无法从数据库检索数据以插入另一种形式

时间:2013-11-13 17:14:49

标签: php mysql sql database

我有这个表单,它将操作发布到test2.php。

     <form action="test2.php" method="post" name="add">
     <tr>
     IC NUMBER:<input name="defIc" value="" type="varchar" size="20" maxlength="20">
     NAME:<input name="defName" value="" type="varchar" size="60" maxlength="60">

    <input name="reset" type="reset" value="RESET">
    <input type="submit" name="add" value=" ADD GUARANTOR ">
    </form>

这是我的test2.php编码。在这个test2.php中,我结合了添加过程来存储'被告'表中的数据。在test2.php中,我还包括另一个需要回拨“被告IC”和“IC号码”的表格。

           <?php   
    if (isset($_POST['add'])) {
        $defIc = addslashes($_POST['defIc']);
        $defName = addslashes($_POST['defName']);
        include 'dbconnect.php';

        $query = "INSERT INTO defendant (defIc, defName) VALUES 
            ('$defIc', '$defName')";


        echo $result = mysql_query($query);

    if ($result)
    {
    if (isset($result['defIc']))
        $defIc = $result['defIc'];
    else
        $defIc = 0;
    include 'dbconnect.php';
    $query = "Select * from defendant where defIc = '".$defIc."'";

    $result = mysql_query($query1) or die('SQL error');

    $row = mysql_fetch_array($result);
            ?>  
        DEFENDANT IC:<input name="defIc" value="<?php echo $row['defIc']; ?>"       
            type="varchar" size="20" maxlength="20" />
            DEFENDANT NAME:<input name="defName" value="<?php echo $row['defName']; ?>"          
            type="varchar" size="20" maxlength="20" />
           " 
            <?php 
    }

         else
            echo 'Add failed';   
    }
    ?>

现在的问题是,当我尝试回调test2.php中的'defIc'时,它不会显示回来。

1 个答案:

答案 0 :(得分:0)

实际上,此代码中的 LOT 错误比最初假设的更多。这需要做很多工作。

<?php
//Only include a connection once!
include_once ('dbconnect.php');  
//If the 'add' button was pressed. 
if (isset($_POST['add'])) {

    //What type of data is this? This is very insecure code.
    //Look at preg_replace or mysqli_real_eascape_string to sanitise data

    $defIc = addslashes($_POST['defIc']);
    $defName = addslashes($_POST['defName']);


    $query = "INSERT INTO defendant (defIc, defName) VALUES 
        ('$defIc', '$defName')";


    //Why did you echo the result?
    $result = mysql_query($query);

if ($result)
{
if (isset($result['defIc']))
    $defIc = $result['defIc'];
else
    $defIc = 0;
$query = "Select * from defendant where defIc = '$defIc'";

$result = mysql_query($query1) or die('SQL error');

$row = mysql_fetch_array($result);
        ?>  
    DEFENDANT IC:<input name="defIc" value="<?php echo $row['defIc']; ?>"       
        type="varchar" size="20" maxlength="20" />
        DEFENDANT NAME:<input name="defName" value="<?php echo $row['defName']; ?>"          
        type="varchar" size="20" maxlength="20" />
       " 
        <?php 
}

     else
        echo 'Add failed';   
}
?>

您包含了两次数据库连接。你不能这样做。

这是我迄今收集的内容。我将更新任何进一步的调查结果。

相关问题
最新问题