无法从数据库获取值并将值更新到数据库

时间:2018-07-16 12:47:23

标签: php mysql drupal

在入学报名表中,我无法从帖子中获取employee_id的值。 我为$ employee_id做了Print_r,呈现了空白的输出。 同样,如果将静态值分配给$ employee_id,则$ sum仅包含通过表单发布的值,而应显示输入表单中的值以及数据库中现有值中的值。

<?php
$get = db_query("SELECT field_employee_id_value FROM field_data_field_employee_id ORDER BY field_employee_id_value ASC");

$getempnames = db_query("SELECT field_employee_id_value FROM field_data_field_employee_id ORDER BY field_employee_id_value ASC");


if(isset($_POST['apply'])){

    $sql = db_query("SELECT COUNT(id) as count_id FROM schooling WHERE employee_id = '$_POST[employee_id]' AND claim_year = '$_POST[claim_year]'");

    $row = $sql->fetchAssoc();

    if('1' == $row['count_id']){

        $sqlupdate = db_query("UPDATE schooling SET limit_amount = '".$_POST['limit_amount']."' WHERE employee_id = '$_POST[employee_id]'");

         echo "Schooling limit updated to user ";

        } elseif ('0' == $row['count_id']){

        $sqlinsrt = db_query("INSERT INTO schooling (employee_id, limit_amount, claim_year) VALUES ('".$_POST["employee_id"]."','".$_POST["limit_amount"]."','".$_POST["claim_year"]."')" );

        echo "Schooling limit applied to user";

        } else{
            echo "Already Applied schooling limit";
        }

    }

if(isset($_POST['save'])){

    $employee_id = $_POST['employee_id'];

    $claim_amount = $_POST['claim_amount'];

    $claim_year = $_POST['claim_year'];

    $sqlchkemp = db_query("SELECT COUNT(id) as count_id FROM schooling WHERE employee_id = '$employee_id' AND claim_year = '$claim_year'");

    $empavailable = $sqlchkemp->fetchAssoc();


    if('1' == $empavailable['count_id']){

        $getlimit = db_query("SELECT limit_amount FROM schooling WHERE employee_id = '$employee_id' AND claim_year = '$claim_year'");

        $limit = $getlimit->fetchAssoc();

            $getemptotalclaim = db_query("SELECT claim_amount FROM schooling 
                        WHERE employee_id = '$employee_id' AND claim_year = '$claim_year'");

            $emptotalclaim = $getemptotalclaim->fetchAssoc();

            $totalclaimed = array_sum($emptotalclaim);

            $availability = $limit['limit_amount'] - $_POST['claim_amount'];

        $sum = $totalclaimed['claim_amount'] + $claim_amount;


            if ($sum <= $limit['limit_amount']){

                $sqlinsert = db_query("UPDATE schooling SET claim_amount = '$sum' WHERE employee_id = '$employee_id'");

                    echo "values updated successfuly";

                }

            else{
                    echo "limit is over, you can avail total amount ".$availability." as per  ".$limit['limit_amount']." alloted"; 
            }
    }

    else{
        echo "employee schoolig limit is not set";
    }
}

?>


<html>
<body>  
<form id='applylimit' action='' method='post' accept-charset='UTF-8'>
<fieldset>
<label>Apply Schooling Limit amount to Employee</label>

<label for='employee_id'>Employee Id</label>    
<select name='employee_id'>
 <option value="0">Please Select</option>
      <?php
        while($row = $getempnames->fetchAssoc())
        {
      ?>
        <option value = "<?php echo($row['field_employee_id_value'])?>">
            <?php echo($row['field_employee_id_value']) ?>
        </option>
      <?php
        }               
      ?>
    </select>

<label for='limit_amount'>Limit Amount</label>
<input type='number' name='limit_amount' id='limit_amount' maxlength="50" />

<label for='claim_year'>Claim Year</label>

<select type='number' name='claim_year' id='claim_year' maxlength="50">
    <option value="2018-19">2018-19</option>
    <option value="2019-20">2019-20</option>
</select>

<button type="submit" name="apply">Apply</button>

</fieldset>
</form>

<form id='schoolingentry' action='' method='post' accept-charset='UTF-8'>

<fieldset>
<label for='employee_id'>Employee Id </label>
<select name='employee_id'>
 <option value="0">Please Select</option>
      <?php
        while($rowemp = $get->fetchAssoc())
        {
        ?>
        <option value = "<?php echo($row['field_employee_id_value'])?>" >
            <?php echo($rowemp['field_employee_id_value']) ?>
        </option>
        <?php
        }
      ?>
    </select>


<label for='claim_amount'>Claim Amount</label>
<input type='number' name='claim_amount' id='claim_amount' maxlength="50" />

<label for='claim_year'>Claim Year</label>
<select name='claim_year' id='claim_year' maxlength="50">
    <option value = "2018-19">2018-19</option>
    <option value = "2019-20">2019-20</option>
</select>

<button type="submit" name="save">save</button>

</fieldset>

</form>

</body>
</html>

1 个答案:

答案 0 :(得分:0)

警告词,请勿将从$ _POST提交的任何内容直接放入数据库查询中。您应该通过传入参数来清除所有问题。

例如 $ result = db_query('SELECT n.name FROM users n WHERE n.name =:name',array(':name'=> $ name));

如果第一个查询未返回任何结果,则可能是您传递给字符串的这两个参数不是您所期望的或无效的。尝试回显这两个变量,然后手动运行SQL查询。

或者,如果您希望Drupal更加冗长,请将其包装在异常捕获器中。.

例如

catch(\ PDOException $ e){   $ error = $ e-> getMessage();