我的数据库在提交后没有更新

时间:2014-11-22 15:25:28

标签: php mysql sql database web

打开此页面时,必须显示多个表单。每个表单是针对特定员工的,用户决定他想要分配给哪个员工时段,点击时间,点击提交,然后数据库更新,新值和表单再次显示,一切正常,除了db没有得到更新。 这是我认为你需要看到的代码的一部分:

<?php
ini_set('display_errors',1); 
 error_reporting(E_ALL);
// Start database connection
include ('connection.php');
session_start();
// Write QUERY                  
                    if ( isSet($_POST['Time_in'], $_POST['Time_out'], $_POST['Spec_ID']  ) ) {
                    $qry="UPDATE 'Specialist' SET 'Time_in' = '".$_POST['Time_in']."' ,  Time_out = '".$_POST['Time_out']."'  WHERE Spec_ID ='".$_POST['Spec_ID']."';";
                    $result = mysql_query ($qry);
                        $qry = 'SELECT * FROM Specialist' ;
                    }
                else

                        $qry = 'SELECT * FROM Specialist' ;
                    //Run QUERY
                    $result = mysql_query ($qry);       
?>


<!DOCTYPE html>
<html lang="en">

<head>

    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="description" content="">
    <meta name="author" content="">

    <title>Assign to time slot</title>

</head>

<body scroll="no" style="overflow: hidden">

<div class="wrapper">

    <div class="logo"><a href="adminpage.html"><img src="logo.png"  alt="logo" height="162px"width="800px"  style="border-style:none" title="Home"/></a></div>



                    <?php


if($result) {
$did = 0;
Print " <table style='width:100%'>";

while($info=mysql_fetch_array($result))
{
if($did==0){
Print "<form  method='POST' enctype='multipart/form-data' style='display:inline;' >

<tr>
     <td><figure style='text-align:centre;'>
  <img STYLE='border: thin solid grey;left:00px;top:00px;'src='img/idimg.jpg' alt='idimage' width='110' height='110'>
  <figcaption>".$info['Spec_Name']."<br/>".$info['Spec_ID']."<br/>".$info['Specialty']. "</br>  

  From: <select name='Time_in'>
  <option disabled selected> unspecified </option>
  <option value='08:00'>08:00AM</option>
  <option  value='09:00'>09:00AM</option>
  <option  value='10:00'>10:00AM</option>
  <option  value='11:00'>11:00AM</option>
  <option  value='12:00'>12:00AM</option>
    <option value='02:00'>02:00PM</option>
  <option value='04:00'>04:00PM</option>
  <option  value='05:00'>05:00PM</option>
</select>


 TO: <select name='Time_out'>
    <option disabled selected> unspecified </option>
  <option value='08:00'>08:00PM</option>
  <option value='09:00'>09:00PM</option>
  <option value='10:00'>10:00PM</option>
  <option value='11:00'>11:00PM</option>
  <option value='12:00'>12:00PM</option>
    <option value='02:00'>02:00PM</option>
  <option value='04:00'>04:00PM</option>
  <option value='05:00'>05:00PM</option>
</select>

<input type='hidden' name='Spec_ID' value='".$info['Spec_ID']."' />
<input name='Submit' type='submit' value='Assign' /> 
  </br></br></br></figcaption>
</figure></td> </form>";

$did++;
continue; }



if($did==1){

Print "<form  method='POST' enctype='multipart/form-data' style='display:inline;'  >


     <td><figure style='text-align:centre;'>
  <img STYLE='border: thin solid grey;left:00px;top:00px;'src='img/idimg.jpg' alt='idimage' width='110' height='110'>
  <figcaption>".$info['Spec_Name']."<br/>".$info['Spec_ID']."<br/>".$info['Specialty']. "</br>  

  From: <select name='Time_in'>
    <option disabled selected> unspecified </option>
  <option value='08:00'>08:00AM</option>
  <option value='09:00'>09:00AM</option>
  <option value='10:00'>10:00AM</option>
  <option value='11:00'>11:00AM</option>
  <option value='12:00'>12:00AM</option>
    <option value='02:00'>02:00PM</option>
  <option value='04:00'>04:00PM</option>
  <option value='05:00'>05:00PM</option>
</select>


 TO: <select name='Time_out'>
  <option disabled selected> unspecified </option>
  <option value='08:00'>08:00PM</option>
  <option value='09:00'>09:00PM</option>
  <option value='10:00'>10:00PM</option>
  <option value='11:00'>11:00PM</option>
  <option value='12:00'>12:00PM</option>
  <option value='02:00'>02:00PM</option>
  <option value='04:00'>04:00PM</option>
  <option value='05:00'>05:00PM</option>
</select>

<input type='hidden' name='Spec_ID' value='".$info['Spec_ID']."' />
<input name='Submit' type='submit' value='Assign' /> </br></br></br></figcaption>
</figure></td></tr> </form>";
$did--;

}
}
Print " </table>";

}

else echo "There are no specialists";

    ?>



</div>
    <!-- /.container -->

</div>
</body>
</html>


<?php 
// close database connection
MYSQL_CLOSE ($con);
?>

当我在phpmyadmin中尝试此查询以更新其工作的值时!但不在我的代码中

1 个答案:

答案 0 :(得分:1)

UPDATE 'Specialist' SET 'Time_in'
       ^          ^

表名不能放在引号内。这是您的查询失败的主要原因。您也没有检查查询执行的结果。

另外:How can I prevent SQL injection in PHP?