Password troppo corta o troppo lunga<br>');exit(); }
// Controllo la conferma della Password
$conferma = $_POST['conferma'];
if($conferma == ""){echo'Campo conferma password non compilato!<br>'; exit();}
elseif(strlen($conferma) < 4 || strlen($conferma) > 12)
{echo('Conferma della password troppo corta o troppo lunga<br>');exit(); }
// Controllo se password e conferma sono uguali
if($pass != $conferma){echo'I campi password e conferma password devono coincidere!<br>';exit();}
$query_pass = mysql_query("SELECT pass FROM utenti WHERE id = '" . $_SESSION['login'] . "' LIMIT 1");
$row_pass = mysql_fetch_array($query_pass);
$pass2 = $row_pass['pass'];
$pass = md5($pass);
// Crypto la password e la confronto con quella nel database
if($pass != $row_pass['pass']){echo('Password errata');exit();}
$query_ver_liv_up = "SELECT * from utenti WHERE upgrade_liv = 'si' ";
$result_ver_liv_up = mysql_query($query_ver_liv_up);
$row_ver_liv_up = mysql_fetch_array($result_ver_liv_up);
// Se ha trovato un record
if(mysql_num_rows($query) == 1)
{
// prelevo l'id dal database
$login = mysql_fetch_array($query);
// preparo la query di aggiornamento
$query_mod2 = "UPDATE utenti SET upgrade_liv = 'no', tipo_user ='delegato' WHERE id = '" . $row_ver_liv_up['id']. "' ";
// invio la query
$result = mysql_query($query_mod2);
{header('Location: privata.php'); exit; }
}
}
假设我只有两个用户想要更改其级别: 如果我插入传递并在第一行确认,它会显示回声'Campo密码非compilato'(传递不填充),但如果我将它们插入第二行,(在我发布的图像中你可以看到用户玩具故事在第二行),我的PHP代码更改db用户peppa猪的字段!!!
如何解决这个问题?我的代码错在哪里?
1 个答案:
答案 0 :(得分:0)
我明白错误在哪里:我已经把
echo '<form method="post" name="ver_liv_up">';
前
while($row_ver_liv_up = mysql_fetch_array($result_ver_liv_up))
{}
如果我以这种方式写表格:
echo '<table border="1" width="1260px" style="margin-left:auto; margin-right:auto; margin-top:5px;">';
echo '<tr bgcolor="#bb6500">';
echo '<td width="100px" style="border: black 1px solid"><center><b>Numero id</center></b></td>';
echo '<td width="300px" style="border: black 1px solid"><center><b>Nome e cognome</b></center></td>';
echo '<td width="120px" style="border: black 1px solid"><center><b>Livello</b></center></td>';
echo '<td width="120px" style="border: black 1px solid"><center><b>Upgrade</b></center></td>';
echo '<td width="180px" style="border: black 1px solid"><center><b>Livello richiesto</b></center></td>';
echo '<td width="120px" style="border: black 1px solid"><center><b>Pass</b></center></td>';
echo '<td width="120px" style="border: black 1px solid"><center><b>Conferma</b></center></td>';
echo '<td width="100px" style="border: black 1px solid"><center><b>Approva</b></center></td>';
echo '<td width="100px" style="border: black 1px solid"><center><b>Nega</b></center></td>';
echo '</tr>';
while($row_ver_liv_up = mysql_fetch_array($result_ver_liv_up))
{
echo '<form method="post" name="ver_liv_up">';
echo '<tr>';
echo '<td style="border: black 1px solid"><center>'.$row_ver_liv_up['id']."</center></td>";
echo '<td style="border: black 1px solid"><center>'.$row_ver_liv_up['nome']." " .$row_ver_liv_up['cognome']."</center></td>";
echo '<td style="border: black 1px solid"><center>'.$row_ver_liv_up['tipo_user']."</center></td>";
echo '<td style="border: black 1px solid"><center>'.$row_ver_liv_up['upgrade_liv']."</center></td>";
echo '<td style="border: black 1px solid"><center>';
if ($row_ver_liv_up['tipo_user'] == 'utente'){
echo $utente_piu;}
if ($row_ver_liv_up['tipo_user'] == "delegato"){
echo $delegato_piu;}
echo '</center></td>';
echo '<td style="border: black 1px solid"><center>
<input name="pass" type="password" id="pass" value="" onfocus="if(this.value==\'pass\') this.value=\'\';" /></center></td>';
echo '<td style="border: black 1px solid"><center>
<input name="conferma" type="password" id="pass" value="" onfocus="if(this.value==\'conferma\') this.value=\'\';" /></center></td>';
echo '<td style="border: black 1px solid"><center><input style="width: 100px;" name="ver_liv_upg_yes" type="submit" value="Approva" /></center></td>';
echo '<td style="border: black 1px solid"><center><input style="width: 100px;" name="ver_liv_upg_no" type="submit" value="Nega" /></center></td>';
echo '</tr>';
echo '</form>';
}
echo '</table>';
它的工作!!!
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?