我有一个编辑表单来更新一首歌,但它重定向到show_profile.php而不更新歌曲的数据库条目。
我的其他功能,如show,delete正常工作。
我的edit_song.php:
$userID = ProfileDB::getInstance()->get_user_id_by_email($_SESSION['email']);
$songID = $_GET['songID'];
$song = mysqli_fetch_array(ProfileDB::getInstance()->get_song_by_song_id($songID));
if ($_SERVER['REQUEST_METHOD'] == "POST"){
$artist = filter_var($_POST['artist'], FILTER_SANITIZE_STRING);
$songTitle = filter_var($_POST['song'], FILTER_SANITIZE_STRING);
if ($artistIsValid && $songIsValid) {
ProfileDB::getInstance()->update_song($_POST['songID'], $_POST['artist'], $_POST['song']);
header('Location: show_profile.php' );
exit;
}
}
<form method="POST" id="editSong">
<input type="hidden" name="songID" value="<?php echo $songID; ?>" />
<label>Artist:</label>
<input type="text" name="artist" value="<?php echo $currentSong['artist']; ?>" /><br/>
<label>Song Title</label>
<input type="text" name="song" value="<?php echo $currentSong['song']; ?>" /><br/>
<br />
<input type="submit" value="Edit Song"/>
</form>
在我的ProfileDB类中:
public function update_song($songID, $artist, $song) {
$artist = $this->real_escape_string($artist);
$song = $this->real_escape_string($song);
$this->query("UPDATE song SET artist = '" . $artist .
"', song = '" . $song . "' WHERE id = '" . $songID . "'");
}
我缺少什么以及如何解决?我已经激活了 使用error_reporting(E_ALL);在所有页面上,但它重定向到show_profile.php没有任何错误或警告。
答案 0 :(得分:0)
感谢@FrankerZ,我可以在我的SQL语句中修复songID-Value之外的引号:
public function update_song($songID, $artist, $song) {
$artist = $this->real_escape_string($artist);
$song = $this->real_escape_string($song);
$this->query("UPDATE isp_songs SET artist = '" . $artist . "', song = '" . $song . "' WHERE id = " . $songID );
}