PHP表单没有更新mysql数据库

时间:2012-08-02 09:26:27

标签: php mysql forms

我几乎没有编程经验并尝试过第一个项目,我对如何更新数据库感到困惑,所以我点击编辑并将正确的记录加载到编辑屏幕update.php

当我点击更新时,我收到来自updated.php的消息,说数据库已经更新,但数据库没有更新,当我显示它们与更新前的记录相同时,提前感谢你所有的帮助。

以下代码:

update.php
$objConnect = mysql_connect("localhost","username","password") or die(mysql_error());
$objDB = mysql_select_db("teldirdb");
$id = $_GET['id'];
$strSQL = "SELECT * FROM teldir where id = '$id' ";
$objQuery = mysql_query($strSQL) or die ("Error Query [".$strSQL."]");
$objResult = mysql_fetch_array($objQuery)
?>

<form id="FormName" action="updated.php" method="post" name="FormName">
<table width="448" border="0" cellspacing="2" cellpadding="0">

<tr>
<td width="150" align="right"><label for="fname">fname</label></td>
<td><input name="fname" maxlength="30" type="text" value="<?=$objResult["fname"];?>">    </td>
</tr>

<tr>
<td width="150" align="right"><label for="lname">lname</label></td>
<td><input name="lname" maxlength="30" type="text" value="   <?=$objResult["lname"];?>"></td>
</tr>

<tr>
<td width="150" align="right"><label for="tel">tel</label></td>
<td><input name="tel" maxlength="15" type="text" value="<?=$objResult["tel"];?>"></td>
</tr>

<tr>
<td width="150" align="right"><label for="adress1">adress1</label></td>
<td><input name="adress1" maxlength="30" type="text" value="<?=$objResult["adress1"];?>"></td>
</tr>

<tr>
<td width="150" align="right"><label for="adress2">adress2</label></td>
<td><input name="adress2" maxlength="30" type="text" value="<?=$objResult["adress2"];?>"></td>
</tr>

<tr>
<td width="150" align="right"><label for="pcode">pcode</label></td>
<td><input name="pcode" maxlength="8" type="text" value="<?=$objResult["pcode"];?>">  </td>
</tr>

<tr>
<td width="150" align="right"><label for="email">email</label></td>
<td><input name="email" maxlength="30" type="text" value="<?=$objResult["email"];?>"></td>
</tr>

<tr>
<td width="150" align="right"><label for="lastcontactdate">lastcontactdate</label></td>
<td><input name="lastcontactdate" maxlength="30" type="text" value="<?=$objResult["lastcontactdate"];?>"></td>
</tr>

<tr>
<td colspan="2" align="center"><input name="" type="submit" value="Update"></td>
</tr>

</table>
</form>

updated.php
<?php
header('Refresh: 5; URL=view11.php');
$objConnect = mysql_connect("localhost","root","2fudge") or die(mysql_error());
$objDB = mysql_select_db("teldirdb");

$id = $_REQUEST['id'];
$fname = trim(mysql_real_escape_string($_POST["fname"]));
$lname = trim(mysql_real_escape_string($_POST["lname"]));
$tel = trim(mysql_real_escape_string($_POST["tel"]));
$adress1 = trim(mysql_real_escape_string($_POST["adress1"]));
$adress2 = trim(mysql_real_escape_string($_POST["adress2"]));
$pcode = trim(mysql_real_escape_string($_POST["pcode"]));
$email = trim(mysql_real_escape_string($_POST["email"]));
$lastcontactdate = trim(mysql_real_escape_string($_POST["lastcontactdate"]));

$rsUpdate = mysql_query("UPDATE teldir
SET  fname = '$fname',  lname = '$lname',  tel = '$tel',  adress1 = '$adress1',  adress2 = '$adress2',  pcode = '$pcode',  email = '$email',  lastcontactdate = '$lastcontactdate'
WHERE id = '$id' ");

if($rsUpdate) { echo "Successfully updated"; } else { die('Invalid query: '.mysql_error()); }

5 个答案:

答案 0 :(得分:0)

您的表单不会发送id参数。尝试在表单中添加以下行:

<input type="hidden" name="id" value="<?= $id ?>" />

或者,改变

<form id="FormName" action="updated.php" ...

<form id="FormName" action="updated.php?id=<?= $id ?>" ...

