更新数据库中的记录

时间:2010-07-20 05:53:17

标签: php mysql

伙计们,我有这些代码来更新数据库中的记录。

请p ..检查这些是否正确?

<?php
session_start(); 
include "db.php"; 

$username = $_SESSION['username'];


$query="SELECT * FROM members where username='".mysql_real_escape_string($username)."'";

$result=mysql_query($query);
$num=mysql_numrows($result);

mysql_close();


$userid             =mysql_result($result,$i, 'userid');
$firstname          =mysql_result($result,$i,'firstname');
$lastname           =mysql_result($result,$i,'lastname');
$username           =mysql_result($result,$i,'username');
$email              =mysql_result($result,$i,'email');
$age                =mysql_result($result,$i,'age');
?>

<form action="update.php" method="post">
<input type="hidden" name="u_userid" value="<? echo "$userid" ?>">
<table>
<tr><td>ID:</td> <td><? echo "$userid"?></td></tr>
<tr><td>First Name:</td> <td> <input type="text" name="u_firstname" value="<? echo "$firstname"?>"></td></tr>
<tr><td>Last Name: </td> <td><input type="text" name="u_lastname" value="<? echo "$lastname"?>"></td></tr>
<tr><td>Username:</td> <td> <input type="text" name="u_username" value="<? echo "$username"?>"></td></tr>
<tr><td>Email:</td> <td> <input type="text" name="u_email" value="<? echo "$email"?>"></td></tr>
<tr><td>Age: </td> <td><input type="text" name="u_age" value="<? echo "$age"?>"></td></tr>
<tr><td></td><td><input type="Submit" value="Update Info">
</td></tr>
</form>
<tr><td></td><td><form action="form2.html" method="post">
<input type="submit" value="Cancel"></form></td></tr>
</table
  

并在update.php中

<?php
session_start(); 
include "db.php"; 

$userid             =mysql_result($result, 'userid');
$firstname          =mysql_result($result, 'firstname');
$lastname           =mysql_result($result, 'lastname');
$username           =mysql_result($result, 'username');
$email              =mysql_result($result, 'email');
$age                =mysql_result($result, 'age');

include "db.php"; 

$query="UPDATE members SET firstname='$u_firstname' , lastname='$u_lastname', username='$u_username' , email='$u_email', age='$u_age' ";

$result=mysql_query($query);


mysql_close();

echo "Record Updated
 <br><br>

<form action=\"form2.html\" >
<input type=\"submit\" value=\"ok!\" />
</form>
";

?>

实际上它显示了很多像这样的错误/警告

警告:mysql_result():提供的参数不是第7行的C:\ web \ htdocs \ salome \ this \ update.php中的有效MySQL结果资源

警告:mysql_result():提供的参数不是第8行的C:\ web \ htdocs \ salome \ this \ update.php中的有效MySQL结果资源

警告:mysql_result():提供的参数不是第9行的C:\ web \ htdocs \ salome \ this \ update.php中的有效MySQL结果资源

警告:mysql_result():提供的参数不是第10行的C:\ web \ htdocs \ salome \ this \ update.php中的有效MySQL结果资源

警告:mysql_result():提供的参数不是第11行的C:\ web \ htdocs \ salome \ this \ update.php中的有效MySQL结果资源

警告:mysql_result():提供的参数在第12行的C:\ web \ htdocs \ salome \ this \ update.php中不是有效的MySQL结果资源

我会做什么..

请帮帮我... :-(

2 个答案:

答案 0 :(得分:5)

您正在尝试从数据库中获取结果(但即使不执行查询),而您必须通过$ _POST数组

从表单中使用已编辑的数据
<?php
session_start(); 
include "db.php"; 

$user_id   = mysql_real_escape_string($_SESSION['userid']);

$firstname = mysql_real_escape_string($_POST['u_firstname']);
$lastname  = mysql_real_escape_string($_POST['u_lastname']);
$lastname  = mysql_real_escape_string($_POST['u_lastname']);
$username  = mysql_real_escape_string($_POST['u_username']);
$email     = mysql_real_escape_string($_POST['u_email']);
$age       = mysql_real_escape_string($_POST['u_age']);
//etc

$query     = "UPDATE members SET firstname='$firstname', lastname='$lastname',
                             username='$username' , email='$email', age='$age' 
              WHERE userid = '$user_id'";

$result    = mysql_query($query) or trigger_error(mysql_error().$query);

请注意,用户标识应来自SESSION,而不是FORM
你应该从不编辑用户ID。

答案 1 :(得分:-1)

在更新查询中使用如下,

$query="UPDATE members SET firstname='$u_firstname' , lastname='$u_lastname', username='$u_username' , email='$u_email', age='$u_age' where userid = '$u_userid' ";

在页面末尾使用mysql_close();(即在提取结果之后)。