ADMIN面板无法运行

时间:2013-11-23 13:08:55

标签: php mysql forms admin

这是我的数据库中成员表中的添加和删除用户的管理面板,但是当我按下确定时它不能运行:

我不知道问题出在哪里。 我不是PHP的专家,所以请提供易于理解的答案。

<?php

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $user="admin";
    $pass="whatever";
    $host="localhost";
    $db_name="login";

    $con=mysqli_connect($host, $user, $pass, $db_name);

    if (mysqli_connect_errno($con)) {
        echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }

    $id       = ($_POST['id']);
    $password = md5($_POST['pass']);
    $fieldset = ($_POST['fieldset']); 
    $id       = mysqli_real_escape_string($con,$password);
    $password = mysqli_real_escape_string($con,$password);
    $fieldset = mysqli_real_escape_string($con,$fieldset);

    if ($fieldset == "add") {
        $sqlcommand="INSERT INTO members (student_id,student_pass) VALUES ('$id','$password')"; 
    } elseif (fieldset == "delete") {
        $sqlcommand="DELETE FROM members WHERE student_id LIKE '$id'";          
    } else {
        echo "Your information is incorrect";
    }
}
?>

3 个答案:

答案 0 :(得分:1)

我猜错误就在这里

$id = mysqli_real_escape_string($con,$password); // <<<<<<
$password = mysqli_real_escape_string($con,$password);
$fieldset = mysqli_real_escape_string($con,$fieldset);

我猜这应该是

$id = mysqli_real_escape_string($con,$id);

而且你没有运行任何查询,正如另一个人所说,你只是在设置SQL。基本上你的脚本应该是

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $user="admin";
    $pass="whatever";
    $host="localhost";
    $db_name="login";

    $con=mysqli_connect($host, $user, $pass, $db_name);

    if (mysqli_connect_errno($con)) {
        echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }

    $id       = ($_POST['id']);
    $password = md5($_POST['pass']);
    $fieldset = ($_POST['fieldset']); 
    $id       = mysqli_real_escape_string($con,$id);
    $password = mysqli_real_escape_string($con,$password);
    $fieldset = mysqli_real_escape_string($con,$fieldset);

    if ($fieldset == "add") {
        $sqlcommand="INSERT INTO members (student_id,student_pass) VALUES ('$id','$password')"; 
    } elseif (fieldset == "delete") {
        $sqlcommand="DELETE FROM members WHERE student_id LIKE '$id'";          
    } else {
        $sqlcomand='';
        echo "Your information is incorrect";
    }

    mysqli_query($con,$sqlcommand);
}

答案 1 :(得分:0)

您实际上并未在任何地方执行SQL查询。您需要在某处运行mysqli_query($con,$sqlcommand);

答案 2 :(得分:0)

您没有执行查询;使用mysql_query($sql); 希望它能帮助你:))