Question

我正在关注如何修改sql数据库的this教程。一切似乎都很好但是当我在下面运行我的代码时，我得到一个错误，说明第11行和第12行中的未定义索引未定义。任何人都可以指出我的错误吗？我甚至可以在另一个块中使用变量吗？（教程中的那个人）

<?php
include '/connection.php';
if(!isset($_POST['submit'])){
$query="SELECT * FROM SHOP WHERE ID=$_GET[id]";
$result=mysqli_query($conn,$query)or die(mysqli_error($conn));
$shop=mysqli_fetch_array($result);
}
?>
<form action="modify.php" method="POST">
    <input name="name" value="<?php echo $shop['name']; ?>">  //error here 
    <input name="city" value="<?php echo $shop['city']; ?>">  //and here
    <input type="hidden" name="id"  value="<?php echo $_GET['id']; ?>">
    <input type="submit" name=submit value="modify">
</form>
<?php 
if(isset($_POST['submit'])){
$q1="UPDATE shop SET name='$_POST[name]',city='$_POST[city]' WHERE ID=$_POST[id]";
   mysqli_query($conn,$q1)or die(mysqli_error($conn));
}
?>

Answer 1

尝试阅读和使用参数化查询（PDI或mysqli），因为它们容易被sql注入。

您需要定义$ shop = array（“shop”=＆gt;“”，“city”=＆gt;“”）;在页面顶部：

<?php
    include '/connection.php';
    $shop=array("shop"=>"","city"=>"");
    if(!isset($_POST['submit'])){
    $query="SELECT * FROM SHOP WHERE ID=$_GET[id]";
    $result=mysqli_query($conn,$query)or die(mysqli_error($conn));
    $shop=mysqli_fetch_array($result);
    }
    ?>
    <form action="modify.php" method="POST">
        <input name="name" value="<?php echo $shop['name']; ?>">  //error here 
        <input name="city" value="<?php echo $shop['city']; ?>">  //and here
        <input type="hidden" name="id"  value="<?php echo $_GET['id']; ?>">
        <input type="submit" name=submit value="modify">
    </form>
    <?php 
    if(isset($_POST['submit'])){
    $q1="UPDATE shop SET name='$_POST[name]',city='$_POST[city]' WHERE ID=$_POST[id]";
       mysqli_query($conn,$q1)or die(mysqli_error($conn));
    }
    ?>

或者你可以像这样设置：

<?php
    include '/connection.php';

    if(!isset($_POST['submit'])){
    $query="SELECT * FROM SHOP WHERE ID=$_GET[id]";
    $result=mysqli_query($conn,$query)or die(mysqli_error($conn));
    $shop=mysqli_fetch_array($result);
    }
    ?>
    <form action="modify.php" method="POST">
        <input name="name" value="<?php if(isset($shop['name'])) echo $shop['name']; ?>">  //error here 
        <input name="city" value="<?php if(isset($shop['city'])) echo $shop['city']; ?>">  //and here
        <input type="hidden" name="id"  value="<?php echo $_GET['id']; ?>">
        <input type="submit" name=submit value="modify">
    </form>
    <?php 
    if(isset($_POST['submit'])){
    $q1="UPDATE shop SET name='$_POST[name]',city='$_POST[city]' WHERE ID=$_POST[id]";
       mysqli_query($conn,$q1)or die(mysqli_error($conn));
    }
    ?>

Answer 2

这是因为shop变量没有所需的索引。试试这个：

<?php
include '/connection.php';
if(!isset($_POST['submit']))
{
    $query="SELECT * FROM SHOP WHERE ID=$_GET[id]";
    $result=mysqli_query($conn,$query)or die(mysqli_error($conn));
    $shop=mysqli_fetch_array($result);
}
?>
<form action="modify.php" method="POST">
    <input name="name" value="<?php echo isset($shop['name']) ? $shop['name'] : ''; ?>">
    <input name="city" value="<?php echo isset($shop['city']) ? $shop['city'] : ''; ?>">
    <input type="hidden" name="id"  value="<?php echo $_GET['id']; ?>">
    <input type="submit" name=submit value="modify">
</form>
<?php 
if(isset($_POST['submit']))
{
    $q1="UPDATE shop SET name='$_POST[name]',city='$_POST[city]' WHERE ID=$_POST[id]";
    mysqli_query($conn,$q1)or die(mysqli_error($conn));
}
?>

在不同php块的sql中使用php变量（Undefined variable：xxxx）

2 个答案: