编辑个人资料中的日期保存为0000-00-00

时间:2013-09-16 17:55:53

标签: php

我正在尝试编辑用户配置文件,如果我编辑DOB字段它的工作正常,但如果我不更改DOB字段,它会在DB中保存value 0000-00-00。任何人都可以帮助找出解决方案。 edit.php代码 -

<?php
require_once("global.inc.php");
if(isset($_SESSION['logged_in']))
{
    $user = unserialize($_SESSION['user']);
    list($year,$month,$day)=explode('-', $user->DOB);

    if(isset($_POST['edit']))
    {
        $id=$user->id;
        $username = mysql_real_escape_string($_POST['username']);
        $DOB = ($_POST['birthyear'].$_POST['birthmonth'].$_POST['birthday']);
        $subject = mysql_real_escape_string($_POST['subject']);

        $data['id'] = $id;
        $data['username'] = $username;
        $data['DOB'] = $DOB;
        $data['subject'] = $subject;

        $user=new User($data);
        if($user->saveteacher(false))
        {
            echo '<script> alert("Your Profile Is Updated Successfully"); window.location.href="user/profile.php" ;</script>;';
        }
        else
        {
             echo mysql_error();
        }
    }
}
?>
<html>
<head>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body bgcolor="#E1F5FF">
</div>
<form action="edit.php" method="post" >
<div class="reg-form">
 <label style="float:left">Teacher Id</label>
 <input class="unvisible" type="text" name="teacher_id" readonly value="<?php echo $user->id?>">
 <br/><br/>
 <label style="float:left">Username</label>
 <input class="required" type="text" name="username" value="<?php echo $user->username?>">
 <br/><br/>
 <label style="float:left">D-O-B</label>
 <div style="float:right">
  <select style="margin-left:-4px; width:62px" name="birthyear">
   <option value="<?php echo $year?>"><?php echo $year ?></option>
   <?php for ($i = 1970; $i < date('Y'); $i++) : ?>
   <option value="<?php echo $i; ?>"><?php echo $i; ?></option>
   <?php endfor; ?>
  </select>
  <select style="margin-left:-4px; width:47px" name="birthmonth">
   <option value=""><?php echo $month ?></option>
   <?php for ($i = 1; $i <= 12; $i++) : ?>
   <option value="<?php echo ($i < 10) ? '0'.$i : $i; ?>"><?php echo $i; ?></option>
   <?php endfor; ?>
  </select>
  <select style="margin:-4px; width:47px" name="birthday">
   <option value=""><?php echo $day ?></option>
   <?php for ($i = 1; $i <= 31; $i++) : ?>
   <option value="<?php echo ($i < 10) ? '0'.$i : $i; ?>"><?php echo $i; ?></option>
   <?php endfor; ?>
  </select>
 </div>
 <br/><br/>
 <label style="float:left; ">Subject</label>
 <input style="margin-top:18px; margin-left:80px" type="submit" name="edit"  value="Save Changes">
</div>
</form>
</div>
</body>
</html>

edit.php ----------

    <?php

               require_once ("db.class.php");  


        class User {  

        public $id;
        public $roll_no;
        public $regno;  
        public $username;  
        public $password;  
        public $email;  
        public $fname;
        public $lname;
        public $DOB;  
        public $mobile;  
        public $altemail;  
        public $add;  
        public $area;
        public $city;
        public $state;
        public $country;  
        public $branchname;  
        public $branchadd;
        public $grade;
        public $subject;
        public $registered_on;
        public $exp_date;


    function __construct($data) {  
        $this->id = (isset($data['id'])) ? $data['id'] : "";
        $this->roll_no = (isset($data['roll_no'])) ? $data['roll_no'] : "";
        $this->registration_no = (isset($data['registration_no'])) ? $data['registration_no'] : "";
        $this->teacher_id = (isset($data['teacher_id'])) ? $data['teacher_id'] : "";  
        $this->username = (isset($data['username'])) ? $data['username'] : ""; 
        $this->email = (isset($data['email'])) ? $data['email'] : ""; 
        $this->password = (isset($data['password'])) ? $data['password'] : "";  
        $this->first_name = (isset($data['first_name'])) ? $data['first_name'] : "";
        $this->last_name = (isset($data['last_name'])) ? $data['last_name'] : "";
        $this->DOB = (isset($data['DOB'])) ? $data['DOB'] : "";
        $this->altemail = (isset($data['altemail'])) ? $data['altemail'] : "";
        $this->mobile = (isset($data['mobile'])) ? $data['mobile'] : "";
        $this->address = (isset($data['address'])) ? $data['address'] : "";
        $this->area = (isset($data['area'])) ? $data['area'] : "";
        $this->city = (isset($data['city'])) ? $data['city'] : "";
        $this->state = (isset($data['state'])) ? $data['state'] : "";
        $this->country = (isset($data['country'])) ? $data['country'] : ""; 
        $this->branch_name = (isset($data['branch_name'])) ? $data['branch_name'] : ""; 
        $this->branch_add = (isset($data['branch_add'])) ? $data['branch_add'] : ""; 
        $this->subject = (isset($data['subject'])) ? $data['subject'] : "";
        $this->grade = (isset($data['grade'])) ? $data['grade'] : ""; 
        $this->registered_on = (isset($data['registered_on'])) ? $data['registered_on'] : "";
        $this->exp_date = (isset($data['exp_date'])) ? $data['exp_date'] : "";
        }  



public function saveteacher($isNewUser = false) {  
    //create a new database object.  
   global $table;
    $db = new DB();  

