您好,我希望登录后的用户能够更新其帐户信息。当我填写for并点击Submit按钮时,我会收到成功消息,但是当我检查数据库时,实际上并没有任何更新。
我首先从这段代码开始
<?php
if(!isset($_SESSION['name'])){
header("location: signin.php");
}
$name=$_SESSION['name'];
$submitted = '';
$sql = "SELECT `name`, `lastname`, `email`, `phone`, `address`, `apt`, `city`, `state`, `zip` FROM `Users` WHERE name = '$name'";
$result = mysqli_query($con,$sql);
$row = mysqli_fetch_assoc($result);
$acc_name = $row['name'];
$acc_lastname = $row['lastname'];
$acc_email = $row['email'];
$acc_phone = $row['phone'];
$acc_address = $row['address'];
$acc_apt = $row['apt'];
$acc_city = $row['city'];
$acc_state = $row['state'];
$acc_zip = $row['zip'];
?>
<?php
//UPDATE FORM
if(isset($_POST['save'])){
$name=$_POST['name'];
$name = mysqli_real_escape_string($con,$name);
$lastname=$_POST['lastname'];
$lastname = mysqli_real_escape_string($con,$lastname);
$email=$_POST['email'];
$email = mysqli_real_escape_string($con,$email);
$phone=$_POST['phone'];
$phone = mysqli_real_escape_string($con,$phone);
$address=$_POST['address'];
$address = mysqli_real_escape_string($con,$address);
$apt=$_POST['apt'];
$apt = mysqli_real_escape_string($con,$apt);
$city=$_POST['city'];
$city = mysqli_real_escape_string($con,$city);
$state=$_POST['state'];
$state = mysqli_real_escape_string($con,$state);
$zip = $_POST['zip'];
$zip = mysqli_real_escape_string($con,$zip);
$password= $_POST['password'];
$hash = password_hash($password, PASSWORD_BCRYPT);
$updateQuery = "UPDATE Users SET name = '$name', lastname = '$lastname', email = '$email', phone = '$phone', address = '$address', apt = '$apt', city = '$city', state = '$state', zip = '$zip', password = '$hash' WHERE name = '$name'";
$updateResult = mysqli_query($con, $updateQuery);
if(!$updateResult){
die('there was an error running query [' . $con->error . ']');
}else{
$submitted = 'Your account has been updated.';
}
}
?>
<div class="container">
<div class="row">
<div class="col-sm-2">
</div>
<div class="col-sm-8 form">
<form id="updateForm" method="post" class="form-horizontal" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" role="form" data-toggle="validator">
<div class="controls">
<div class="text-center title">
<h1>Account Settings</h1>
<hr>
<div class="submitted">
<?php echo "<p> <font color=red size='5pt'>$submitted</font></p>"; ?>
</div>
</div>
<!--parents info -->
<div class="heading">
<h2 class="rowspace">Parent's Information</h2>
<!-- <hr>-->
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
<label for="form_name" class="question">First Name</label>
</div>
<div class="col-sm-6">
<input id="name" type="text" name="name" class="form-control" data-error="First name is required." placeholder = "<?php echo $acc_name?>">
<div class="help-block with-errors"></div>
</div>
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
Last Name</div>
<div class="col-sm-6">
<input id="lastname" type="text" name="lastname" class="form-control" data-error="Last name is required." placeholder = "<?php echo $acc_lastname?>">
<div class="help-block with-errors"></div>
</div>
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
<label for="email">Email Address</label></div>
<div class="col-sm-6">
<input id="email" type="email" name="email" class="form-control" data-error="Valid email is required." placeholder = "<?php echo $acc_email?>">
<span></span>
<div class="help-block with-errors"></div>
</div>
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
<label for="form_phone">Phone Number</label>
</div>
<div class="col-sm-6">
<input id="phone" type="tel" name="phone" class="form-control" data-error="Phone number is required." placeholder = "<?php echo $acc_phone?>" >
<div class="help-block with-errors"></div>
</div>
</div>
<!--ADDRESS-->
<div class="heading container-fluid">
<h2 class="rowspace">Address</h2>
<!-- <hr>-->
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
<label for="name">Address</label></div>
<div class="col-sm-6">
<input id="address" type="text" name="address" class="form-control" data-error="Address is required." placeholder = "<?php echo $acc_address?>">
<div class="help-block with-errors"></div>
</div>
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
