Question

有人可以检查PHP编码是否正确 script。它需要一双新鲜的眼睛来检查。

由于这个脚本比我上次工作时略长，我不记得我做了哪些小改动来修复它...

那有什么问题呢？此时尚未保存复选框权限 - 不确定原因：（

if ($_POST) { 
$upd = mysqli_query($db, "UPDATE `tbl_user`  SET `username` = '".mysqli_real_escape_string($db,$_POST['username'])."', `userfullname` = '".mysqli_real_escape_string($db,$_POST['fullname'])."', `useremail` = '".mysqli_real_escape_string($db,$_POST['email'])."', `userlevel`= '".mysqli_real_escape_string($db,$_POST['userlevel'])."', `usertitle` = '".mysqli_real_escape_string($db,$_POST['title'])."' WHERE `userid` = '".mysqli_real_escape_string($db,$_GET['userid'])."'");
$insert = mysqli_query($db,"UPDATE `tbl_perms` SET
`1` ='" . mysqli_real_escape_string($db,$_POST['permsA_1']) . "',    
`2` ='" . mysqli_real_escape_string($db,$_POST['permsA_2']) . "',    
`3` ='" . mysqli_real_escape_string($db,$_POST['permsA_3']) . "',    
`4` ='" . mysqli_real_escape_string($db,$_POST['permsA_4']) . "',    
`5` ='" . mysqli_real_escape_string($db,$_POST['permsA_5']) . "', 
`6` ='" . mysqli_real_escape_string($db,$_POST['permsA_6']) . "',
`7` ='" . mysqli_real_escape_string($db,$_POST['permsA_7']) . "',
`8` ='" . mysqli_real_escape_string($db,$_POST['permsA_8']) . "',
`9` ='" . mysqli_real_escape_string($db,$_POST['permsA_9']) . "',
`10` ='" . mysqli_real_escape_string($db,$_POST['permsA_10']) . "',
`11` ='" . mysqli_real_escape_string($db,$_POST['permsA_11']) . "',
`12` ='" . mysqli_real_escape_string($db,$_POST['permsA_12']) . "',
`13` ='" . mysqli_real_escape_string($db,$_POST['permsA_13']) . "',
`14` ='" . mysqli_real_escape_string($db,$_POST['permsA_14']) . "',
`15` ='" . mysqli_real_escape_string($db,$_POST['permsA_15']) . "',
`16` ='" . mysqli_real_escape_string($db,$_POST['permsA_16']) . "',
`17` ='" . mysqli_real_escape_string($db,$_POST['permsA_17']) . "',
`18` ='" . mysqli_real_escape_string($db,$_POST['permsA_18']) . "',
`19` ='" . mysqli_real_escape_string($db,$_POST['permsA_19']) . "',
`20` ='" . mysqli_real_escape_string($db,$_POST['permsA_20']) . "',
`21` ='" . mysqli_real_escape_string($db,$_POST['permsA_21']) . "',
`22` ='" . mysqli_real_escape_string($db,$_POST['permsA_22']) . "'
WHERE `userid` = '$id' ")or die(mysqli_error($db));

$insert = mysqli_query($db,"UPDATE `tbl_usrdepts` SET
`1` ='" . mysqli_real_escape_string($db,$_POST['dept_1']) . "',    
`2` ='" . mysqli_real_escape_string($db,$_POST['dept_2']) . "',    
`3` ='" . mysqli_real_escape_string($db,$_POST['dept_3']) . "'    
WHERE `userid` = '$id' ")or die(mysqli_error($db));
$updated = "1";} 

if(!empty($_GET['userid'])) {       
 $sql = mysqli_query($db, "SELECT * from tbl_user WHERE userid = $id LIMIT 1");    
 if(mysqli_affected_rows($db) == 0) {        
   $noid = "1";    
 } else {        
   $current = mysqli_fetch_assoc($sql);        
   $currentperms  = mysqli_fetch_assoc(mysqli_query($db, "SELECT * from tbl_perms WHERE userid = $id"));
   $currentdepts  = mysqli_fetch_assoc(mysqli_query($db, "SELECT * from tbl_usrdepts WHERE userid = $id"));                        
  }} else {    
    $noidentered = "1";}
// Set Permissions
 $permissionid_select = mysqli_query($db,"SELECT * FROM `tbl_perms` WHERE `userid` = '$id'")or die(mysqli_error($db));
 $permissionid = mysqli_fetch_array($permissionid_select);
 $deptid_select = mysqli_query($db,"SELECT * FROM `tbl_usrdepts` WHERE `userid` = '$id'")or die(mysqli_error($db));
 $deptid = mysqli_fetch_array($deptid_select);
 $get_perms = mysqli_query($db,"SELECT * FROM `perm_sets` WHERE `status` = '1' ORDER BY `id` ASC")or die(mysqli_error($db));

现在显示代码：

<tr valign="top">
<td class="alt2">Application Permissions</td>
<td class="alt2"><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr valign="top"><td>
<div id="ctrl_user[membergroupids]" class="smallfont">
<?
   while($i = mysqli_fetch_array($get_perms)){

$pname = $i[pname];
$id = $i[id];
?>
    <div>
<input type="checkbox" tabindex="1" name="permsA_<? echo $id;?>" value="1" <? if($permissionid[$id] == '1') {echo ' checked="checked" ';}?> /><?echo htmlspecialchars($pname);?></div>
<? } ?>     
</tr>
</table>
<br />
</td>
</tr>

<tr valign="top">
<td class="alt1">User Departments</td>
<td class="alt1"><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr valign="top"><td><div id="ctrl_user[membergroupids]" class="smallfont">
<?
$get_depts = mysqli_query($db,"SELECT * FROM `tbl_depts` ORDER BY `id` ASC")or die(mysqli_error($db));
while($i = mysqli_fetch_array($get_depts)){

$dname = $i[name];
$id = $i[id];
?>      
    <div><input type="checkbox" tabindex="1" name="dept_<? echo $id ;?>" value="1" <? if($deptid[$id] == '1') {echo ' checked="checked" ';}?> /><?echo htmlspecialchars($dname);?></div>
<? } ?> 
 </tr>
</table>
<br />
</td>
</tr>

谢谢！

Answer 1

一些标准的调试技巧和评论：

评论表示代码。它只是模糊了一些东西。
print_r($var) 每个$ var都没有表现。开始在眼前的问题和从那里回溯。
不要使用php短标签（<?）。他们已被弃用。
回显您的SQL查询，以便您可以看看他们是否看起来像你期望的那样他们来。

您发布的大量代码中没有任何内容可见。清理非关键的东西，你（我们）将更容易看到发生了什么。

检查PHP编码是否正确

1 个答案: