我在网上看了好几个小时,但仍然无法弄清楚我的代码有什么问题。当我有$ SALES = 30时,代码工作正常; $ ID = 10;现在我想使用html表单发布这些值,但无法使其工作。
<?php
$http_origin = $_SERVER['HTTP_ORIGIN'];
if ($http_origin == "http://......")
{
header('Access-Control-Allow-Origin: *');
}
$SALES = $_POST['SALES'];//Supplied by html form
$ID = $_POST['ID'];//Supplied by html form
$con = mysqli_connect("xxx","TABLE","xxx");
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
mysqli_select_db($con,"xxxxxx") or die ("no database");
$sql="update TABLE
set
id = @newer := $ID,
tray_1 = case when tray_1 is null then @newer:=$SALES else tray_1 end,
tray_2 = case when @newer = $ID and tray_2 is null then @newer:=$SALES else tray_2 end,
tray_3 = case when @newer = $ID and tray_3 is null then @newer:=$SALES else tray_3 end
WHERE id = $ID";This updates table values where field is null
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
mysqli_close($con);
?>
我的代码出了什么问题?谢谢。
答案 0 :(得分:0)
第一行可能有一些拼写错误:
$SALES = '$_POST['SALES']';//Supplied by html form
应该是:
$SALES = $_POST['SALES'];//Supplied by html form
也许这会对你有帮助吗?
顺便说一下你应该检查一下mysql注入的内容,例如: PHP MySQL injection example?
以这种方式处理表单非常危险,因为任何人都可以在一秒钟内删除整个数据库。