更新查询不工作的PHP

时间:2016-01-04 07:40:59

标签: php mysqli

我正在开发一个项目,我想使用$_GET方法更新另一个用户的详细信息。我的问题是,当用户点击id时,它会转到编辑页面,但是当我更改某些内容并按下更新按钮时,它不会更新。我不确定我在这里做错了什么..我真的很感激有人可以帮助我。

//修改

我的代码现在正在工作,我现在只需将$ _POST更改为$ _REQUEST并且我的表单已更新..谢谢大家帮助我..谢谢..这是我编辑的代码..我已经采取了淘汰oassword领域,但我怀疑..使用请求是否安全?

<?php
include '../../connection.php';

$sid = $_REQUEST['sid'];
$query = "SELECT * FROM STUDENT WHERE STU_ID='$sid'";
$result = mysqli_query($connection, $query);

if(mysqli_num_rows($result)>0){
   while($row = mysqli_fetch_assoc($result)){
    $unm = $row["STU_UNAME"];
    $fnm = $row["STU_FNAME"];
    $lnm = $row["STU_LNAME"];
    $dob = $row["STU_DOB"];
    $add = $row["STU_ADD"];
    $tlp = $row["STU_PHONE"];
        $sem = $row["STU_SEM"];
        $img = $row["STU_IMG"];
        $sts = $row["STU_STATUS"];
        $cid = $row["CRS_ID"];
  }
}
else{
   $no = "0 result!";
}

if($_SERVER["REQUEST_METHOD"] == "POST"){
//insert details in data

$sid = $_POST["sid"]; $snm = $_POST["snm"]; $fst = $_POST["fnm"]; $lst = $_POST["lnm"]; $sdb = $_POST["dob"]; 
$sad = $_POST["add"]; $shp = $_POST["tlp"]; $stt = $_POST["sts"]; $sem = $_POST["sem"]; $cid = $_POST["cid"];

$sql = "UPDATE STUDENT SET 
        STU_ID='$sid', STU_UNAME='$snm', STU_FNAME= '$fst', STU_LNAME='$lst', STU_DOB='$sdb', STU_ADD='$sad', STU_PHONE='$shp', 
        STU_STATUS='$stt', STU_SEM='$sem', CRS_ID = '$cid' WHERE STU_ID='$sid'";

 //check if data is updated
 if (mysqli_query($connection, $sql)) {
    header("Location: searchStudent.php");
 }
 else {
    echo "Error: " . $sql . "<br>" . mysqli_error($connection);
  }
}
?>

这是我的表单代码:

<form class="contact_form" method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<ul>
   <li>
        <h2>Edit Students Details</h2>
        <span class="required_notification">* Denotes Required Field</span>
   </li>
   <li>
        <label for="id">Student ID: </label>
        <input type="text" name="sid" value="<?php echo $sid;?>"/>
</li>
<li>
    <label for="name">Username: </label>
    <input type="text" name="snm" value="<?php echo $unm;?>"/>
</li>
<li>
    <label for="name">First Name: </label>
    <input type="text" name="fnm" value="<?php echo $fnm;?>"/>
</li>
<li>
    <label for="name">Last Name: </label>
    <input type="text" name="lnm" value="<?php echo $lnm;?>"/>
</li>
<li>
    <label for="dob">Date of Birth: </label>
    <input type="date" name="dob" value="<?php echo $dob;?>"/>
</li>
<li>
    <label for="add">Address: </label>
    <textarea name="add" rows="4" cols="50"><?php echo $add;?></textarea>
</li>
<li>
    <label for="tlp">Phone: </label>
    <input type="text" name="tlp" value="<?php echo $tlp;?>"/>
</li>
<li>
    <label for="sts">Status: </label>
    <select name="sts">
        <option selected><?php echo $sts;?></option>
        <option value="FULLTIME">FULL TIME</option>
        <option value="PARTTIME">PART TIME</option>
    </select>
</li>
<li>
    <label for="sem">Semester: </label>
    <select name="sem">
        <option selected><?php echo $sem;?></option>
        <option value="1">1</option>
        <option value="2">2</option>
        <option value="3">3</option>
        <option value="4">4</option>
        <option value="5">5</option>
        <option value="6">6</option>
        <option value="7">7</option>
    </select>
</li>
<li>
    <label for="crs">Course: </label>
    <select name="cid">
        <option selected><?php echo $cid;?></option>
        <option value="AL">AL</option>
        <option value="DBM">DBM</option>
        <option value="DIT">DIT</option>
        <option value="DTM">DTM</option>
        <option value="FIS">FIS</option>
    </select>
</li>
<li>
    <button class="submit" type="submit" name="update">Update</button>
</li>

