PHP sql无法更新表

时间:2015-07-17 16:59:36

标签: php mysqli

我运行了我的网站,发现我的桌子无法更新。 我试图在互联网上搜索答案,但我找不到任何解决方案。这是我的代码

change.php:

<?php session_start(); ?>
<?php require_once('mysql_connect.inc.php'); ?>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "projectdb";
$conn =mysqli_connect($servername, $username, $password, $dbname);
$query_rs = "SELECT * FROM product , user where product.suppNo = user.suppNo and loginName='".$_SESSION['loginName']."'";
$rs = mysqli_query($conn , $query_rs) or die(mysql_error());
$row_rs = mysqli_fetch_assoc($rs);
$totalRows_rs = mysqli_num_rows($rs);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>change</title>
</head>

<body>
<table border="1">
  <tr>
    <td>Action</td>
    <td>Product Number</td>
    <td>Product Name</td>
    <td>Product Price</td>
    <td>Quanlity</td>
     <td>Photo</td>
    <td>Category Number</td>
  </tr>
  <?php do { ?>
    <tr>
    <td><a href="change.php?prodNo=<?php echo $row_rs['prodNo']; ?>">Update Record</a></td>
      <td><?php echo $row_rs['prodNo']; ?></td>
      <td><?php echo $row_rs['prodName']; ?></td>
      <td><?php echo $row_rs['prodPrice']; ?></td>
      <td><?php echo $row_rs['stockQty']; ?></td>
      <td><img src="images/<?php echo $row_rs['prodPhoto']; ?>" /><form action="upload.php" method="post" enctype="multipart/form-data">
    Select image to upload:
    <input type="file" name="fileToUpload" id="fileToUpload">
    <input type="submit" value="Upload Image" name="submit">
</form></td>

      <td><?php echo $row_rs['prodNo']; ?></td>
    </tr>
    <?php } while ($row_rs = mysqli_fetch_assoc($rs)); ?>
</table>
<?php
if (isset ($_GET['prodNo'])){
    $prodNo = $_GET['prodNo'];
    $sql = "SELECT * FROM product WHERE prodNo ='$prodNo'";
    $rs = mysqli_query($conn,$sql) or die(mysqli_error($conn));
    $row_rs = mysqli_fetch_assoc($rs);
$form = <<<EOD
    <form method="GET" action="change_finish.php">
    <label></br>Product Number <input name="prodNo" type="text" name="prodNo" readonly="readonly" value="%s" /></label>
    <label></br>Product Name<input type="text" name="prodName"  value="%s" /></label>
    <label></br>Product Price<input type="text" name="prodPrice"  value="%s" /></label>
    <label></br>Quanlity<input type="text" name="stockQty"  value="%s" /></label>
    <label></br>Category Number<input type="text"  name="catNo" value="%s" /></label>
    </form>
    <input type="submit" name="submit" onclick="window.location.href='change_finish.php';"/>
    <input type="button" value="Cancel" onclick="window.location.href='blank.php';"/>
EOD;
printf($form,$row_rs['prodNo'],$row_rs['prodName'],$row_rs['prodPrice'],$row_rs['stockQty'],$row_rs['catNo']);

}
?>
</body>
</html>
<?php
mysqli_free_result($rs);
?>

change_finish.php 

<?php
require_once('mysql_connect.inc.php');
?>
    <?php
$servername = "localhost";
$username   = "root";
$password   = "";
$dbname     = "projectdb";
$conn = mysqli_connect($servername, $username, $password, $dbname) or     die(mysqli_error());
?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>none</title>
    </head>
    <body>

    <?php
if (isset($_GET['submit'])) {
    $prodNo    = $_GET['prodNo'];
    $prodName  = $_GET['prodName'];
    $prodPrice = $_GET['prodPrice'];
    $stockQty  = $_GET['stockQty'];
    $catNo     = $_GET['catNo'];

    $sql = "UPDATE product SET prodName ='{$prodName}', prodPrice = '{$prodPrice}', stockQty = '{$stockQty}' WHERE prodNo ='{$prodNo}' ";
    mysqli_query($conn, $sql) or die(mysqli_error($conn));
}
header("location:change.php");
?>
</body>
</html>

我尝试将$ _GET更改为$ _POST,但仍无法更新表格。 谁能告诉我错误在哪里?

1 个答案:

答案 0 :(得分:0)

看看你的表格方法:

<form method="POST" action="..."> <!-- use $_POST -->
<form method="GET"  action="..."> <!-- use $_GET  -->

确保您准备并执行查询。如果您的任何字段包含单引号,则会破坏您的查询。

if (isset($_GET['submit'])) {
    $prodNo    = $_GET['prodNo'];
    $prodName  = $_GET['prodName'];
    $prodPrice = $_GET['prodPrice'];
    $stockQty  = $_GET['stockQty'];
    $catNo     = $_GET['catNo'];

    $sql = "UPDATE product SET prodName = ?, prodPrice = ?, stockQty = ? WHERE prodNo = ?";

    $stmt = mysqli_prepare($conn, $sql);
    mysqli_stmt_bind_param($stmt, 'ssis', $prodName, $prodPrice, $stockQty, $prodNo);
    mysqli_stmt_execute($stmt);
}

为此,我猜测了绑定的类型:

prodName -> product name -> probably a string
prodPrice -> product price -> probably contains a period ($4.99) -> string 
stockQty -> stock quantity -> number
prodNo -> product number -> probably a number, but could be a string too, depends on your standards
相关问题
最新问题