使用php编辑和插入表单元素

时间:2015-12-16 09:20:20

标签: php forms

我有一个表格可以插入并更新

<form name="image_form" enctype="multipart/form-data" action="image-upload.php" method="POST" id="image_form" role="form">
<div class="form-group">
    <label>Image</label>
    <input name="picture" type="file" id="pics" value="">
</div>
<div class="form-group">
    <label>Image Name</label>
    <input name="picture_name" type="text" required class="form-control" value="<?php echo $row_images['img_name']; ?>">
</div>
<div class="form-group">
    <label>Image Description</label>
    <input name="picture_descrip" type="text" required class="form-control" value="<?php echo $row_images['img_descrip']; ?>">
</div>
<button type="submit" class="btn btn-default">Save</button>

表单操作image-upload.php 

    <?php
    require_once ('connections/dbconnect.php');
    if (!function_exists("GetSQLValueString")) {
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") {
        if (PHP_VERSION < 6) {
            $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
        }

        $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
        switch ($theType) {
            case "text":
                $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
                break;

            case "long":
            case "int":
                $theValue = ($theValue != "") ? intval($theValue) : "NULL";
                break;

            case "double":
                $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
                break;

            case "date":
                $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
                break;

            case "defined":
                $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
                break;
        }
        return $theValue;
    }
}

$target_dir = "imgs/";
$target_file = $target_dir . basename($_FILES["picture"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);

// Check for image originality
if (isset($_POST["save"])) {
    $check = getimagesize($_FILES["picture"]["tmp_name"]);
    if ($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } 
    else {
        echo "File is not an image.";
        $uploadOk = 0;
    }
}

// Check if file already exists
if (file_exists($target_file)) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
}

// image size limit
if ($_FILES["picture"]["size"] > 600000) {
    echo "Sorry, your file is too large.";
    $uploadOk = 0;
}

// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
    $uploadOk = 0;
}

//update query
if ((isset($_GET['edit'])) && ($_GET['edit'] != "")) {
    $updateSQL = sprintf("UPDATE `image` SET image=%s, img_name=%s,   img_descrip=%s WHERE img_id=%s", GetSQLValueString($_FILES["picture"]["name"], "text"), GetSQLValueString($_POST['picture_name'], "text"), GetSQLValueString($_POST['picture_descrip'], "text"), GetSQLValueString(date("y-m-d"), "date"), GetSQLValueString($_POST['img_id'], "int"));

    mysql_select_db($database_dbconnect, $dbconnect);
    $Result1 = mysql_query($updateSQL, $dbconnect) or die(mysql_error());

    $updateGoTo = "image-list.php?msg=Image updated successfullly";
    if (isset($_SERVER['QUERY_STRING'])) {
        $updateGoTo.= (strpos($updateGoTo, '?')) ? "&" : "?";
        $updateGoTo.= $_SERVER['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $updateGoTo));
} 
else {

    //insert query
    $insertSQL = sprintf("INSERT INTO `images` (image, img_name, img_descrip, img_date ) VALUES (%s, %s, %s, %s)", GetSQLValueString($_FILES["picture"]["name"], "text"), GetSQLValueString($_POST['picture_name'], "text"), GetSQLValueString($_POST['picture_descrip'], "text"), GetSQLValueString(date("y-m-d"), "date"));

    mysql_select_db($database_dbconnect, $dbconnect);
    $Result1 = mysql_query($insertSQL, $dbconnect) or die(mysql_error());

    $insertGoTo = "image-list.php?msg=Image successfully Posted!!!";
    if (isset($_SERVER['QUERY_STRING'])) {
        $insertGoTo.= (strpos($insertGoTo, '?')) ? "&" : "?";
        $insertGoTo.= $_SERVER['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $insertGoTo));
}

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
    echo "Sorry, your file was not uploaded.";

    // if everything is ok, try to upload file


} 
else {
    if (move_uploaded_file($_FILES["picture"]["tmp_name"], $target_file)) {
        echo "The file " . basename($_FILES["picture"]["name"]) . " has been uploaded.";
    } 
    else {
        echo "Sorry, there was an error uploading your file.";
    }
}
?>

现在参数&#39;编辑&#39;来自这里

<a href="image-edit.php?edit=<?php echo $row_images['img_id']?>" title="Edit User">
 <button type="button" class="btn btn-primary btn-circle">
 <i class="fa fa-pencil"></i></button>
</a>

但是当我点击应该更新它的编辑按钮继续插入时,我做错了什么?

1 个答案:

答案 0 :(得分:1)

SQL查询中的问题,在变量中:

$updateSQL = sprintf("UPDATE `image` SET 
      image=%s,
      img_name=%s,  
      img_descrip=%s 
      WHERE img_id=%s",
       GetSQLValueString($_FILES["picture"]["name"], "text"),
       GetSQLValueString($_POST['picture_name'], "text"),
       GetSQLValueString($_POST['picture_descrip'], "text"),
       GetSQLValueString(date("y-m-d"), "date"),
       GetSQLValueString($_POST['img_id'], "int"));

因此,对于img_id,您设置了GetSQLValueString(date("y-m-d"), "date") 我相信您的查询中应该有img_date,类似:

 $updateSQL = sprintf("UPDATE `image` SET 
          image=%s,
          img_name=%s,  
          img_descrip=%s 
          img_date=%s 
          WHERE img_id=%s",
相关问题
最新问题