<label for="name">APT Number</label></div>
<div class="col-sm-6">
<input id="apt" type="text" name="apt" class="form-control" placeholder="<?php echo $acc_apt?>">
</div>
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
<label for="name">City</label>
</div>
<div class="col-sm-6">
<input id="city" type="text" name="city" class="form-control" placeholder="<?php echo $acc_city?>">
<div class="help-block with-errors"></div>
</div>
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
<label for="name">State</label>
</div>
<div class="col-sm-6">
<input id="state" type="text" name="state" class="form-control" placeholder="<?php echo $acc_state?>">
<div class="help-block with-errors"></div>
</div>
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
<label for="name">Zip</label></div>
<div class="col-sm-6">
<input id="zip" type="text" name="zip" class="form-control" placeholder="<?php echo $acc_zip?>">
<div class="help-block with-errors"></div>
</div>
</div>
<!-- LOGING INFO -->
<div class="heading container-fluid">
<h2>Login Information</h2>
<!--<hr>-->
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
<label for="name">New Password</label></div>
<div class="col-sm-6">
<input id="password" type="text" name="password" class="form-control">
<div class="help-block with-errors"></div>
</div>
</div>
<div class="row form-group">
<div class="col-sm-1"></div>
<div class="col-sm-3">
<label for="name">Confirm Password</label></div>
<div class="col-sm-6">
<input id="confirmPw" type="text" name="confirmPW" class="form-control" >
<div class="help-block with-errors"></div>
</div>
</div>
<div class="row">
<div class="col-sm-12 text-center rowspace">
<input name="save" id="save" tabindex="5" value="Save Changes" type="submit" style="width:200px;">
</div>
</div>
</div>
</form>
使用上面的代码,我不断得到$submitted = 'Your account has been updated.'
但是它尚未在我的数据库中更新,我检查了错误日志,没有任何错误显示。
然后我尝试分离代码并将php放入edit_acc.php
因此,我的表单标签操作将为:action="edit_acc.php
edit-acc.php:
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
session_start();
if(isset($_SESSION['name'])){
$name=$_SESSION['name'];
$submitted = '';
}
if(isset($_POST['save'])){
$name=$_POST['name'];
$name = mysqli_real_escape_string($con,$name);
$lastname=$_POST['lastname'];
$lastname = mysqli_real_escape_string($con,$lastname);
$email=$_POST['email'];
$email = mysqli_real_escape_string($con,$email);
$phone=$_POST['phone'];
$phone = mysqli_real_escape_string($con,$phone);
$address=$_POST['address'];
$address = mysqli_real_escape_string($con,$address);
$apt=$_POST['apt'];
$apt = mysqli_real_escape_string($con,$apt);
$city=$_POST['city'];
$city = mysqli_real_escape_string($con,$city);
$state=$_POST['state'];
$state = mysqli_real_escape_string($con,$state);
$zip = $_POST['zip'];
$zip = mysqli_real_escape_string($con,$zip);
$password= $_POST['password'];
$hash = password_hash($password, PASSWORD_BCRYPT);
$updateQuery = "UPDATE Users SET name = '$name', lastname = '$lastname', email = '$email', phone = '$phone', address = '$address', apt = '$apt', city = '$city', state = '$state', zip = '$zip', password = '$hash' WHERE name = '$name'";
$updateResult = mysqli_query($con, $updateQuery);
if(!$updateResult){
die('there was an error running query [' . $con->error . ']');
}else{
$submitted = 'Your account has been updated.';
}
}
?>
当我分离代码时,提交edit_acc.php后将显示空白页面。表仍然没有更新,并且错误日志中仍然没有任何内容。
有人可以帮忙吗?
编辑
我需要从以下位置更改查询:
$updateQuery = "UPDATE Users SET name = '$name', lastname = '$lastname', email = '$email', phone = '$phone', address = '$address', apt = '$apt', city = '$city', state = '$state', zip = '$zip', password = '$hash' WHERE name = '$name'";
收件人:
$updateQuery = "UPDATE Users SET name = '$name', lastname = '$lastname', email = '$email', phone = '$phone', address = '$address', apt = '$apt', city = '$city', state = '$state', zip = '$zip', password = '$hash' WHERE id = '23'";
感谢Asisito建议使用ID代替名称。
答案 0 :(得分:0)
我看不到代码中初始化mysqli数据库连接的任何部分,例如
$con = mysqli_connect("my_host","my_user","my_password","my_db");
我建议将这段代码放到edit-acc.php之后
if(isset($_SESSION['name'])){
$name=$_SESSION['name'];
$submitted = '';
}
因为然后您开始使用$ con。
编辑:我认为使用唯一ID比使用$ name更好,因为可以多次使用相同的名称。因此,您可以将用户ID存储在会话中,并在数据库需要的特定点上获取所需的所有数据。