我正在为想要在其个人资料中更新或编辑其信息的学生创建更新页面。当他们编辑/更新他们的记录时,我需要验证..我的验证工作正常,但不保存数据库..
<?php
// First we execute our common code to connection to the database and start the session
require("common.php");
// At the top of the page we check to see whether the user is logged in or not
if(empty($_SESSION['user']))
{
// If they are not, we redirect them to the login page.
header("Location: login.php");
// Remember that this die statement is absolutely critical. Without it,
// people can view your members-only content without logging in.
die("Redirecting to login.php");
}
// Everything below this point in the file is secured by the login system
// We can display the user's username to them by reading it from the session array. Remember that because
// a username is user submitted content we must use htmlentities on it before displaying it to the user.
// Database Variables (edit with your own server information)
$server = 'localhost';
$user = 'root';
$pass = '';
$db = 'testing';
// Connect to server and select databse.
mysql_connect("$server", "$user", "$pass")or die("cannot connect");
mysql_select_db("$db")or die("cannot select DB");
$sql ="SELECT * FROM users_info WHERE username = '".$_SESSION['user']['username']."' ";
$result=mysql_query($sql);
if($result === FALSE) {
die(mysql_error()); // TODO: better error handling
}
// define variables and set to empty values
$nameErr = $addressErr = $ageErr = $cellnoErr = $emailErr = $fathers_nameErr = $f_occupationErr = $mothers_nameErr = $m_occupationErr = "";
$name = $address = $age = $cellno = $telno = $email = $fathers_name = $f_occupation = $mothers_name = $m_occupation = "";
while($rows=mysql_fetch_array($result)){
$test=mysql_fetch_array($result);
if(!$result)
{
die("Error: Data not found..");
}
$name = $test['name'];
$address = $test['address'];
$age = $test['age'];
$cellno = $test['cellno'];
$telno = $test['telno'];
$email = $test['email'];
$fathers_name = $test['fathers_name'];
$f_occupation = $test['f_occupation'];
$mothers_name = $test['mothers_name'];
$m_occupation = $test['m_occupation'];
}
if (isset($_POST['save']))
{
if (empty($_POST["name"]))
{$nameErr = "Name is required";}
else
{
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name))
{
$nameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["address"]))
{$addressErr = "Address is required";}
else
{
$address = ($_POST["address"]);
}
if (empty($_POST["age"]))
{$ageErr = "Age is required";}
if (empty($_POST["cellno"]))
{$cellnoErr = "Cellphone Number is required";}
if (empty($_POST["email"]))
{$emailErr = "Email is required";}
if(!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
{
$emailErr = "Invalid email format";
}
if (empty($_POST["fathers_name"]))
{$fathers_nameErr = "Father's Name is required";}
if(!preg_match("/^[a-zA-Z ]*$/",$fathers_name))
{
$fathers_nameErr = "Only letters and white space allowed";
}
if (empty($_POST["f_occupation"]))
{$f_occupationErr = "Father's Occupation is required";}
if(!preg_match("/^[a-zA-Z ]*$/",$fathers_name))
{
$fathers_nameErr = "Only letters and white space allowed";
}
if (empty($_POST["mothers_name"]))
{$mothers_nameErr = "Mother's Name is required";}
if(!preg_match("/^[a-zA-Z ]*$/",$mothers_name))
{
$mothers_nameErr = "Only letters and white space allowed";
}
if (empty($_POST["m_occupation"]))
{$m_occupationErr = "Mother's Occupation is required";}
if(!preg_match("/^[a-zA-Z ]*$/",$m_occupation))
{
$m_occupationErr = "Only letters and white space allowed";
}
function validate($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
mysql_query ("UPDATE `users_info` SET `name` ='$name', `address` ='$address',`age` ='$age', `cellno` ='$cellno' , `telno` ='$telno', `email` ='$email', `fathers_name` ='$fathers_name', `f_occupation` ='$f_occupation', `mothers_name` ='$mothers_name', `m_occupation` ='$m_occupation' WHERE username = '".$_SESSION['user']['username']."' ") or die(mysql_error());
header("Location: myprofile.php");
}
}
?>
common.php,includes session_start();以及所有内容。我只是想知道为什么,如果我更新/编辑记录,它不会保存在数据库中,也不会显示在他们的个人资料所在的下一页。
答案 0 :(得分:0)
return结束函数的执行。在执行查询之前,您将在validate()函数中返回:
function validate($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
// Doesn't go any further...
mysql_query ("UPDATE `users_info` SET `name` ='$name', `address` ='$address',`age` ='$age', `cellno` ='$cellno' , `telno` ='$telno', `email` ='$email', `fathers_name` ='$fathers_name', `f_occupation` ='$f_occupation', `mothers_name` ='$mothers_name', `m_occupation` ='$m_occupation' WHERE username = '".$_SESSION['user']['username']."' ") or die(mysql_error());
header("Location: myprofile.php");
}
答案 1 :(得分:0)
您的函数中未设置变量。请参阅Variable Scope
您需要将变量传递给函数才能使用它们。同样在函数中调用return时,它会立即停止执行该函数。永远不会触发您的更新。
不确定变量$ data的含义。我没有看到对验证功能的调用
function validate($data, $test)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
$name = $test['name'];
$address = $test['address'];
$age = $test['age'];
$cellno = $test['cellno'];
$telno = $test['telno'];
$email = $test['email'];
$fathers_name = $test['fathers_name'];
$f_occupation = $test['f_occupation'];
$mothers_name = $test['mothers_name'];
$m_occupation = $test['m_occupation'];
mysql_query ("UPDATE `users_info` SET `name` ='$name', `address` ='$address',`age` ='$age', `cellno` ='$cellno' , `telno` ='$telno', `email` ='$email', `fathers_name` ='$fathers_name', `f_occupation` ='$f_occupation', `mothers_name` ='$mothers_name', `m_occupation` ='$m_occupation' WHERE username = '".$_SESSION['user']['username']."' ") or die(mysql_error());
header("Location: myprofile.php");
exit();
}