为什么从数据库中选择的多条记录未在我的HTML中显示?

时间:2010-09-01 05:56:10

标签: sql-server-2005 perl cgi-bin

将记录从SQL Server数据库提取到带有select的HTML表单以通过CGI程序进行更新后,多个所选项目不会显示为已选中。我正在使用Perl。

  use CGI;
 use CGI qw/:standard/;
 use CGI::Carp qw(warningsToBrowser fatalsToBrowser);
 my $q = new CGI;
 my $query = new CGI;
 my @list =new CGI;
 my $val =new CGI;
 my $var =new CGI;
 use DBI;
 use CGI qw(:all);
 print "Content-Type: text/html\n\n";

  $query = $ENV{'QUERY_STRING'}; 
  @list = split( /\&/, $query);  
  foreach (@list) {
  ($var, $val) = split(/=/);
  $val =~ s/\'//g;
  $val =~ s/\+/ /g;
  $val =~ s/%(\w\w)/sprintf("%c", hex($1))/ge;
  ($var, ' = ', $val,);     
 }
 my $db_instance = "My server name";
 my $db_name = "Users";(My Database name)
 my $db_user = "";
 my $db_pass = "";
 my $dbh = DBI->connect("DBI:ODBC:Driver={SQL
   Server};Server=$db_instance;Database=$db_name;UID=$db_user;PWD=$db_pass", 
   {'RaiseError' => 1, 'AutoCommit' => 0});

 my $sth = $dbh->prepare("SELECT * FROM UserForm WHERE UserId=$val");
 $sth->execute;
  while (@row = $sth->fetchrow_array()) {
  my $User_Name=$row[1];
  my $User_Role=$row[2];
  my $User_Permission=$row[3];
  my $User_Department = $row[4];

   my $User_Role_html = "";
     my $sql = "select RoleName from Roles";
     my $sth = $dbh->prepare($sql);
    $sth->execute;
    while (my  $User_Role_option= $sth->fetchrow_array)
 {
   $User_Role_html .= "<option value=\"$User_Role_option\"";
   $User_Role_html .= " selected" if ( $User_Role_option eq $User_Role );
   $User_Role_html .= ">$User_Role_option</option>";
 }

   my $User_Permission_Add_sel = $User_Permission eq "Add" ? " checked" : "";
  my $User_Permission_Edit_sel =$User_Permission eq "Edit" ? " checked" : "";
  my $User_Permission_Delete_sel =$User_Permission eq "Delete" ? " checked" : "";
  my $User_Permission_View_sel =$User_Permission eq "View" ? " checked" : "";



    my $User_Department_html = "";
    my $sql = "select DepartmentName from Departments order by DepartmentName";
    my $sth = $dbh->prepare($sql);
    $sth->execute;
    while (my $User_Department_option = $sth->fetchrow_array) {
        $User_Department_html .= "<option value=\"$User_Department_option\"";
        $User_Department_html .= " selected" if ($User_Department_option eq 
          $User_Department);
        $User_Department_html .= ">$User_Department_option</option>";
    }
  print <<END_HTML;
 <html>
 <head><title></title></head>
   <body>
 <form action="DataUpdate.cgi" method="get">
 <input type="hidden" name="UserId"  value="$val">
  <input type="hidden" name="submit" value="Submit">
  <TABLE BORDER="1" align="center">
 <TR>
 <TD>User name</TD>
  <TD> <input type="text" name="User_Name" value="$User_Name"></TD>
 </TR>
  <TR>
  <TD>Role</TD>
  <TD colspan="2"><select name="User_Role">$User_Role_html</select></TD>
  </TR>
  <TR>
  <TD>Permission</TD>
 <TD><input type="radio" name="User_Permission"  
 value="Add"$User_Permission_Add_sel>Add<input type="radio" name="User_Permission" 
  value="Edit"$User_Permission_Edit_sel>Edit<input type="radio" name="User_Permission" 
  value="Delete"$User_Permission_Delete_sel>Delete<input type="radio" 
  name="User_Permission" value="View"$User_Permission_View_sel>View</TD>
  </TR>
  <TR>
  <TD>Department</TD>

    <TD colspan="2"> <select name="User_Department" multiple="multiple" SIZE=4
     >$User_Department_html</select></TD>
   </TR>
   </TR>
     <TR>
    <TD align="center" colspan="2">
  <input type="submit" name="update" value="UPDATE">
   </TD>
   </TR>
      </TABLE>
    </form>
     </body></html>
    END_HTML
     }
       $dbh->commit or die $DBI::errstr;
     $dbh->disconnect;

This is COMPLETE code, please, and do  help me out.

最初我在名为UserForm.cgi的页面中有一个表单。我有一个select列表,我可以在其中选择多个部门,并按

获取所选值 
my $User_Department = join(", ", $q->param("User_Department"));

其中$User_Department是选择框的名称。单击“提交”后,这些值将插入到每个用户的Department1Department2表中。之后,我在页面Datagrid.cgi中有一个数据网格,我在其中获取所有表格数据。其余细节与我在上面的问题中描述的相同。

实际上我在CGI页面中有一个数据网格,我有一个edit超链接到数据网格的每一行。当我点击超链接然后它进入下一页我有一个表单,其中显示我在数据库中限制给特定用户的任何数据。在表格的select列表中,我有一个部门列表。如果用户分配了一个部门,那么它将显示为已选择,但如果分配了多个部门,则不会显示所选部门。

实际上,我所面临的问题是在选定的if()附近,每当我提取的用户只分配了一个部门时,它就会在表单的select列表中显示为已选中但是如果有多个部门之间用逗号分隔,则表示没有显示任何选定的符号。我尝试了foreach循环,也删除了逗号,但我不知道该做什么以及如何做。 $val只是$UserID我使用Query字符串方法获取它。    任何人都可以尽可能地帮助我..............

1 个答案:

答案 0 :(得分:1)

首先,请注意Bobby tables(SQL注入)问题:使用->prepare->execute做得很好,但是你没有使用->execute正确:您不应该在查询中内联$val,永远!

将前两行更改为:

my $sth = $dbh->prepare('SELECT * FROM UserForm WHERE UserId=?');
$sth->execute($val);

除了@rows未在代码段中声明外,所有内容都看起来不错......但它依赖于一件事:

my $User_Department = $row[4];

您确定用户的部门是该表的第五列吗?我想可能是您遇到的可能问题。

我建议您SELECT User_Department FROM UserForm Where UserId=? 然后执行while (my $User_Department = $sth->fetchrow_array()) {,或者(更好)使用小写的hashref来从表中获取信息:

while ( my $row = $sth->fetchrow_hashref('NAME_lc') ) {
    my $User_Department = $row->{'user_department'};
    # your code as before
}

以上可能是更好的方法,因为它允许您引用命名列而不是它们在表create table ..中的位置;假设问题是你想要获取的列的位置..使用hashrefs将避免这种情况。

我的2美分

相关问题
最新问题