您已启动需要按ajax更新user_points行的新程序 我的代码是
<?php
session_start();
include_once 'dbconnect.php';
if(!isset($_SESSION['user']))
{
header("Location: index.php");
}
$res=mysql_query("SELECT * FROM users WHERE user_id=".$_SESSION['user']);
$userRow=mysql_fetch_array($res);
// Retrieve data from database
$user_id = mysql_real_escape_string($_SESSION['user']);
$sql = mysql_query("UPDATE `users` SET user_points = user_points +'$user_points' WHERE user_id = " . $_SESSION['user']);
// close MySQL connection
mysql_close();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="refresh" content="0;URL= http://mywebsite/login-registration/home.php">
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body bgcolor="#ffffff">
</body>
</html>
我如何设置正确的查询以将数据发送到数据库我想通过ajax更新user_points从其他应用程序发送的信息此应用程序将ajax发送到php和php的user_points去更新用户点
答案 0 :(得分:0)
<?php
session_start();
include_once 'dbconnect.php';
if(!isset($_POST['user']))
{
header("Location: index.php");
die();
}
$user_id = mysql_real_escape_string($_POST['user']);
$res=mysql_query("SELECT * FROM users WHERE user_id=$user_id");
$userRow=mysql_fetch_array($res);
// Retrieve data from database
$sql = mysql_query("UPDATE `users` SET user_points = user_points +1 WHERE user_id = $user_id");
// close MySQL connection
mysql_close();
?>您的代码中未定义
$user_ponts。此外,您应该在SQL语句中使用转义的$user_id。此外,您应在标头重定向后使用die以防止执行其余代码。
进一步的$ _SESSION可能不是你想要用于ajax调用的东西。你可以改用$ _POST。
答案 1 :(得分:0)
我已经尝试了新代码,但我不知道如何更改它以验证用户是否登录并且它给出了错误 [2016年3月17日15:39:03欧洲/里斯本] PHP警告:mysql_fetch_array()期望参数1为资源,布线在第20行的/home/publiadd/public_html/mywebsite/login-registration/home.php中给出
<?php
$db = "publiadd_loginsx";//Your database name
$dbu = "publiadd_publix";//Your database username
$dbp = "1a3g7893fsh";//Your database users' password
$host = "localhost";//MySQL server - usually localhost
$dblink = mysql_connect($host,$dbu,$dbp);
$seldb = mysql_select_db($db);
if(isset($_GET['user_name']) && isset($_GET['user_points'])){
//Lightly sanitize the GET's to prevent SQL injections and possible XSS attacks
$user_name = strip_tags(mysql_real_escape_string($_GET['user_name']));
$user_points = strip_tags(mysql_real_escape_string($_GET['user_points']));
$sql = mysql_query("INSERT INTO `$db`.`users` (`user_id`,`user_name`,`user_points`) VALUES ('','$user_name','$user_points');");
if($sql){
//The query returned true - now do whatever you like here.
echo 'Your score was saved. Congrats!';
}else{
//The query returned false - you might want to put some sort of error reporting here. Even logging the error to a text file is fine.
echo 'There was a problem saving your score. Please try again later.';
}
}else{
echo 'Your name or score wasnt passed in the request. Make sure you add ?name=NAME_HERE&score=1337 to the tags.';
}
mysql_close($dblink);//Close off the MySQL connection to save resources.
?>