PHP更新混乱

时间:2019-01-14 05:40:52

标签: php mysql

我正在使用以下代码更新MySQL行。谁能告诉我如何才能错误地检查更新查询并仅在更新查询成功且没有任何错误的情况下才打印成功?如果更新查询不成功,则打印失败! 

<?php
//start the session
session_start();
// include db configuration
include('include/db_connect.php');
// user's information
$member_id = $_SESSION['id'];
$member_name = $_SESSION['name'];

$contact_id = $_GET['id'];
// $get_contact = "SELECT * FROM `contacts` where contacts_id = '$contact_id'";
$get_contact = mysqli_query($conn, "SELECT * FROM `contacts` where contacts_id = '$contact_id'");

$row = mysqli_fetch_array($get_contact);

if(isset($_POST['submit'])){
    $contact_id = $_POST['contact_id'];
    $fname = $_POST['fname'];
    $lname = $_POST['lname'];
    $cphone = $_POST['cphone'];
    $city = $_POST['city'];
    $update = "UPDATE `contacts` SET `first_name`='$fname',`last_name`='$lname',`cellphone_number`='$cphone',`city`='$city' WHERE contacts_id = ". $contact_id;
    if (mysqli_query($conn, $update)) {
        echo "
            <script>
                var msg = confirm('Contact Updated');
                if(msg == true || msg == false){
                    location.href='update_contact.php?id=$contact_id';
                }
            </script>
        ";
    } else {
        echo "Error: " . $update . "<br>" . mysqli_error($conn);
    }
}
?>

我的问题是这个:我正在尽力查找错误的根源,而我找不到错误的根源。这是我的选修项目。

2 个答案:

答案 0 :(得分:0)

首先,请学习如何使用基于过程的查询以确保免受SQL注入的伤害(我不是在这里提供有关过程和SQL注入的教程,只是警告不要恶意代码),现在是您的代码解决方案。您在查询中将变量与字符串连接的方式出现问题。我已经为您修复了那部分。

如果您仍然遇到任何错误,请分享您遇到的错误以及错误消息是什么。

<?php
//start the session
session_start();
// include db configuration
include('include/db_connect.php');
// user's information
$member_id = $_SESSION['id'];
$member_name = $_SESSION['name'];

$contact_id = $_GET['id'];

$get_contact = mysqli_query($conn, "SELECT * FROM `contacts` where contacts_id = '".$contact_id."'");

$row = mysqli_fetch_array($get_contact);

if(isset($_POST['submit'])){
    $contact_id = $_POST['contact_id'];
    $fname = $_POST['fname'];
    $lname = $_POST['lname'];
    $cphone = $_POST['cphone'];
    $city = $_POST['city'];
    $update = "UPDATE `contacts` SET `first_name`='".$fname."',`last_name`='".$lname."',`cellphone_number`='".$cphone."',`city`='".$city."' WHERE contacts_id = '".$contact_id."'";
    if (mysqli_query($conn, $update)) {
        echo "
            <script>
                var msg = confirm('Contact Updated');
                if(msg == true || msg == false){
                    location.href='update_contact.php?id=$contact_id';
                }
            </script>
        ";
    } else {
        echo "Error: " . $update . "<br>" . mysqli_error($conn);
    }
}
?>

答案 1 :(得分:-1)

use this function: 

function alertBox($alert_msg, $redirect_link)
{
    $alert = '<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /></head>';
    $alert .= '<script type="text/javascript">alert("'.$alert_msg.'");';
    if(!empty($redirect_link)):
    $alert .='window.location="'.$redirect_link.'";';
    endif; 
    $alert .='</script>;';
    return $alert;
}

// and for calling..

if((mysqli_query($con,$sql))
{
 echo alertBox("sucessfull","example.php");
}
相关问题
最新问题