使用PHP输入更新PHPmyAdmin

时间:2016-02-24 08:38:55

标签: php mysql

以下是我的代码,问题是当用户尝试更新故障单详细信息(或故障单的任何部分)后,他们无法再更新故障。

 <?php
 ob_start();
 include("includes/session.php");
 include("includes/checksession.php");

 ?>
 <!DOCTYPE html>
 <html>
 <head>
 <title>جزئیات تیکت</title>
 <?php 
include("config.php");
include("includes/jdf.php");
include("includes/header.php");
include("includes/all-nav.php");
include("includes/functions.php");
$call_id = checkid($_REQUEST['call_id']);
include("includes/ez_sql_core.php");
include("includes/ez_sql_mysqli.php");
include("includes/class.phpmailer.php");
$action = "";
$actionstatus = "";
$close_email = "";
$statusquery = "";
$db = new ezSQL_mysqli(db_user,db_password,db_name,db_host);
$isnotes = $db->get_var("SELECT count(*) from site_notes WHERE (note_relation = $call_id) AND note_type = 1;");


//<UPDATE>
if (isset($_POST['nacl'])){
 if ( $_POST['nacl'] == md5(AUTH_KEY.$db->get_var("select last_login from site_users where user_id = $user_id;")) ) {
//authentication verified, continue.
$call_id = checkid($_POST['call_id']);

//call details
$call_first_name = $db->escape($_POST['call_first_name']);
$call_email = $db->escape($_POST['call_email']);
$call_phone = $db->escape($_POST['call_phone']);
$call_department = $db->escape($_POST['call_department']);
$call_request = $db->escape($_POST['call_request']);
$call_company = $db->escape($_POST['call_company']);
$call_details = $db->escape($_POST['call_details']);
$call_solution = $db->escape($_POST['call_solution']);
$call_staff = $db->escape($_POST['call_staff']);
$call_subject = $db->escape($_POST['call_subject']);
//call status
$call_status = $db->escape($_POST['call_status']);
$call_status_now = $db->escape($_POST['call_status_now']);

if (isset( $_POST['call_date2'] ) ) {
    $call_date2 = strtotime($_POST['call_date2']);
}

// if no status change
if($call_status_now == 0 && $call_status == 0){
    $call_date2 = 0;
    }

//if changing call status from open to closed
if($call_status_now == 0 && $call_status == 1){
    $call_date2 = strtotime(date('Y-m-d'));
    $statusquery="call_date2=$call_date2,";
    $close_email = 1;
    }

//if changing from closed to open.
if($call_status_now == 1 && $call_status == 0){
    $call_date2 = 0;
    }

//if changing from deleted to open.
if($call_status_now == 3 && $call_status == 0){
    $call_date2 = 0;
    //undelete call notes
    $db->query("UPDATE site_notes SET note_type = 1 WHERE note_relation = $call_id;");
    }


//if changing from deleted to closed.
if($call_status_now == 3 && $call_status == 1){
    $call_date2 = 0;
    //undelete call notes
    $db->query("UPDATE site_notes SET note_type = 1 WHERE note_relation = $call_id;");
    }

//if changing call status to deleted.
if($call_status == 3){
    $nacl = md5(AUTH_KEY.$db->get_var("select last_login from site_users where user_id = $user_id;"));
    $del_link = "call_edit.php?call_id=$call_id&action=delete&nacl=$nacl";
    //echo $del_link;
    //exit;
    header("Location: $del_link");
    }




$call_date = strtotime($db->escape($_POST['call_date']));

$uquery = "UPDATE site_calls SET call_status=$call_status,call_date=$call_date,call_date2=$call_date2,$statusquery call_first_name='$call_first_name',call_email='$call_email',call_subject='$call_subject',call_phone='$call_phone',call_department=$call_department,call_request=$call_request,call_company=$call_company,call_details='$call_details',call_solution='$call_solution',call_staff=$call_staff WHERE call_id = $call_id;";
//  echo $uquery;
$db->query($uquery);

//send the user a message closed email.
if ($close_email == 1) {
    sendmessage_closed($call_id);
}



$actionstatus = "<div class=\"alert alert-success\" style=\"max-width: 250px;\">
<button type=\"button\" class=\"close\" data-dismiss=\"alert\">&times;    </button>
آپدیت شد.
</div>";
 }
}
//</UPDATE>

