我的代码基本上覆盖了学生向特定教授提交的请求(对于容量已满的类)。假设有2名学生要求覆盖同一个班级,当教授登录时,代码会提取两个覆盖请求并选择接受/拒绝,当我作为教授接受/拒绝单个覆盖请求时,它会覆盖请求的操作,而不是我选择的操作。
基本上它不接受/拒绝所选择的请求,它对所有覆盖执行相同的操作。
代码:
<?php
} else if ($usertype == 1) {
$server = "";
$user = "";
$pass = "";
$db = "";
$db2 = "";
$db3 = "";
$user1 = $_SESSION['username'];
$mysqli = new Mysqli($server, $user, $pass, $db) or mysqli_error($mysqli);
$mysqli2 = new Mysqli($server, $user, $pass, $db2) or mysqli_error($mysqli);
$mysqli3 = new Mysqli($server, $user, $pass, $db3) or mysqli_error($mysqli);
$status= $mysqli->query("SELECT status FROM Overrides WHERE professor = '$user1'")->fetch_object()->status;
$overrides = $mysqli->query("SELECT * FROM Overrides WHERE professor = '$user1'");
$num_rows = mysqli_num_rows($overrides);
?>
<form method="post" action="dbheads.php" name="HF" id="HF" autocomplete="off">
<script type="text/javascript">
function submitForm(action)
{
document.getElementById('HF').action = action;
document.getElementById('HF').submit();
}
</script>
<?php if ($status == 1) {
echo " Overrides today: " . $num_rows;
?>
<?php
while($row = mysqli_fetch_array($overrides)) { ?>
<fieldset> <?php
echo "First Name: " . $row['name'] . "<br />";
echo "<br />Mid. Name: " . $row['mname'] . "<br />";
echo "<br />Fam. Name: " . $row['fname'] . "<br />";
echo "<br />Student ID: " . $row['sid'] . "<br />";
echo "<br />Scolarship: " . $row['sc'] . "<br />";
echo "<br />Phone No: " . $row['phone'] . "<br />";
echo "<br />Email: " . $row['email'] . "<br />";
echo "<br />Subject: " . $row['subject'] . "<br />";
echo "<br />Section: " . $row['section'] . "<br />";
echo "<br />Semester: " . $row['semester'] . "<br />";
$name = $row['name'];
echo "<input type='hidden' name='name' value='$name'>";
$mname = $row['mname'];
echo "<input type='hidden' name='mname' value='$mname'>";
$fname = $row['fname'];
echo "<input type='hidden' name='fname' value='$fname'>";
$sid = $row['sid'];
echo "<input type='hidden' name='sid' value='$sid'>";
$sc = $row['sc'];
echo "<input type='hidden' name='sc' value='$sc'>";
$phone = $row['phone'];
echo "<input type='hidden' name='phone' value='$phone'>";
$email = $row['email'];
echo "<input type='hidden' name='email' value='$email'>";
$subject = $row['subject'];
echo "<input type='hidden' name='subject' value='$subject'>";
$section = $row['section'];
echo "<input type='hidden' name='section' value='$section'>";
$semester = $row['semester'];
echo "<input type='hidden' name='semester' value='$semester'>";
?>
<br />
<div>
<label for="comments" accesskey="c">Notes & Comments:</label><br />
<input type="textarea" name="comments" id="comments" cols="35" rows="10">
<br>
</div>
<br>
<script type="text/javascript">
function submitForm(action)
{
document.getElementById('HF').action = action;
document.getElementById('HF').submit();
}
</script>
...
<input type="button" onclick="submitForm('dbheads.php')" value="Accept" />
<input type="button" onclick="submitForm('dbheads2.php')" value="Deny" /></form>
</fieldset>
<br>
<?php } }
?>
<br />
dbheads.php
<?php
include_once 'includes/db_connect.php';
include_once 'includes/functions.php';
sec_session_start();
?>
<html>
<?php
$mysql_host = "";
$mysql_username = "";
$mysql_password = "r!~";
$mysql_database = "";
$user = $_SESSION['username'];
if (login_check($mysqli) == true) : ?>
<p>Welcome <?php echo htmlentities($user); ?>!</p>
<?php
$mysqli = new Mysqli($mysql_host, $mysql_username, $mysql_password, $mysql_database) or die(mysqli_error());
$status = 2;
$stmt = $mysqli->prepare("UPDATE Overrides SET status=? WHERE username='$user'");
$stmt->bind_param("s", $status);
$stmt->execute();
echo htmlentities(accepted);
?>
<?php else : ?>
<p>
<span class="error">You are not authorized to access this page.</span> Please <a href="index.php">login</a>.
</p>
<?php endif; ?>
</html>
bheads2.php
<html>
<?php
$mysql_host = "";
$mysql_username = "";
$mysql_password = "";
$mysql_database = "";
$user = $_SESSION['username'];
if (login_check($mysqli) == true) : ?>
<p>Welcome <?php echo htmlentities($user); ?>!</p>
<?php
$mysqli = new Mysqli($mysql_host, $mysql_username, $mysql_password, $mysql_database) or die(mysqli_error());
$status = 5;
$stmt = $mysqli->prepare("UPDATE Overrides SET status=? WHERE username='$user'");
$stmt->bind_param("s", $status);
$stmt->execute();
echo htmlentities(denied);
?>
<?php else : ?>
<p>
<span class="error">You are not authorized to access this page.</span> Please <a href="index.php">login</a>.
</p>
<?php endif; ?>
</html>
有关如何解决此问题的任何帮助?我是初学者,所以请忽略凌乱的代码。
答案 0 :(得分:-1)
您似乎正在使用以下查询更新数据库
$stmt = $mysqli->prepare("UPDATE Overrides SET status=? WHERE username='$user'")
这就是说用户名是登录的用户还是使用该页面的位置将更新为您选择的状态,您是否拥有每行覆盖的唯一标识符?也许是Override_ID。
如果是这样,我会在您的第一页上获取该数据并将其放入隐藏的输入中,然后使用以下查询:
$ovid = $_POST['ovid'];
$stmt = $mysqli->prepare("UPDATE Overrides SET status=? WHERE override_id='$ovid'")
修改
您似乎也在更新页面上更新WHERE username='$user'而不是WHERE professor='$user'