添加编辑删除表单不添加到MySQL没有错误

时间:2018-05-16 23:06:15

标签: php html

我有这个添加编辑删除表单,问题是: 当我放入所有内容并点击ADD时,它会显示“数据已成功添加”。但是数据不在我的phpAdmin表中,它没有在页面中显示... 或者仅仅是因为我的主机不能使用MySQLi而是使用MySQL? 没有谈论SQL注入,因为我不是那么专业,不知道如何保护,这个页面将受到登录区域的保护,所以只有受限制的成员才能访问它。

的index.php 

<?php
//including the database connection file
include_once("config.php");

//fetching data in descending order (lastest entry first)
//$result = mysql_query("SELECT * FROM users ORDER BY id DESC"); // mysql_query is deprecated
$result = mysqli_query($mysqli, "SELECT * FROM `user` ORDER BY id DESC"); // using mysqli_query instead
?>

<html>
<head>  
    <title>Homepage</title>
</head>

<body>
<a href="add.html">Add New Data</a><br/><br/>

    <table width='80%' border=0>

    <tr bgcolor='#CCCCCC'>
        <td>Steam Username</td>
        <td>Steam Password</td>
        <td>Steam Guard Code</td>
        <td>Update</td>
    </tr>
    <?php 
    //while($res = mysql_fetch_array($result)) { // mysql_fetch_array is deprecated, we need to use mysqli_fetch_array 
    while($res = mysqli_fetch_array($result)) {         
        echo "<tr>";
        echo "<td>".$res['steamUE']."</td>";
        echo "<td>".$res['steamPW']."</td>";
        echo "<td>".$res['steamGC']."</td>";    
        echo "<td><a href=\"edit.php?id=$res[id]\">Edit</a> | <a href=\"delete.php?id=$res[id]\" onClick=\"return confirm('Are you sure you want to delete?')\">Delete</a></td>";       
    }
    ?>
    </table>
</body>
</html>

add.html 

<html>
<head>
    <title>Add Data</title>
</head>

<body>
    <a href="index.php">Home</a>
    <br/><br/>

    <form action="add.php" method="post" name="form1">
        <table width="25%" border="0">
            <tr> 
                <td>Steam Username</td>
                <td><input type="text" name="steamUE"></td>
            </tr>
            <tr> 
                <td>Steam Password</td>
                <td><input type="text" name="steamPW"></td>
            </tr>
            <tr> 
                <td>Steam Guard Code</td>
                <td><input type="text" name="steamGC"></td>
            </tr>
            <tr> 
                <td></td>
                <td><input type="submit" name="Submit" value="Add"></td>
            </tr>
        </table>
    </form>
</body>
</html>

edit.php 

<?php
// including the database connection file
include_once("config.php");

if(isset($_POST['update']))
{   

    $id = mysqli_real_escape_string($mysqli, $_POST['id']);

    $steamUE = mysqli_real_escape_string($mysqli, $_POST['steamUE']);
    $steamPW = mysqli_real_escape_string($mysqli, $_POST['steamPW']);
    $steamGC = mysqli_real_escape_string($mysqli, $_POST['steamGC']);   

    // checking empty fields
    if(empty($steamUE) || empty($steamPW) || empty($steamGC)) { 

        if(empty($steamUE)) {
            echo "<font color='red'>Steam Username field is empty.</font><br/>";
        }

        if(empty($steamPW)) {
            echo "<font color='red'>Steam Password field is empty.</font><br/>";
        }

        if(empty($steamGC)) {
            echo "<font color='red'>Steam Guard Code field is empty.</font><br/>";
        }       
    } else {    
        //updating the table
        $result = mysqli_query($mysqli, "UPDATE `user` SET steamUE='$steamUE',steamPW='$steamPW',steamGC='$steamGC' WHERE id='$id'");

        //redirectig to the display page. In our case, it is index.php
        header("Location: index.php");
    }
}
?>
<?php
//getting id from url
$id = $_GET['id'];

//selecting data associated with this particular id
$result = mysqli_query($mysqli, "SELECT * FROM `user` WHERE id='$id'");

while($res = mysqli_fetch_array($result))
{
    $steamUE = $res['steamUE'];
    $steamPW = $res['steamPW'];
    $steamGC = $res['steamGC'];
}
?>
<html>
<head>  
    <title>Edit Data</title>
</head>

