我有一个像这样工作的三部分表单,第一个表单叫做create_ticket.php,它基本上是一个带有客户联系信息的表单以及他们想要完成的工作。当票据填写完毕后,它会被提交给MySQL,然后当搜索完db时,您可以通过单击搜索结果中与该票证相关联的选择链接来选择所需的票证,浏览器将打开一个新窗口。表单的第二部分但是它会在浏览器中传递与MySQL记录关联的id,所以你在url的末尾看到了id = 10现在表单的第二部分是技术人员用来填写什么的他们这样做,当他们点击页面底部的签名时,它会弹出表格的第3部分,允许客户在技术的ipad或Toughbook上签名,当他们点击接受时,它应该更新与MySQL相关的记录该ID在网址中传递。我的问题是它不起作用。因此,您可以在http://jemtechnv.com/test/ticket_results.php查看表单,看看当您点击选择它时,会将您带到技术人员表单中进行填写。 这是我处理表单第二部分的代码:
<?php
// database connection //
include 'db/db_connect.php';
//This gets all the other information from the form
// start of form inputs //
$work_performed=$_POST['work_performed'];
$item_qty1=$_POST['item_qty1'];
$item_qty2=($_POST['item_qty2']);
$item_qty3=$_POST['item_qty1'];
$item_qty4=($_POST['item_qty2']);
$item_qty5=$_POST['item_qty1'];
$manuf_1=$_POST['manuf_1'];
$manuf_2=$_POST['manuf_2'];
$manuf_3=$_POST['manuf_3'];
$manuf_4=$_POST['manuf_4'];
$manuf_5=$_POST['manuf_5'];
$part_number1=$_POST['part_number1'];
$part_number2=$_POST['part_number2'];
$part_number3=$_POST['part_number3'];
$part_number4=$_POST['part_number4'];
$part_number5=$_POST['part_number5'];
$part_description1=$_POST['part_description1'];
$part_description2=$_POST['part_description2'];
$part_description3=$_POST['part_description3'];
$part_description4=$_POST['part_description4'];
$part_description5=$_POST['part_description5'];
$part1_price=$_POST['part_price1'];
$part2_price=$_POST['part_price2'];
$part3_price=$_POST['part_price3'];
$part4_price=$_POST['part_price4'];
$part5_price=$_POST['part_price5'];
$price_extension1=$_POST['price_extension1'];
$price_extension2=$_POST['price_extension2'];
$price_extension3=$_POST['price_extension3'];
$price_extension4=$_POST['price_extension4'];
$price_extension5=$_POST['price_extension5'];
$material_total=$_POST['material_total'];
$sales_tax=$_POST['sales_tax'];
$shipping_cost=$_POST['shipping_cost'];
$work_date1=$_POST['work_date1'];
$work_date2=$_POST['work_date2'];
$work_date3=$_POST['work_date3'];
$work_date4=$_POST['work_date4'];
$work_date5=$_POST['work_date5'];
$tech_name1=$_POST['tech_name1'];
$tech_name2=$_POST['tech_name2'];
$tech_name3=$_POST['tech_name3'];
$tech_name4=$_POST['tech_name4'];
$tech_name5=$_POST['tech_name5'];
$cost_code1=$_POST['cost_code1'];
$cost_code2=$_POST['cost_code2'];
$cost_code3=$_POST['cost_code3'];
$cost_code4=$_POST['cost_code4'];
$cost_code5=$_POST['cost_code5'];
$pay_rate1=$_POST['pay_rate1'];
$pay_rate2=$_POST['pay_rate2'];
$pay_rate3=$_POST['pay_rate3'];
$pay_rate4=$_POST['pay_rate4'];
$pay_rate5=$_POST['pay_rate5'];
$total_hours1=$_POST['total_hours1'];
$total_hours2=$_POST['total_hours2'];
$total_hours3=$_POST['total_hours3'];
$total_hours4=$_POST['total_hours4'];
$total_hours5=$_POST['total_hours5'];
$hours_subtotal1=$_POST['hours_subtotal1'];
$hours_subtotal2=$_POST['hours_subtotal2'];
$hours_subtotal3=$_POST['hours_subtotal3'];
$hours_subtotal4=$_POST['hours_subtotal4'];
$hours_subtotal5=$_POST['hours_subtotal5'];
$total_hours=$_POST['total_hours'];
$material_total=$_POST['material_total'];
$labor_cost=$_POST['labor_cost'];
$grand_total=$_POST['grand_total'];
//Writes the information to the database
mysql_query("UPDATE INTO tickets WHERE id=$id (work_performed, item_qty1, item_qty2, item_qty3, item_qty4, item_qty5,manuf_1, manuf_2, manuf_3, manuf_4, manuf_5, part_number1, part_number2, part_number3, part_number4, part_number5, part_description1, part_description2, part_description3, part_description_4, part_description_5, part1_price, part2_price, part3_price, part4_price, part5_price, price_extension1, price_extension2, price_extension3, price_extension4, price_extension5, material_total, sales_tax, shipping_cost, work_date1, work_date2, work_date3, work_date4, work_date5, tech_name1, tech_name2, tech_name3, tech_name4, tech_name5, cost_code1, cost_code2, cost_code3, cost_code4, cost_code5, pay_rate1, pay_rate2, pay_rate3, pay_rate4, pay_rate5, total_hours1, total_hours2, total_hours3, total_hours4, total_hours5, hours_subtotal1, hours_subtotal2, hours_subtotal3, hours_subtotal4, hours_subtotal5, total_hours, material_total, labor_cost, grand_total,)