    //if the user is already registered and we're  
    //just updating their info.  
    if(!$isNewUser) {  
        //set the data array  
        $data = array(
            //"roll_no" => "'$this->roll_no'",

            "teacher_id" => "'$this->teacher_id'",
            "username" => "'$this->username'",
            "email" => "'$this->email'",  
            "first_name" => "'$this->first_name'",
            "last_name" => "'$this->last_name'",
            "DOB" => "'$this->DOB'",
            "altemail" => "'$this->altemail'",
            "mobile" => "'$this->mobile'",
            "address" => "'$this->address'",
            "area" => "'$this->area'",
            "city" => "'$this->city'",
            "state" => "'$this->state'",
            "country" => "'$this->country'",
            "branch_name" => "'$this->branch_name'",
            "branch_add" => "'$this->branch_add'",
            "branch_name" => "'$this->branch_name'",
            "grade" => "'$this->grade'",
            "subject" => "'$this->subject'"

        );  





        $db->update($data, 'register_teacher', "id=".$this->id); 
            }else { 
            //if the user is being registered for the first time. 
                $data = array( 
                    //"roll_no" => "'$this->roll_no'",
                    "teacher_id" => "'$this->teacher_id'",
                    "username" => "'$this->username'",
                    "email" => "'$this->email'",  
                    "password" => "'$this->password'",  
                    "first_name" => "'$this->first_name'",
                    "last_name" => "'$this->last_name'",
                    "DOB" => "'$this->DOB'",
                    "altemail" => "'$this->altemail'",
                    "mobile" => "'$this->mobile'",
                    "address" => "'$this->address'",
                    "area" => "'$this->area'",
                    "city" => "'$this->city'",
                    "state" => "'$this->state'",
                    "country" => "'$this->country'",
                    "branch_name" => "'$this->branch_name'",
                    "branch_add" => "'$this->branch_add'",
                    "branch_name" => "'$this->branch_name'",
                    "grade" => "'$this->grade'",
                    "subject" => "'$this->subject'",
                    "registered_on" => "'$this->registered_on'",
                    "exp_date" => "'$this->exp_date'" );

                    //"join_date" => "'".date("Y-m-d H:i:s",time())."'"  


                $this->id = $db->insert($data, 'register_teacher');  
                //$this->join_date = time();  
            }  
            return true;  
        }  

        public function savestudent($isNewUser = false) {  
                //create a new database object.  
               global $table;
                $db = new DB();  


            //if the user is already registered and we're  
            //just updating their info.  
            if(!$isNewUser) {  
                //set the data array  
                $data = array(
                    "roll_no" => "'$this->roll_no'",
                    "registration_no" => "'$this->registration_no'",
                    "username" => "'$this->username'",
                    "email" => "'$this->email'",  
                    "first_name" => "'$this->first_name'",
                    "last_name" => "'$this->last_name'",
                    "DOB" => "'$this->DOB'",
                    "altemail" => "'$this->altemail'",
                    "mobile" => "'$this->mobile'",
                    "address" => "'$this->address'",
                    "area" => "'$this->area'",
                    "city" => "'$this->city'",
                    "state" => "'$this->state'",
                    "country" => "'$this->country'",
                    "branch_name" => "'$this->branch_name'",
                    "branch_add" => "'$this->branch_add'",
                    "grade" => "'$this->grade'",


                );  

                //update the row in the database  
                $db->update($data, 'register_student', "id=".$this->id); 
            }else { 
            //if the user is being registered for the first time. 
                $data = array( 
                    "roll_no" => "'$this->roll_no'",
                    "registration_no" => "'$this->registration_no'",
                    "username" => "'$this->username'",
                    "email" => "'$this->email'",  
                    "password" => "'$this->password'",  
                    "first_name" => "'$this->first_name'",
                    "last_name" => "'$this->last_name'",
                    "DOB" => "'$this->DOB'",
                    "altemail" => "'$this->altemail'",
                    "mobile" => "'$this->mobile'",
                    "address" => "'$this->address'",
                    "area" => "'$this->area'",
                    "city" => "'$this->city'",
                    "state" => "'$this->state'",
                    "country" => "'$this->country'",
                    "branch_name" => "'$this->branch_name'",
                    "branch_add" => "'$this->branch_add'",
                    "grade" => "'$this->grade'",
                    "registered_on" => "'$this->registered_on'");
                    //"exp_date" => "'$this->exp_date'" );

                    //"join_date" => "'".date("Y-m-d H:i:s",time())."'"  


                $this->id = $db->insert($data, 'register_student');  
                //$this->join_date = time();  
            }  
            return true;  
        }


    }  

    ?>'  

1 个答案:

答案 0 :(得分:3)

您正在生成一个类似于

的日期字符串
20130916

传递给User对象。如果该字符串直接进入数据库,它将被您的数据库视为无效日期(MySQL,我假设?)。大多数数据库都希望他们的日期为yyyy-mm-dd格式。

你也可能受到SQL injection attacks的约束,因为当你在username之类的东西上进行手动转义时,你会直接传递日期值而没有转义。