<body>
    <a href="index.php">Home</a>
    <br/><br/>

    <form name="form1" method="post" action="edit.php">
        <table border="0">
            <tr> 
                <td>Steam Username</td>
                <td><input type="text" name="steamUE" value="<?php echo $steamUE;?>"></td>
            </tr>
            <tr> 
                <td>Steam Username</td>
                <td><input type="text" name="steamPW" value="<?php echo $steamPW;?>"></td>
            </tr>
            <tr> 
                <td>Steam Guard Code</td>
                <td><input type="text" name="steamGC" value="<?php echo $steamGC;?>"></td>
            </tr>
            <tr>
                <td><input type="hidden" name="id" value=<?php echo $_GET['id'];?>></td>
                <td><input type="submit" name="update" value="Update"></td>
            </tr>
        </table>
    </form>
</body>
</html>

delete.php 

<?php
//including the database connection file
include("config.php");

//getting id of the data from url
$id = $_GET['id'];

//deleting the row from table
$result = mysqli_query($mysqli, "DELETE * FROM `user` WHERE id='$id'");

//redirecting to the display page (index.php in our case)
header("Location: index.php");
?>

add.php 

<html>
<head>
    <title>Add Data</title>
</head>

<body>
<?php
//including the database connection file
include_once("config.php");

if(isset($_POST['Submit'])) {   
    $steamUE = mysqli_real_escape_string($mysqli, $_POST['steamUE']);
    $steamPW = mysqli_real_escape_string($mysqli, $_POST['steamPW']);
    $steamGC = mysqli_real_escape_string($mysqli, $_POST['steamGC']);

    // checking empty fields
    if(empty($steamUE) || empty($steamPW) || empty($steamGC)) {

        if(empty($steamUE)) {
            echo "<font color='red'>Steam Username field is empty.</font><br/>";
        }

        if(empty($steamPW)) {
            echo "<font color='red'>Steam Password field is empty.</font><br/>";
        }

        if(empty($steamGC)) {
            echo "<font color='red'>Steam Guard Code field is empty.</font><br/>";
        }

        //link to the previous page
        echo "<br/><a href='javascript:self.history.back();'>Go Back</a>";
    } else { 
        // if all the fields are filled (not empty) 

        //insert data to database   
        $result = mysqli_query($mysqli, "INSERT INTO `user` (steamUE,steamPW,steamGC) VALUES ('$steamUE','$steamPW','$steamGC')");

        //display success message
        echo "<font color='green'>Data added successfully.";
        echo "<br/><a href='index.php'>View Result</a>";
    }
}
?>
</body>
</html>

的config.php 

<?php
/*
// mysql_connect("database-host", "username", "password")
$conn = mysql_connect("localhost","root","root") 
            or die("cannot connected");

// mysql_select_db("database-name", "connection-link-identifier")
@mysql_select_db("test",$conn);
*/

/**
 * mysql_connect is deprecated
 * using mysqli_connect instead
 */

$databaseHost = 'sql.website.com';
$databaseName = '';
$databaseUsername = '';
$databasePassword = '';

$mysqli = mysqli_connect($databaseHost, $databaseUsername, $databasePassword, $databaseName); 

?>

它没有说或显示任何错误或任何其他问题,它说只有数据成功添加,没有别的。我不明白为什么它不会在我的表中添加任何数据,我一次又一次地检查所有内容,也许是因为我累了,但我试图重命名表名但没有任何改变,是一样的......

2 个答案:

答案 0 :(得分:0)

发现了三个错误,

add.php:列名称不应为&#39;&#39;。请检查以下

$result = mysqli_query($mysqli, "INSERT INTO user (steamUE,steamPW,steam_GC) VALUES ('$steamUE','$steamPW','$steamGC')");

edit.php:&#39;&#39; $id失踪。请检查以下

$result = mysqli_query($mysqli, "UPDATE user SET steamUE='$steamUE',steamPW='$steamPW',steamGC='$steamGC' WHERE id='$id'");

delete.php:&#39;&#39; $id失踪。请检查以下

$result = mysqli_query($mysqli, "DELETE * FROM user WHERE id='$id'");

如果与DB的连接成功,它必须正常工作(这个答案应该得到你的绿色标记:D)。

  

或者仅仅是因为我的主持人不能使用MySQLi而是使用   MySQL的?

无论我遇到什么问题,我都会收到一些错误或空白页。

答案 1 :(得分:0)

检查dB连接。转向mysqli,用$ sql用(errno)声明它,但在$ sql之前调用你的param。使用if条件检查连接。在你的添加请使用$ stmnt准备并执行它。

相关问题
最新问题