MySQL多个查询不起作用

时间:2014-10-09 11:28:59

标签: php mysql forms

问题已解决

我创建了一个表单来处理来自管理员端的用户信息的更改,例如管理员更改用户的用户名和/或电子邮件。我在处理多个查询时遇到问题。

例如,如果管理员更改了用户名,则查询有效。如果管理员更改了电子邮件地址,则查询有效。但是,如果管理员通过表单同时更改用户名和电子邮件,则只会更改用户名。

有什么想法吗?我将提交我的代码但我会出于安全原因更改变量等。此外,出于安全原因,大写字母中的任何内容都已更改。代码对于每个单独的功能都是正确的,因为正如我所说,如果我只更改电子邮件,它的工作原理和实际更改。但是,如果我更改用户名和电子邮件,尽管电子邮件查询运行,但只有用户名会发生变化,而且回复电子邮件已被更改!

此外,值得注意的是所有字段,例如用户名字段和电子邮件字段是提交到一个页面的一个表单的一部分。 

if (isset($_POST['SUBMIT_BUTTON_PRESSED'])) {
//Gather all inputs from the form and sanitise it.
//REMOVED FOR SECURITY REASONS.

if($USERNAME_NEW != "") {
    if($USERNAME_NEW == $CURRENT_USERNAME) {
        echo "You have entered the username you are already using. Please enter a different username.";
    } else {
    $CHECK_USERNAME = "SELECT USERNAME_ROW FROM USERS_TABLE WHERE username='$USERNAME_NEW'";
    $RUN_QUERY = mysqli_query($CONNECTION INFO, $CHECK_USERNAME);
    $RESULT = mysqli_num_rows($RUN_QUERY);
    if($RESULT > 0) {
    echo "That username already exists. You cannot use that username again. Please enter another username.";    
    } else {
    $editing_username = true;
    $USERNAME = $NEW_USERNAME; //NOT NEEDED BUT IT STILL WORKS
    $THE_SQL_QUERY = "UPDATE USER_TABLE SET username='$USERNAME' WHERE username='$ORIGINAL USERNAME'";
    $RUN_THIS_QUERY= mysqli_query($CONNECTION INFO, $THE_SQL_QUERY);
    echo "The user's username has been changed to:  ". $USERNAME;
        }
    }
}
     if($EMAIL != "") {
        if($EMAIL == $CURRENT_EMAIL) {
            echo "You have entered the same email address to the one you are already using. Please enter a different email address.";
        } else {
            $CHECK_EMAIL = "SELECT USERS_EMAIL FROM USER_TABLE WHERE username='$USER'";
            $CHECK_EMAIL_QUERY = mysqli_query($CONNECTION_INFO, $CHECK_EMAIL);
            $RESULT = mysqli_num_rows($CHECK_EMAIL_QUERY);
            if($RESULT > 0) {
            echo "That email already exists. You cannot use that username again. Please enter another username.";   
            } else {
                $editing_email = true;
                $THE_NEW_EMAIL = $FINAL_EMAIL_THING; // AGAIN NOT NEEDED BUT STILL WORKS
                $THE_SQL= "UPDATE USER_TABLE SET USER_EMAIL='$EMAIL' WHERE username='$USER' LIMIT 1"; // REMOVED THE LIMIT 1, STILL DOESN'T WORK
                $RUN_THIS_QUERY = mysqli_query($CONNECTION, $THE_SQL);
                if($RUN_THIS_QUERY) {
                echo "The user's email has been changed."; // EVEN WHEN BOTH FIELDS ARE SUBMITTED THIS WORKS SO THE QUERY IS RUNNING BUT THE EMAIL DOESN'T CHANGE
                    }
                }
            }
        }

感谢您的帮助!此外,没有关于我的问题是如何构建等的不明智的评论,因为我不在乎诚实。我只是想让这段代码变得诚实,因为我已经在这方面工作了一段时间。这可能很简单,或者我可能会使用错误的方法进行此类表单提交。

请记住:当我单独提交每个字段时,此代码会正常工作!

1 个答案:

答案 0 :(得分:0)

很难弄明白,因为你没有制作真正的代码。

我想你在这里错过了什么。 当您使用USER_NAME作为SQL的密钥时,请确保您在第二组SQL中使用更新的用户名(以更新电子邮件),因为它们已被第一个SQL替换。

将代码片段显示给其他人时,不存在安全风险。仅隐藏用户名/密码或身份。 :)

相关问题
最新问题