我该如何更新特定行(患者)?

时间:2014-07-15 06:14:52

标签: php 

<?php
    mysql_connect("localhost", "root", "") or die(mysql_error());
    mysql_select_db("dentalclinic") or die(mysql_error());

    if (isset($_POST['update'])){
    $UpdateQuery = "UPDATE appointment SET appointmentstatusid='$_POST[appointmentstatusid]'";
    mysql_query($UpdateQuery);
    };

    $sql = "SELECT * from appointment a join appointmentstatus s on (a.appointmentstatusid=s.appointmentstatusid) join patient p on (a.patientid=p.patientid)";
    $query = mysql_query($sql) or die(mysql_error());

    echo "<table border=1>
    <tr>
    <th>FIRST NAME</th>
    <th>LAST NAME</th>
    <th>APPOINTMENT STATUS</th>
    <th>UPDATE</th>
    </tr>";

    while($record = mysql_fetch_array($query)){
    echo "<form action=editstatus.php method=post>";
    echo "<tr>";
    echo "<td>"."<input type=text name=firstname value=".$record['firstname']."></td>";
    echo "<td>"."<input type=text name=lastname value=".$record['lastname']."></td>";
    echo "<td>";
    $query2 = "SELECT * from appointmentstatus"; 
    $result = mysql_query($query2);
    echo "<select name=appointmentstatusid>"; 
    while ($line = mysql_fetch_array($result)) {
    echo "<option value=".$line['appointmentstatusid'].">"; 
    echo $line['appointmentstatus'];
    echo "</option>";
    }
    echo "</select>";
    echo "</td>";

    echo "<td>"."<input type=submit name=update value=update"."></td>";
    echo "</tr>";
    echo "</form>";
    }       
echo "</table>"
?>

每次更新患者1的就诊情况时,都会影响其他患者(患者2,患者3 ......)的预约状况。我尝试在更新时添加代码WHERE appointmentstatusid='$_POST[appointmentstatusid]',但是当我这样做时,它不再更新。

3 个答案:

答案 0 :(得分:1)

您必须为您尝试影响的行设置有效且匹配的 ID。你如何确定这取决于你。然后,做一些像:

UPDATE table_name
SET column1=value1,column2=value2,...
WHERE some_column=some_value;

答案 1 :(得分:0)

在第6行试试这个

$UpdateQuery = "UPDATE appointment SET willChangeColumn = 'newValueForThatColumn' WHERE appointmentstatusid=".$_POST['appointmentstatusid'];

答案 2 :(得分:0)

要更新特定记录,您的查询应该有一个WHERE子句,指定要更新的内容

$UpdateQuery = "UPDATE appointment SET appointmentstatusid='$_POST[appointmentstatusid]' WHERE `appointmentid` = 1";

请注意:直接从$ _POST传递$ _POST [appointmentstatusid]变量会使您的代码容易受到sql注入攻击。尝试

$appointmentstatusid = (int) mysql_real_escape_string($_POST[appointmentstatusid]); 
$UpdateQuery = "UPDATE appointment SET appointmentstatusid='".appointmentstatusid ."' WHERE `appointmentid` = $id";

使用数据库抽象库进行练习。

相关问题
最新问题