$nacl = md5(AUTH_KEY.$db->get_var("select last_login from site_users where user_id = $user_id;"));
$site_calls = $db->get_row("SELECT call_id,call_first_name,call_last_name,call_phone,call_email,call_subject,call_department,call_request,call_company,call_details ,call_date,call_date2,call_status,call_solution,call_phone,call_staff,call_user FROM site_calls WHERE (call_id = $call_id) limit 1;");
?>
<h4>تیکت # <?php echo $call_id;?> &bull; Notes: <a href="#notes"><?php echo $isnotes;?></a></h4>
<?php echo $actionstatus;?>

<form action="call_edit.php" method="post" enctype="multipart/form-data" class="form-horizontal" id="ticketedit">
<input type="hidden" name="call_status_now" value="<?php echo $site_calls->call_status; ?>">
<table class="<?php echo $table_style_33;?>" style='width:75%;'>
<?php
$call_id = $site_calls->call_id;
$call_user = $site_calls->call_user;
if ($call_user == 0){
    $call_user = "Not Registered";
}
$call_request = $site_calls->call_request;
$request_name = $db->get_var("SELECT type_name from site_types WHERE (type_id = $call_request);");
$call_department = $site_calls->call_department;
$department_name = $db->get_var("SELECT type_name from site_types WHERE (type_id = $call_department);");
$call_company = $site_calls->call_company;
$company_name = $db->get_var("SELECT type_name from site_types WHERE (type_id = $call_company);");
$call_staff = $site_calls->call_staff;
$staff_name = $db->get_var("SELECT user_name from site_users WHERE (user_id = $call_staff);");
?>
<?php if($user_level <> 1){?>
<tr><td valign="top" style="width: 150px;">وضعیت</td>
<td><select style="width: 150px;" type="hidden"  name='call_status'>
<option value='0'<?php if($site_calls->call_status == 0){echo ' selected';}?>>باز</option>
<option value='1'<?php if($site_calls->call_status == 1){echo ' selected';}?>>بسته</option>
<option value='3'<?php if($site_calls->call_status == 3){echo ' selected';}?>>حذف شده</option>
</select> &nbsp; <a href="call_edit.php?call_id=<?php echo $call_id;?>&action=delete&nacl=<?php echo $nacl;?>" onclick="return confirm('آیا مطمعن هستید میخواهید حذف کنید؟')"><i class="fa fa-times" title="حذف کردن"></i></a>
</td></tr>
<?php } ?>
<?php if($user_level == 1){?>
<tr><td valign="top" style="width: 150px;">وضعیت</td>
<td><?php echo $call_status ?>
<?php if($site_calls->call_status == 0){echo ' باز';}?>
<?php if($site_calls->call_status == 1){echo ' بسته';}?>
<?php if($site_calls->call_status == 3){echo ' حذف شده';}?>

</td></tr>
<?php } ?>
<?php if($user_level <> 1){?>
<tr><td>تاریخ</td></td>
<td>
<input type="text" name="call_date" value="<?php echo date("Y-m-d",($site_calls->call_date + (TIMEADJUST * 3600)));?>" id="datepicker" class="input-small"></td></tr>   
<?php } ?>
<?php if($user_level == 1){?>
<tr><td>تاریخ</td></td>
<td>
    <?php echo date("Y-m-d",($site_calls->call_date + (TIMEADJUST * 3600)));?>
</td></tr>
<?php } ?>
<?php if ($site_calls->call_status == 1){ ?>
 <tr><td><strong>بسته</strong></td></td>
<td><?php echo date('Y-m-d',$site_calls->call_date2);?><input type="hidden" name="call_date2" value="<?php echo date('Y-m-d',$site_calls->call_date2);?>"></td></tr>
<?php } ?>

<tr><td>نام</td>
<td><input type="text" name="call_first_name" value="<?php echo $site_calls->call_first_name;?>" class="input-xlarge"> 
</td></tr>

<tr><td>ایمیل</td>
<td><input type="text" name="call_email" value="<?php echo $site_calls->call_email;?>" class="input-xlarge"></td></tr>



<tr><td>شماره تماس</td>
<td><input type="text" name="call_phone" value="<?php echo $site_calls->call_phone;?>" class="input-medium"></td></tr>