VALUES ('$work_performed','$item_qty1','$item_qty2','$item_qty3','$item_qty4','$item_qty5','$mauf_1','$manuf_2','$manuf_3','$manuf_4','$manuf_5','$part_number1','$part_number2','$part_number3','$part_number4','$part_number5','$part_description1','$part_description2','$part_description3','$part_description_4',
'$part_description5','$part1_price','$part2_price','$part3_price','$part4_price','$part5_price','$price_extension1','$price_extension2','$price_extension3','$price_extension4','$price_extension5','$material_total','$sales_tax','$shipping_cost','$work_date1','$work_date2','$work_date3','$work_date4','$work_date5','$tech_name1','$tech_name2','$tech_name3','$tech_name4','$tech_name5','$cost_code1','$cost_code2','$cost_code3','$cost_code4','$cost_code5','$pay_rate1','$pay_rate2','$pay_rate3','$pay_rate4','$pay_rate5',
'$total_hours1','$total_hours2','$total_hours3','$total_hours4','$total_hours5','$hours_subtotal1','$hours_subtotal2','$hours_subtotal3','$hours_subtotal4','$hours_subtotal5','$total_hours','$material_total','$labor_cost','$grand_total',)") ;
mysql_affected_rows();
?>
<html>
<body>
<center>
<br><br><br>
<form name="results" method="post" action="ticket_results.php" enctype="multipart/form-data" id="ticketresult">
<input type="submit" class="submit" id="ticketresult" style="width: 165px" value="Do Something">
</form>
</center>
</body>
</html>
我也知道我需要采取MySQL注入预防措施,但老实说,目前这不是优先考虑,因为我只想先让表单运行,然后我会回去清理代码。谢谢你的帮助!我已经禁用了表单的签名部分,因此点击第二个表单上的获取签名将处理表单并对该记录进行更新,这应该是但不是!
更新:我已按照以下建议更改了查询语法:
mysql_query("UPDATE tickets SET (work_performed, item_qty1, item_qty2, item_qty3, item_qty4, item_qty5,manuf_1, manuf_2, manuf_3, manuf_4, manuf_5, part_number1, part_number2, part_number3, part_number4, part_number5, part_description1, part_description2, part_description3, part_description_4, part_description_5, part1_price, part2_price, part3_price, part4_price, part5_price, price_extension1, price_extension2, price_extension3, price_extension4, price_extension5, material_total, sales_tax, shipping_cost, work_date1, work_date2, work_date3, work_date4, work_date5, tech_name1, tech_name2, tech_name3, tech_name4, tech_name5, cost_code1, cost_code2, cost_code3, cost_code4, cost_code5, pay_rate1, pay_rate2, pay_rate3, pay_rate4, pay_rate5, total_hours1, total_hours2, total_hours3, total_hours4, total_hours5, hours_subtotal1, hours_subtotal2, hours_subtotal3, hours_subtotal4, hours_subtotal5, total_hours, material_total, labor_cost, grand_total,)WHERE id=$id
VALUES ('$work_performed','$item_qty1','$item_qty2','$item_qty3','$item_qty4','$item_qty5','$mauf_1','$manuf_2','$manuf_3','$manuf_4','$manuf_5','$part_number1','$part_number2','$part_number3','$part_number4','$part_number5','$part_description1','$part_description2','$part_description3','$part_description_4',
'$part_description5','$part1_price','$part2_price','$part3_price','$part4_price','$part5_price','$price_extension1','$price_extension2','$price_extension3','$price_extension4','$price_extension5','$material_total','$sales_tax','$shipping_cost','$work_date1','$work_date2','$work_date3','$work_date4','$work_date5','$tech_name1','$tech_name2','$tech_name3','$tech_name4','$tech_name5','$cost_code1','$cost_code2','$cost_code3','$cost_code4','$cost_code5','$pay_rate1','$pay_rate2','$pay_rate3','$pay_rate4','$pay_rate5',
'$total_hours1','$total_hours2','$total_hours3','$total_hours4','$total_hours5','$hours_subtotal1','$hours_subtotal2','$hours_subtotal3','$hours_subtotal4','$hours_subtotal5','$total_hours','$material_total','$labor_cost','$grand_total',)");
但是现在当我提交表单来更新数据库时,我收到以下错误,
您的SQL语法有错误;检查与MySQL服务器版本对应的手册,以便在'(work_performed,item_qty1,item_qty2,item_qty3,item_qty4,item_qty5,manuf_1,'第1行)附近使用正确的语法
答案 0 :(得分:2)
您的查询错误。查询应该是
UPDATE tickets SET work_performed = something, item_qty1 = something .... WHERE id=$id