我想通过使用此代码更新多个数据,但问题是,当我尝试它时,它会更新具有相同类别ID且它应该单独更新的整个数据。可能是什么解决方案。请帮忙。在此先感谢:)
<?php
if (isset($_GET['pid'])){
$view="";
$targetID = $_GET['pid'];
$sql = mysql_query("SELECT specs, category_id, price FROM specs WHERE category_id='$targetID'");
$productCount = mysql_num_rows($sql);
if($productCount > 0){
while($row = mysql_fetch_array($sql)){
$specs = $row["specs"];
$category_id = $row["category_id"];
$price = $row["price"];
$view .= '<div class="control-group">
<label class="control-label" >Specs</label>
<div class="controls">
<input type="text" placeholder="Specs" name="specs" value="'.$specs.'">
</div>
</div>
<div class="control-group">
<label class="control-label" >Price</label>
<div class="controls">
<input type="text" placeholder="Price" name="price" value="PHP '.number_format($price, 2).'">
</div>
</div>';
}
}
}
?>
<?php
if (isset($_POST['specs'])){
$pid = mysql_real_escape_string($_POST['thisID']);
$specs = mysql_real_escape_string($_POST['specs']);;
$price = mysql_real_escape_string($_POST['price']);
$sql= mysql_query("UPDATE specs SET specs='$specs', price='$price' WHERE category_id='$pid'");
header("Location: manageproducts.php");
exit();
}
?>
继续html。
<div class="container">
<div class="page-header">
<h1>Manage Products</h1>
</div>
<div class="row-fluid ">
<div class="box span12center-align" >
<div class="box-header well" data-original-title>
<center><h2><i class="icon-edit"></i> Edit Specifications </h2></center>
</div>
<div class="box-content" >
<form class="form-horizontal" action="" method='post'>
<fieldset>
<?php echo $view; ?>
<div class="form-actions">
<input name="thisID" type="hidden" value="<?php echo $targetID; ?>">
<button type="submit" class="btn btn-primary" name="add_product">Update Item</button>
<button class="btn">Cancel</button>
</div>
</fieldset>
</form>
</div>
</div><!--/span-->
</div><!--/row--></center>
</div>
</div>
</div>
答案 0 :(得分:0)
您需要将主键添加到要更新的行的WHERE子句中,现在您只需使用某个category_id
更新所有行。
因此,向表中添加主键id
(如果您的表还没有表),并将其设置为自动递增。然后修改您的选择查询:
"SELECT id, specs, category_id, price FROM specs WHERE category_id='$targetID'"
将id
添加到隐藏的输入字段。
然后您可以像这样修改更新查询:
"UPDATE specs SET specs='$specs', price='$price' WHERE category_id='$pid' AND id='$id'"
SQL注入警报
您还应该知道您编写的代码非常危险且易于SQL injection。永远不要在查询中直接使用GET / POST变量。请使用mysqli
with prepared statements或PDO
。