PHP和MYSQL中的编码错误

时间:2016-02-17 01:01:07

标签: php mysql

我遵循了一个youtube教程,该教程教你如何为PHP和MYSQL创建编辑和删除数据页面,但由于某些原因导致代码无效。出现了两条错误消息:

  

注意:未定义的变量:_Get在第6行的C:\ Users \ siaw_ \ PhpstormProjects \ Report Page \ modify.php

     

警告:mysql_fetch_array()要求参数1为资源,布尔值在第8行的C:\ Users \ siaw_ \ PhpstormProjects \ Report Page \ modify.php中给出

我完全遵循教程的方式...我对PHP& MYSQL所以请找出第6行和第8行的错误?

以下是代码:

<?php

include 'connect.php';

if(!isset($_POST['submit'])) {
    $q = "SELECT * FROM people WHERE ID = $_Get[id]";
    $result = mysql_query($q);
    $person = mysql_fetch_array($result);
}

?>

<h1>You Are Modifying A User</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
    Name <input type="text" name="inputName" value="<?php echo $person['Name']; ?>" /><br />
    Description <input type="text" name="inputDesc" value="<?php echo $person['Description']; ?>" />
    <br />
    <input type="hidden" name="id" value="<?php echo $_GET['id']; ?>" />
    <input type="submit" name="submit" value="Modify" />
</form>

<?php

if(isset($_POST['submit'])) {
    $u = "UPDATE people SET `Name`='$_POST[inputName]', `Description`='$_POST[inputDesc]' WHERE ID = $_POST[id]";
    mysql_query($u) or die(mysql_error());

    echo "User Has Been Modified";
    header("Location: index.php");

}
?>

此处还有我使用的youtube链接(https://www.youtube.com/watch?v=kc1bppUlqps

2 个答案:

答案 0 :(得分:2)

  • 您应该将变量正确绑定到查询中
  • 在使用*_real_escape_string()
    • 将变量用于查询之前,您还应该对其进行清理
  • 我认为在未满足第一个isset($_POST["submit"])条件时,您的网页会出错。

首先清理你的变量:

$id = mysql_real_escape_string((int) $_GET["id"]);

将它们绑定到您的查询中:

$q = "SELECT * FROM people WHERE ID = '$id'";

请注意,mysql_*已经deprecated,您应该至少考虑mysqli_*

但......不推荐使用mysql :(

如果您对mysqli_*感兴趣,可以查看:

首先,我们必须使用mysqli_*

连接到您的数据库(connection.php) 
$conn = new mysqli("Host", "Username", "Password", "Database"); /* REPLACE NECESSARY DATA */

/* CHECK CONNECTION */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

然后为您的php文件处理$_GET["id"]

if(isset($_POST['submit'])) {

  $stmt = $con->prepare("SELECT Name, Description FROM people WHERE ID = ?"); /* PREPARE THE QUERY */
  $stmt->bind_param("i", $_GET["id"]); /* BIND $_GET["id"] TO YOUR QUERY; i STANDS FOR INTEGER TYPE */
  $stmt->execute(); /* EXECUTE YOUR PREPARED QUERY */
  $stmt->bind_result($name, $description); /* BIND THE RESULTS TO THESE VARIABLES CORRESPONDINGLY */
  $stmt->fetch(); /* FETCH THE RESULTS */
  $stmt->close(); /* CLOSE THE PREPARED STATEMENT */

}

/* YOUR HTML CODE HERE */

if(isset($_POST['submit'])) {

  $stmt = $con->prepare("UPDATE people SET Name = ?, Description = ? WHERE ID = ?");
  $stmt->bind_param("ssi", $_POST["inputName"], $_POST["inputDesc"], $_POST["id"]); /* s STANDS FOR STRING TYPE */
  $stmt->execute();
  $stmt->close();

  echo "User Has Been Modified";
  header("Location: index.php");

}

答案 1 :(得分:1)

您需要将$ _GET放在外面,并且您的$ _GET语法也不正确,请尝试更改:

if(!isset($_POST['submit'])) {
    $q = "SELECT * FROM people WHERE ID = $_Get[id]";
    $result = mysql_query($q);
    $person = mysql_fetch_array($result);
}

这一个:

if(!isset($_POST['submit'])) {
    $id = $_GET['id'];
    $q = "SELECT * FROM people WHERE ID = $id";
    $result = mysql_query($q);
    $person = mysql_fetch_array($result);
}
相关问题
最新问题