更新不在Php和MySql中工作的数据

时间:2016-12-07 12:16:20

标签: php mysql edit

所以,我是php的新手并使用mysql。在我的程序中,我尝试进行简单的编辑,添加和删除功能。好吧,添加和删除功能正在运行,但编辑有问题...每当我去phpMyAdmin检查数据库是否有变化时,我都没有找到...
如果有人能指导我这一部分,我将非常感激......

adminpanel.php的一部分:

if(array_key_exists('editshirt', $_POST))
{
    include 'editshirt.php';
    exit();
}if(array_key_exists('changeshirt', $_POST))
{
    if(!mysqli_query($dbconnect, 'update shirts set 
        shirtName="'.mysqli_real_escape_string($dbconnect, $_POST['shirtName']).'",
        shirtDescription="'.mysqli_real_escape_string($dbconnect, $_POST['shirtDescription']).'",
        shirtGender="'.mysqli_real_escape_string($dbconnect, $_POST['shirtGender']).'",
        shirtColor="'.mysqli_real_escape_string($dbconnect, $_POST['shirtColor']).'",
        shirtPrice="'.mysqli_real_escape_string($dbconnect, $_POST['shirtPrice']).'",
        shirtPicture="'.mysqli_real_escape_string($dbconnect, $_POST['shirtPicture']).'",
        where shirts.shirtId="'.mysqli_real_escape_string($dbconnect, $_POST['shirtId']).''))
        echo ' ';
    exit();
}

这是我的editShirt.php 

<?php
$yas = mysqli_query($dbconnect, "select * from shirts where shirtId=".mysqli_real_escape_string($dbconnect, $_POST['shirtId']));
$roww = mysqli_fetch_array($yas);

echo "<p>Edit Shirt:</p>";
echo "<form action='?' method='post'>";

/*echo "<label for='shirtName'>Shirt Name: </label>
<input type='text' name='shirtName' value=".$roww['shirtName']."><br>";*/
echo "<label for='shirtName'>Shirt Name: </label>
<textarea name='shirtName' style='resize:none'>".$roww['shirtName']."</textarea><br>";

echo "<label for='shirtDescription'>Description: </label>
<textarea name='shirtDescription' rows='10' cols='30' style='resize:none'>".$roww['shirtDescription']."</textarea><br>";

echo "<label for='shirtGender'>Gender: </label>
<input type='radio' name='shirtGender' value='0'";
if($roww['shirtGender']=='0') echo"checked='checked'";
    echo ">Male&nbsp&nbsp<input type='radio' name='shirtGender' value='0'";
if($roww['shirtGender']=='1') echo "checked='checked'";
    echo ">Female&nbsp&nbsp<input type='radio' name='shirtGender' value='1'";
if($roww['shirtGender']=='2') echo "checked='checked'";
    echo ">Unisex<br><br>";

echo "<label for='shirtColor'>Color: </label>
<input type='radio' name='shirtColor' value='0'";
if($roww['shirtColor']=='0') echo "checked='checked'";
    echo ">Colored&nbsp&nbsp<input type='radio' name='shirtColor' value='1'";
if($roww['shirtColor']=='1') echo "checked='checked'";
    echo ">White&nbsp&nbsp<input type='radio' name='shirtColor' value='1'";
if($roww['shirtColor']=='2') echo "checked='checked'";
    echo ">Black<br><br>";

echo "<label for='shirtPrice'>Shirt Price: </label>
<input type='text' name='shirtPrice' value=".$roww['shirtPrice']."><br>";

echo "<label for='shirtPicture'>Shirt Picture: </label>
<input type='text' name='shirtPicture' value=".$roww['shirtPicture']."><br>";

echo "<input type='hidden' name='shirtId' value=".mysqli_real_escape_string($dbconnect, $_POST['shirtId']).">";

echo "<input type='submit' name='changeshirt' value='Update shirt'>";

echo "</form>";?>

2 个答案:

答案 0 :(得分:1)

虽然我已经更正了代码,但这段代码编写得非常糟糕。

mysqli_query($dbconnect, "update shirts set 
    shirtName='".mysqli_real_escape_string($dbconnect, $_POST['shirtName'])."',
    shirtDescription='".mysqli_real_escape_string($dbconnect, $_POST['shirtDescription'])."',
    shirtGender='".mysqli_real_escape_string($dbconnect, $_POST['shirtGender'])."',
    shirtColor='".mysqli_real_escape_string($dbconnect, $_POST['shirtColor'])."',
    shirtPrice='".mysqli_real_escape_string($dbconnect, $_POST['shirtPrice'])."',
    shirtPicture='".mysqli_real_escape_string($dbconnect, $_POST['shirtPicture'])."',
    where shirts.shirtId='".mysqli_real_escape_string($dbconnect, $_POST['shirtId'])."'");

希望这会有所帮助。

答案 1 :(得分:0)

虽然Manoj的答案应该有效(问题在于引用),但它仍然不是解决问题的正确方法。

以下效率稍差(但尝试测量差异)但是(恕我直言)它的可读性更高:

$d=array_map(array($dbconnect, 'real_escape_string'), $_POST); 
      // returns a numbered array
$d=array_combine(array_keys($_POST), $d);
      // restores the key names
$upd="update shirts set 
    shirtName       ='$d[shirtName]',
    shirtDescription='$d[shirtDescription]',
    shirtGender     ='$d[shirtGender]',
    shirtColor      ='$d[shirtColor]',
    shirtPrice      ='$d[shirtPrice]',
    shirtPicture    ='$d[shirtPicture]',
    where shirts.shirtId='$d[shirtId]'";
if (!mysqli_query($dbconnect, $upd) {
      your_error_handler(mysqli_error($dbconnect) . "\nin\n" . $upd);
      exit; 
}

这里我已经消除了对mysqli_real_excape_string的重复调用,因此我可以分别从调试PHP中调试SQL。

但重要的一点是,sql语句的冗长生成与条件调用是分开的(如果我们随后需要它,则保存查询字符串)然后添加对函数的调用以报告出错的地方!

但是真的要正确地构造它,我会创建一个数组来描述记录中的属性并迭代它以生成表单和mysql更新语句。

相关问题
最新问题