逐行更新

时间:2015-08-24 09:17:46

标签: php mysqli

点击按钮编辑后,我正在尝试更新/插入我的数据库(col:note)。但是,如果我更改一行中的值,则会更新所有行的相同值。我尝试为插入和更新sql添加WHERE条件(基于afnumber< - unique id),但无法使其工作。有什么帮助吗?

$conn = new PDO('mysql:host=localhost;dbname=jr', 'root', 'Js');
    $conn->exec("set names utf8");
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
    $num_rows = $conn->query('SELECT COUNT(*) FROM employees')->fetchColumn(); 
    $pages = new Paginator($num_rows,9,array(15,3,6,9,12,25,50,100,250,'All'));
    echo $pages->display_pages();
    echo "<span class=\"\">".$pages->display_jump_menu().$pages->display_items_per_page()."</span>";
    $stmt = $conn->prepare("SELECT employees.afnumber,employees.name,employees.dateofemployment,employees.actualpost,employees.department FROM employees WHERE employees.status='Employed' AND (employees.afnumber LIKE '%$search%' OR employees.name LIKE '%$search%') ORDER BY employees.afnumber DESC LIMIT :start,:end");
    $stmt->bindParam(':start', $pages->limit_start, PDO::PARAM_INT);
    $stmt->bindParam(':end', $pages->limit_end, PDO::PARAM_INT);
    $stmt->execute();
    $result = $stmt->fetchAll();

    $ewhtable = "<table class='sortable'><tr><th>AFNumber</th><th>Employee Name</th><th>Years of Service</th><th>Actual Post</th><th>Department</th><th>Note</th><th>Deducted Hours</th></tr>\n";
    foreach($result as $row) {
        $years=explode("/", $row[2]);
        $years[2]=intval(date ('Y')) - $years[2];

$sql="SELECT note,deductedwh FROM editedworkhours WHERE afnumber='$row[0]'";

$var = "";
$varr = "";  

$stmt = $conn->prepare($sql);
$stmt->execute();
$result2 = $stmt->fetchAll();

foreach ($result2 AS $row2) {
  $var .= $row2['deductedwh'] . "\n";
    $varr .= $row2['note'] . "\n";
}
        $Id = $row[0];
        $ewhtable .= "<tr><td>$row[0]</td><td>$row[1]</td><td>$years[2]</td><td>$row[3]</td><td>$row[4]</td><td><form method='post'><input type='text' name='Note' value='$varr' style=' padding: 10px;border: solid 2px #c9c9c9; width:200px; height:2px;'><input type='submit' id='search' name='edit' alt='search' value=''></form></td><td>$var</td></tr>\n";
    }



    $ewhtable .= "</table>\n";
    echo $ewhtable;

    exportTable(str_replace("&","",$ewhtable),"EmployeeDeductedWorkHoursTable");
    echo $pages->display_pages();
    echo "<p class=\"paginate\">Page: $pages->current_page of $pages->num_pages</p>\n";

          if(isset($_POST['edit']))
    {   
        $note = $_POST['Note'];  

     $sql1="SELECT Note FROM editedworkhours"; 

if ($result=mysqli_query($con,$sql1))
  {

  $rowcount=mysqli_num_rows($result);
  }
    if($rowcount==0)
     {
 $sql="INSERT INTO editedworkhours (Note) VALUES ('$note')";
 $result = mysqli_query($con,$sql);
     }
     else
     {
 $sql2 = "UPDATE editedworkhours SET Note= '$note'";
 $result2 = mysqli_query($con,$sql2);
     }

    }
    echo "</div>";

1 个答案:

答案 0 :(得分:1)

此代码中存在太多错误,从缺少错误报告,SQL注入的直接危险,混合不同的数据库API,缺少正确的SQL等等 - 太多而无法在一个帖子中回答。

这个问题必须过于宽泛,你必须和教科书一起坐几个小时。