    

3 个答案:

答案 0 :(得分:0)

确保您的表单方法是POST

试试这段代码:

<?php
include '../../connection.php';
//
 $id = $_POST['id'];
$query = "SELECT * FROM STUDENT WHERE STU_ID='$id'";
$result = mysqli_query($connection, $query);

if(mysqli_num_rows($result)>0){
  while($row = mysqli_fetch_assoc($result)){
    $unm = $row["STU_UNAME"];
    $fnm = $row["STU_FNAME"];
    $lnm = $row["STU_LNAME"];
    $pwd = $row["STU_PWD"];
    $dob = $row["STU_DOB"];
    $add = $row["STU_ADD"];
    $tlp = $row["STU_PHONE"];
    $sem = $row["STU_SEM"];
    $img = $row["STU_IMG"];
    $sts = $row["STU_STATUS"];
    $cid = $row["CRS_ID"];
  }
}
else{
    $no = "0 result!";
}


$pwdErr = $cpwdErr= "";
if($_SERVER["REQUEST_METHOD"] == "POST"){
   if($_POST["pwd"] == $_POST["cpwd"]){
     if(strlen($_POST["pwd"])>8){
    //insert details in data

    $sid = $_POST["sid"]; $pwd = $_POST["pwd"]; $snm = $_POST["snm"]; $fst = $_POST["fnm"]; $lst = $_POST["lnm"];
    $sdb = $_POST["dob"]; $sad = $_POST["add"]; $shp = $_POST["tlp"]; $stt = $_POST["sts"]; $sem = $_POST["sem"];
    $cid = $_POST["cid"];

    $sql = "UPDATE STUDENT SET 
            STU_ID='$sid', STU_PWD='$pwd', STU_UNAME='$snm', STU_FNAME= '$fst', STU_LNAME='$lst', STU_DOB='$sdb', STU_ADD='$sad', STU_PHONE='$shp', 
            STU_STATUS='$stt', STU_SEM='$sem', CRS_ID = '$cid' WHERE STU_ID='$id'";

        //check if data is updated
        if (mysqli_query($connection, $sql)) {
            header("Location: searchStudent.php");
        }
        else {
            echo "Error: " . $sql . "<br>" . mysqli_error($connection);
        }
    }
    else{
        $pwdErr = "Invalid/Password must be more than 8 characters!";
    }
}
else{
    $cpwdErr = "Password not same!";
  }
}
?>

了解如何使用示例here准备语句。

希望这对你有所帮助!

答案 1 :(得分:0)

您的错误是您在表单中使用POST但使用$ _POST获取更改$ _get

def write(self, filename, text):
    f=open(filename,'w')
    f.write(text)
    f.close()

def savefile(self):
    global filename

    txt = text.get(0.0,END)
    if filename:
        self.write(filename, txt)
    else:
        ask=asksaveasfilename()
        if ask:
            filename = ask
            self.write(filename, txt)

答案 2 :(得分:0)

问题在于,您发布的ID是“sid”,但您只使用“{”作为$_POST['id']而不是$_POST['sid']。所以用这个 -

$id = $_POST['sid'];

而不是 -

$id = $_POST['id']