截至目前,您的查询评估为

(...) WHERE id=''

这是一个有效的SQL查询(因此没有出现错误)但没有实现(更具体地说,更改了没有设置id的行中的数据)

答案 1 :(得分:0)

您的问题是,表单中没有字段id,因此$_REQUEST['id']中没有updated.php,导致查询

UPDATE teldir ... WHERE id = ''

在表单中添加一个带有id的隐藏字段:

<input name="id" type="hidden" value="<?=$objResult["id"];?>

然后等待被黑客攻击......; - )

说真的,查看昆汀的评论。

答案 2 :(得分:0)

您确定自己获得了$ id的价值吗? 对于$ id,你使用的是$ _REQUEST ['id'],但是我没有看到你在任何地方保存/传递id值,例如你可以添加一个隐藏的字段来保存查询的id然后获得该值使用$ _POST。

答案 3 :(得分:0)

  • 首先确保您的查询确实在phpmyadmin或您正在使用的任何数据库管理器上测试查询。
  • 其次,不要在查询中直接使用$_GET['id']。您可以使用为mysqli和PDO提供的预准备语句。在折旧http://www.php.net/manual/en/intro.mysql.php
  • 的过程中,不要使用mysql API
  • 第三,阅读phptherightway以确保您处于正确的学习途径。

答案 4 :(得分:0)

<?php
$objConnect = mysql_connect("localhost","username","password") or die(mysql_error());
$objDB = mysql_select_db("teldirdb");
$id = $_GET['id'];
$strSQL = "SELECT * FROM teldir where id = ".$id." ";
$objQuery = mysql_query($strSQL) or die ("Error Query [".$strSQL."]");
?>
<form id="FormName" action="updated.php" method="post" name="FormName">
<table width="448" border="0" cellspacing="2" cellpadding="0">

<?php
while($objResult = mysql_fetch_array($objQuery)) {
?>
<tr><td><input type="hidden" name="id" value="<?=$objResult['id'];?>"></td></tr>
<tr>
<td width="150" align="right"><label for="fname">fname</label></td>
<td><input name="fname" maxlength="30" type="text" value="<?=$objResult["fname"];?>">    </td>
</tr>

<tr>
<td width="150" align="right"><label for="lname">lname</label></td>
<td><input name="lname" maxlength="30" type="text" value="<?=$objResult["lname"];?>"></td>
</tr>

<tr>
<td width="150" align="right"><label for="tel">tel</label></td>
<td><input name="tel" maxlength="15" type="text" value="<?=$objResult["tel"];?>"></td>
</tr>

<tr>
<td width="150" align="right"><label for="adress1">adress1</label></td>
<td><input name="adress1" maxlength="30" type="text" value="<?=$objResult["adress1"];?>"></td>
</tr>

<tr>
<td width="150" align="right"><label for="adress2">adress2</label></td>
<td><input name="adress2" maxlength="30" type="text" value="<?=$objResult["adress2"];?>"></td>
</tr>

<tr>
<td width="150" align="right"><label for="pcode">pcode</label></td>
<td><input name="pcode" maxlength="8" type="text" value="<?=$objResult["pcode"];?>">  </td>
</tr>

<tr>
<td width="150" align="right"><label for="email">email</label></td>
<td><input name="email" maxlength="30" type="text" value="<?=$objResult["email"];?>"></td>
</tr>

<tr>
<td width="150" align="right"><label for="lastcontactdate">lastcontactdate</label></td>
<td><input name="lastcontactdate" maxlength="30" type="text" value="<?=$objResult["lastcontactdate"];?>"></td>
</tr>
<?php } ?>
<tr>
<td colspan="2" align="center"><input name="" type="submit" value="Update"></td>
</tr>

</table>
</form>

<强> UPDATE.PHP

<?php
header('Refresh: 5; URL=view11.php');
$objConnect = mysql_connect("localhost","root","2fudge") or die(mysql_error());
$objDB = mysql_select_db("teldirdb");

$id = $_REQUEST['id'];
$fname = trim(mysql_real_escape_string($_POST["fname"]));
$lname = trim(mysql_real_escape_string($_POST["lname"]));
$tel = trim(mysql_real_escape_string($_POST["tel"]));
$adress1 = trim(mysql_real_escape_string($_POST["adress1"]));
$adress2 = trim(mysql_real_escape_string($_POST["adress2"]));
$pcode = trim(mysql_real_escape_string($_POST["pcode"]));
$email = trim(mysql_real_escape_string($_POST["email"]));
$lastcontactdate = trim(mysql_real_escape_string($_POST["lastcontactdate"]));

$rsUpdate = mysql_query("UPDATE teldir SET  fname = '".$fname."',  
                                            lname = '".$lname."',  
                                            tel = ".$tel.",  
                                            adress1 = '".$adress1."',  
                                            adress2 = '".$adress2."',  
                                            pcode = ".$pcode.",  
                                            email = '".$email."',  
                                            lastcontactdate = '".$lastcontactdate."' WHERE id = ".$id." ");

if($rsUpdate) { 
    echo "Successfully updated"; 
} else { 
    die('Invalid query: '.mysql_error()); 
}