我有问题。我的会话已经设置但我想再为我的编辑创建一个会话。我在我的编辑页面中设置了一个会话,并在功能中检索它,但如果我回到我的编辑,我的会话变量已被删除。任何人都可以帮助我。
编辑页面:
$plate_no = $_POST["plate_no"];
$_SESSION["plate_no"] = $plate_no;
$plate_no_view = $_SESSION['plate_no'];
var perfTimes = $(this).serialize();
$.post("functionedit.php", {result: perfTimes, txt1: mytxt1, txt2: mytxt2, txt3: mytxt3 }, function(data) {
if (data.errors) {
var alertErrors = "The following errors were found: ";
$.each(data.errors, function(index, error){
alertErrors += "\n" + "\n" + error.message;//Add each error in a new line
});
alert(alertErrors);}
else {
alert(data.message);
window.location.href = data.redirect; }
}, "json");
});
});
功能页面:
$mydata = $_POST["result"];
$inputs = [];
parse_str($mydata, $inputs);
extract($inputs);
$errors = [];
$_SESSION["plate_no"] == true;
if(empty($errors)) {
mysql_query("update cars set horse_power = '$horse_power' , torque = '$torque' , transmission = '$trasmission_char $trasmission_no' , drive_train = '$drive_train' , dimensional = '$length/$width/$height' , seating = '$seating' , car_condition = '$condition' , air_bag='$air_bag' , wheels = '$wheel_front/$wheel_rear' , suspensions = '$suspensions_front/$suspensions_rear' , brakes='$brake_front/$brake_rear' , eng_type = '$eng_type' , fuel_type = '$fuel_type' , selling_price='$selling_price' where plate_no = '$plate_no'");
if(isset($_POST["txt1"])){
for($i=0;$i<=count($_POST["txt1"])-1;$i++){
mysql_query("INSERT INTO expenses VALUES ('','$plate_no', '". $_POST["txt1"][$i] ."','". $_POST["txt2"][$i] ."',CURRENT_TIMESTAMP, '". $_POST["txt3"][$i] ."')");
}
}
$response = array(
'message' => 'Successfully Edited',
'redirect' => "edit.php"
);
echo json_encode($response);
}else {
$response = array(
'errors' => $errors
);
echo json_encode($response);
}
答案 0 :(得分:0)
1)
这不起作用,因为在页面加载之间仅保留会话变量$_SESSION[]。您也没有打电话给session_start()
$plate_no = $_POST["plate_no"];
$_SESSION["plate_no"] = $plate_no;
功能页面
mysql_query("INSERT INTO expenses VALUES ('','$plate_no', '"
2)
您有SQLInjection漏洞
3)
不要使用mysql*功能,他们已过时且危险,请使用mysqli*或pdo