<tr><td>دپارتمان</td><td><select name='call_department'>
<?php $call_dept = $db->get_results("select type_id,type_name from site_types where type=1");
foreach ($call_dept as $dept )
{?>
<option value='<?php echo $dept->type_id;?>'<?php if($dept->type_id == $call_department){echo ' selected';}?>><?php echo $dept->type_name;?></option>
<?php } ?>
</select></td></tr>

<tr><td>درخواست</td><td><select name='call_request'>
<?php $request_name = $db->get_results("select type_id,type_name from site_types where type=2");
foreach ($request_name as $request )
{?>
<option value='<?php echo $request->type_id;?>'<?php if($request->type_id == $call_request){echo ' selected';}?>><?php echo $request->type_name;?></option>
<?php } ?>
</select></td></tr>

<tr><td>شرکت</td><td><select name='call_company'>
<?php $company_name = $db->get_results("select type_id,type_name from site_types where type=3");
foreach ($company_name as $company )
{?>
<option value='<?php echo $company->type_id;?>'<?php if($company->type_id == $call_company){echo ' selected';}?>><?php echo $company->type_name;?></option>
<?php } ?>
</select></td></tr>

     <tr><td>موضوع</td>
<td><input type="text" name="call_subject" value="<?php echo $site_calls->call_subject;?>" class="input-xlarge"></td></tr>
<tr><td valign="top">جزئیات</td><td><textarea rows="4" name="call_details" style="width: 100%"><?php echo $site_calls->call_details; ?></textarea></td></tr>

<?php if($user_level <> 1){?>
<tr><td valign="top">پاسخ</td><td><textarea rows="4" name="call_solution" style="width: 100%"><?php echo $site_calls->call_solution; ?></textarea></td></tr>
<tr><td>پشتیبان</td><td><select style="width: 200px;" name='call_staff'>
<option value="0"></option>
<?php $staff_name = $db->get_results("select user_id,user_name from site_users where user_level<>1 order by user_name;");
foreach ($staff_name as $staff )
{?>
<option value='<?php echo $staff->user_id;?>'<?php if($staff->user_id == $call_staff){echo ' selected';}?>><?php echo $staff->user_name;?></option>
<?php } ?>
</select></td></tr>

<?php } ?>


<?php if($user_level == 1){?>
<tr><td valign="top">پاسخ</td><td><?php echo $site_calls->call_solution;?></td></tr>
<tr><td>پشتیبان</td><td>
<?php $staff_name = $db->get_results("select user_id,user_name from site_users where user_level<>1 order by user_name;");
foreach ($staff_name as $staff )
{?>
<?php if($staff->user_id == $call_staff) echo $staff->user_name;?>
<?php } ?>
</td>
</tr>


<?php } ?>











</table>
<input type='hidden' name='nacl' value='<?php echo $nacl;?>'>
<input type='hidden' name='call_id' value='<?php echo $call_id;?>'>
<input type="submit" value="update" class="btn btn-primary">

</form>


<?php
if(isset($_SESSION['name'])){

echo "<p><strong>Name:</strong> " . $_SESSION['name'] . "</p>";
}
include("includes/footer.php");

现在,当用户更改表格中的字段并尝试更新时,会显示ticket updated,然后没有任何反应。

1 个答案:

答案 0 :(得分:0)

您的问题出在您的查询中:

#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '* WHERE call_id = 689' at line 1

并导致此错误:

SET name='x'

尝试添加其他内容,例如@Component({ selector: 'my-dropdown', inputs: ['selectedItem', 'items', 'label'], outputs: ['selectedItemChange'], template: ` <div class="field"> <label>{{label}}</label> <select class="ui search selection dropdown" [ngModel]="selectedItem" (change)="onChange($event.target.value)"> <option value="" selected>Please Select</option> <option *ngFor="#item of items" [value]="item.value">{{item.label}}</option> </select> </div>` }) export class MyDropdownComponent { items: DropdownValue[]; selectedItem: DropdownValue; selectedItemChange: EventEmitter<any> = new EventEmitter(); private onChange(newValue) { console.log(newValue); this.selectedItem = this.items.find(item => item.value == newValue); console.log(this.selectedItem); this.selectedItemChange.emit(newValue); } } 或在查询执行时要更改的其他内容!