Question

使用下面给出的PHP代码编辑特定记录时，数据库中的所有记录将同时编辑为一些垃圾值。这里＆＃34; db＆＃34;是数据库。我是PHP和SQL的新手。请帮忙

<?php
/* 
 EDIT.PHP
 Allows user to edit specific entry in database
*/

 // creates the edit record form
 // since this form is used multiple times in this file, I have made it a function that is easily reusable
 function renderForm($reportno, $dateofreceipt, $title, $type, $issuingagency, $markedto, $date, $remarks, $isdate, $issuedto, $returndate)
 {
 ?>
 <!DOCTYPE HTML PUBLIC >
 <html>
 <head>

 <title>Edit Record</title>
 </head>
 <body>


 <form action="edit.php" method="post">
  <div>
 <p><strong>Report No.:</strong> <?php echo $reportno; ?></p>
 <strong>Date of receipt: *</strong> <input type="date" name="dateofreceipt" value="<?php echo $dateofreceipt; ?>"/><br/>
 <strong>Report Title: *</strong> <input type="text" name="title" value="<?php echo $title; ?>"/><br/>
 <strong>Report Type: *</strong> <input type="text" name="type" value="<?php echo $type; ?>"/><br/>
 <strong>Issuing agency: *</strong> <input type="text" name="issuingagency" value="<?php echo $issuingagency; ?>"/><br/>
 <strong>Marked to: *</strong> <input type="text" name="markedto" value="<?php echo $markedto; ?>"/><br/>
 <strong>Date: *</strong> <input type="date" name="date" value="<?php echo $date; ?>"/><br/>
 <strong>Remarks: *</strong> <input type="text" name="remarks" value="<?php echo $remarks; ?>"/><br/>
 <strong>Issuing Date: *</strong> <input type="date" name="isdate" value="<?php echo $isdate; ?>"/><br/>
 <strong>Issued To: *</strong> <input type="text" name="issuedto" value="<?php echo $issuedto; ?>"/><br/>
 <strong>Return Date: *</strong> <input type="date" name="returndate" value="<?php echo $returndate; ?>"/><br/>
 <p>* Required</p>
 <input type="submit" name="submit" value="Submit">
 </div>
 </form> 
 </body>
 </html> 
 <?php
 }



 // connect to the database
 include('connect-db.php');

 // check if the form has been submitted. If it has, process the form and save it to the database
 if (isset($_POST['submit']))
 { 


 // get form data, making sure it is valid
 $reportno = $_POST['reportno'];
 $dateofreceipt = mysql_real_escape_string(htmlspecialchars($_POST['dateofreceipt']));
 $title = mysql_real_escape_string(htmlspecialchars($_POST['title']));
 $type = mysql_real_escape_string(htmlspecialchars($_POST['type']));
 $issuingagency = mysql_real_escape_string(htmlspecialchars($_POST['issuingagency']));
 $markedto = mysql_real_escape_string(htmlspecialchars($_POST['markedto']));
 $date = mysql_real_escape_string(htmlspecialchars($_POST['date']));
 $remarks = mysql_real_escape_string(htmlspecialchars($_POST['remarks']));
 $isdate = mysql_real_escape_string(htmlspecialchars($_POST['isdate']));
 $issuedto = mysql_real_escape_string(htmlspecialchars($_POST['issuedto']));
 $returndate = mysql_real_escape_string(htmlspecialchars($_POST['returndate']));



 //renderForm($reportno, $dateofreceipt, $title, $type, $issuingagency, $markedto, $date,$remarks, $isdate, $issuedto, $returndate, $error);

 // save the data to the database
 mysql_query("UPDATE `db` SET `Report No.`='[$reportno]',`Date of receipt`='[$dateofreceipt]',`Report Title`='[$title]',`Report Type`='[$type]',`Issuing agency`='[$issuingagency]',`Marked to`='[$markedto]',`Date`='[$date]',`Remarks`='[$remarks]',`Issuing date`='[$isdate]',`Issued to`='[$issuedto]',`Return Date`='[$returndate]' WHERE `Report No.`= '$id'")


 // once saved, redirect back to the view page
 header("Location: view.php"); 


  }

 // query db
 $id = $_GET['id'];
 $result = mysql_query("SELECT * FROM db WHERE `Report No.`= '$id'")
 or die(mysql_error()); 
 $row = mysql_fetch_array($result);

 // check that the 'id' matches up with a row in the databse
 if($row)
 {

 // get data from db

 $reportno = $row['Report No.'];
 $dateofreceipt = $row['Date of receipt'];
 $title= $row['Report Title'];
 $type= $row['Report Type'];
 $issuingagency= $row['Issuing agency'];
 $markedto= $row['Marked to'];
 $date= $row['Date'];
 $remarks=$row['Remarks'];
 $isdate= $row['Issuing date'];
 $issuedto= $row['Issued to'];
 $returndate= $row['Return Date']; 

 // show form
 renderForm($reportno, $dateofreceipt, $title, $type, $issuingagency, $markedto, $date, $remarks ,$isdate, $issuedto, $returndate, '');
 }


?>

Answer 1

这里有几个问题：

不推荐使用PhP中的mysql api。不要赌它工作更长时间。请改用mysqli api。
在您的查询中，“where 1部分是完全超级的.1表示真，where 1表示所有记录，此时您可以完全保留WHERE。您可能想要使用WHERE somekey = 1，这是不同的。

Answer 2

尝试此查询以进行更新。也不要忘记在语句后添加分号。使用mysqli_ *函数代替mysql _ *

mysqli_query("UPDATE `db` SET `Date of receipt`='$dateofreceipt',`Report Title`='$title',`Report Type`='$type',`Issuing agency`='$issuingagency',`Marked to`='$markedto',`Date`='$date',`Remarks`='$remarks',`Issuing date`='$isdate',`Issued to`='$issuedto',`Return Date`='$returndate' WHERE Report No = $reportno");

Answer 3

试试这个

mysql_query（＆＃34;更新db设置Report No. =＆＃34;。＆＃39; $ reportno＆＃39;。＆＃34;，Date of receipt =。＆＃34;＆＃39; $ dateofreceipt＆＃39;＆＃34; Report Title =＆＃34;＆＃39; $标题＆＃39;＆＃34; Report Type = ＆＃34;＆＃39; $类型＆＃39;＆＃34; Issuing agency =＆＃34;＆＃39; $ issuingagency＆＃39;＆＃34; {{1} } =＆＃34;＆＃39; $ markedto＆＃39;＆＃34; Marked to =＆＃34;＆＃39; $日期＆＃39;＆＃34; {{ 1}} =＆＃34;＆＃39; $备注＆＃39;＆＃34; Date =＆＃34;＆＃39; $ ISDATE＆＃39;＆＃34 ;, Remarks =＆＃34;＆＃39; $ issuedto＆＃39;＆＃34; Issuing date =＆＃34;＆＃39; $ returndate＆＃39;＆＃34 ; WHERE Issued to =。＆＃34;＆＃39; $ id＆＃39;。＆＃34;＆＃34;）

使用PHP编辑SQL数据库

3 个答案: