这适用于edit_inv.php,其中包含一些用户可以编辑的文本框 问题是包含空格的值。例如。思科路由器(在phpmyadmin中),当我打印出文本框中的值(要编辑或保持原样)时,它只有思科。缺少路由器这个词。如果用户不想编辑Cisco路由器部件并且必须再次键入路由器,这将是不好的。
编辑脚本有效。只是空间之后的所有内容都不在文本框中。
我刚开始使用php并希望得到一些帮助。
<?php
// Mysql Connect
include('lock.php');
require_once('mysql.php');
$edit_inv = $_GET['inventory_id'] ;
$_SESSION['edit_inv'] = $edit_inv;
$query = "SELECT * FROM inventory WHERE unikl_id= $login_session_id and inventory_id='$edit_inv'";
$result = mysql_query($query);
echo '<form method="post" action="handle_inv_edit.php">';
// Table header.
echo '<table align="center" cellspacing="0" cellpadding="5" border="2">
<tr>
<td align="center"><b>Inventory ID</b></td>
<td align="center"><b>Device Name</b></td>
<td align="center"><b>Quantity</b></td>
<td align="center"><b>Level/Room</b></td>
<td align="center"><b>Email</b></td>
<td align="center"><b>Availability</b></td>
</tr>';
// Fetch and print all the records.
while ($row = mysql_fetch_array($result)) {
echo '<tr>
<td align="center">' . $row['inventory_id'] . '</td>
<td align="left"><input type="text" size="60"
name="pro_name" value='.$row['pro_name'].'></td>
<td align="left"><input type="text" size="4"
name="quantity" value='.$row['quantity'].'></td>
<td align="center"><input type="text" size="4"
name="level" value='.$row['level'].'></td>
<td align="left"><input type="text" size="60"
name="email" value='.$row['email'].'></td>
<td align="left"><input type="radio" name="available" value="Yes" CHECKED > Yes
<input type="radio" name="available" value="No"> No</td>
</tr>';
}
echo '</table>';
echo '<br /><div align="center"><input type="submit"
name="Submit" value="Edit" /></div>
<input type="hidden" name="submitted" value="TRUE" />';
echo '</form>';
?>
答案 0 :(得分:5)
可能是因为如果你的""错过文字,那么你错过了value contains space文本框的值属性
<td align="left"><input type="text" size="60"
name="pro_name" value="'.$row['pro_name'].'"></td>
这样您就需要将“”代码放入所有文本框
答案 1 :(得分:1)
当您尝试从我的sql表中检索数据并在html表中显示数据时,请使用以下命令:
const mapWorkplace = (arr: SuggestedWorkplace[], deallocation: boolean) =>
arr.map((x, i) => ({
...x,
action: x === 3 ? <Link>Put</Link> : <Link>Remove</Link> ,
__props: {
style: { background: !(i % 2) ? "#fff" : "rgba(233, 249, 249, .6)" }
},
}));
答案 2 :(得分:-1)
您可能是SQL注入的受害者,并且您没有看到空格,因为没有转义。
<?php
if (isset($_POST))
{
$pro_name = $_POST["pro_name"]; // if you already escaped in a form you simply print post
}
?>
<?php
// Mysql Connect
include('lock.php');
require_once('mysql.php');
$edit_inv = mysql_real_escape_string($_GET['inventory_id']);
$_SESSION['edit_inv'] = (int)$edit_inv;
$query = "SELECT * FROM inventory WHERE unikl_id= $login_session_id and inventory_id='$edit_inv'";
$result = mysql_query($query);
echo '<form method="post" action="handle_inv_edit.php">';
// Table header.
echo '<table align="center" cellspacing="0" cellpadding="5" border="2">
<tr>
<td align="center"><b>Inventory ID</b></td>
<td align="center"><b>Device Name</b></td>
<td align="center"><b>Quantity</b></td>
<td align="center"><b>Level/Room</b></td>
<td align="center"><b>Email</b></td>
<td align="center"><b>Availability</b></td>
</tr>';
// Fetch and print all the records.
while ($row = mysql_fetch_array($result)) {
echo '<tr>
<td align="center">' . mysql_real_escape_string($row['inventory_id']) . '</td>
<td align="left"><input type="text" size="60"
name="pro_name" value='.mysql_real_escape_string($row['pro_name']).'></td>
<td align="left"><input type="text" size="4"
name="quantity" value='.mysql_real_escape_string($row['quantity']).'></td>
<td align="center"><input type="text" size="4"
name="level" value='.mysql_real_escape_string($row['level']).'></td>
<td align="left"><input type="text" size="60"
name="email" value='.mysql_real_escape_string($row['email']).'></td>
<td align="left"><input type="radio" name="available" value="Yes" CHECKED > Yes
<input type="radio" name="available" value="No"> No</td>
</tr>';
}
echo '</table>';
echo '<br /><div align="center"><input type="submit"
name="Submit" value="Edit" /></div>
<input type="hidden" name="submitted" value="TRUE" />';
echo '</form>';
?>