我下载了JTable PHP演示文件并修改了代码。以下是我的表现..
enter code here //Prepare jTable
$('#PeopleTableContainer').jtable({
title: 'User Maintenance',
actions: {
listAction: 'PersonActions.php?action=list',
createAction: 'PersonActions.php?action=create',
updateAction: 'PersonActions.php?action=update',
deleteAction: 'PersonActions.php?action=delete'
},
fields: {
strUsrName: {
key: true,
create: false,
edit: false,
list: true,
title: 'UserName'
},
strUsrFName: {
title: 'FirstName',
width: '10%'
},
strUsrMName: {
title: 'MiddleName',
width: '10%'
},
dtmUsrCreated: {
title: 'Record date',
width: '30%',
type: 'date',
create: false,
edit: false
}
}
});
这是我的查询......
//Updating a record (updateAction)
else if($_GET["action"] == "update")
{
//Update record in database
$result = mysql_query("UPDATE tbluser SET strUsrFName = '" . $_POST["strUsrFName"] . "', strUsrMName = " . $_POST["strUsrMName"] . " WHERE strUsrName = " . $_POST["strUsrName"] . ";") or die('ERROR: '.mysql_error());
//Return result to jTable
$jTableResult = array();
$jTableResult['Result'] = "OK";
print json_encode($jTableResult);
}
我的主要问题是:当我删除die()时,表更新了它上面的数据,但它没有更新数据库中的数据,因此我猜测错误在查询中或者可能在主键中。有人能帮帮我吗?
答案 0 :(得分:1)
您的查询编写不正确。您需要使用引号来确保将字符串值传递给非数字的列。您的查询应如下所示:
$result = mysql_query("UPDATE tbluser SET strUsrFName = '" . $_POST["strUsrFName"] . "', strUsrMName = '" . $_POST["strUsrMName"] . "' WHERE strUsrName = '" . $_POST["strUsrName"] . "';") or die('ERROR: '.mysql_error());
正如我在评论中所说,不再使用mysql_query。它被弃用并暴露于sql注入。 如果您使用prepared statements,则不再有引用问题。
$sql = "UPDATE tbluser SET strUsrFName = :strUsrFName, strUsrMName = :strUsrMName WHERE strUsrName = :strUsrName;";
$sth = $pdo->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
$sth->execute(array(":strUsrFName" => $_POST["strUsrFName"], ":strUsrMName" => $_POST["strUsrMName"], ":strUsrName" => $_POST["strUsrName"]));