[英]PHP and SQL: using login session variable not updating the database correctly
I am creating a page where a user can calculate their BMI and then save this to their profile. 我正在创建一个页面,用户可以在其中计算其BMI,然后将其保存到其个人资料中。 First I validate the BMI.
首先,我验证BMI。 However, when I perform this calculation now, it is inserting '0.99' into the database instead of the correct BMI value.
但是,当我现在执行此计算时,它将在数据库中插入“ 0.99”而不是正确的BMI值。 I have been debugging and think it has something to do with the connection to the database (have tried moving this around to other areas of the script but it isn't making a difference).
我一直在调试,并认为它与数据库的连接有关(尝试将其移至脚本的其他区域,但这没有什么影响)。
The code is below: 代码如下:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<link rel="stylesheet" href="css.css" type="text/css" />
<body>
<?php
error_reporting(E_ALL &~ E_NOTICE);
// Start the session
session_start();
// Make sure the browser is transmitting in UTF-8
header('Content-type: text/html; charset=utf-8');
// Clear the error message
$error_msg = "";
if (isset($_SESSION['user_id']))
echo $_SESSION['user_id'];
$dbc = mysqli_connect('localhost', 'root', 'root', 'help_me_be_healthy') or die("Error " . mysqli_error($dbc));
mysqli_set_charset($dbc, "utf8");
if(isset($_POST['submit']))
{
$bmi=0;
$kg=$_POST['kg'];
$mt=$_POST['mt'];
if(empty($kg) || empty($mt))
{
echo "<label class='err'><center>All fields are required</center></label>";
include("index.php");
}
else if(!is_numeric($kg) && !is_numeric($mt) )
{
echo "<label class='err'>Please enter valid data.</label>";
include("index.php");
}
else
{
$bmi = $kg/($mt*$mt);
$bmi=round($bmi,2);
if ( $bmi <= 18.5 )
{
echo "Your BMI is " .$bmi." which means you are underweight";
}
else if ( $bmi>18.5 && $bmi <= 24.9) {
echo "Your BMI is ".$bmi." which means you are normal";
}
else if ( $bmi>29.9 && $bmi> 24.9 ) {
echo "Your BMI is ".$bmi." which means you are overweight";
}
else if ( $bmi >29.9 && $bmi<=39.9 ) {
echo "Your BMI is ".$bmi." which means you are obese";
}
else
{
echo "You are morbidly obese.";
}
include("index.php");
//$query = "UPDATE `users` SET `user_bmi`= '$bmi'
//WHERE `user_id` = ($_SESSION = ['user_id'])";
//echo $_SESSION['user_id'];
//if (!isset($_GET['user_id'])) {
//$query = "SELECT * FROM 'users'";
$query = "UPDATE `users` SET `user_bmi`= '$bmi' WHERE `user_id` = '" . $_SESSION['user_id'] . "'";
//}
//else {
// $query = "UPDATE `users` SET `user_bmi`= '$bmi' WHERE `user_id` = '" . $_GET['user_id'] . "'";
//}
$data = mysqli_query($dbc, $query);
$row = mysqli_fetch_assoc($data);
print "\n----\nLookup:\n";
print "Num rows: " . mysqli_num_rows($data);
print "\n";
print_r($row);
print '</pre>';
return;
}
}
?>
</body>
</html>
Any help would be much appreciated:) 任何帮助将非常感激:)
Sarah 莎拉
Assuming BMI is being calculated correctly/displayed, and the user_bmi
column is a float/double/numeric/decimal, the UPDATE
doesn't need quotes around the value so the SQL should be: 假设正确/显示了BMI,并且
user_bmi
float / double / numeric / decimal,则UPDATE
不需要在该值user_bmi
引号,因此SQL应该是:
$query = "UPDATE `users` SET `user_bmi`=$bmi WHERE `user_id`=".
$_SESSION['user_id'];
( user_id
my also not need to be escaped, depending if it's a number or a string) (
user_id
我也不需要转义,取决于它是数字还是字符串)
Also, you cannot get a query result (fetch_assoc) from an UPDATE SQL command... if you'd like to know the number of effected rows use mysqli_affected_rows : 另外,您无法从UPDATE SQL命令获得查询结果(fetch_assoc)...如果您想知道受影响的行数,请使用mysqli_affected_rows :
print "Num rows: ".mysqli_affected_rows($dbc);
What makes you think the BMI is going in incorrectly, are you sure the user_id
is correct, how are you looking into the database to determine what's stored? 是什么让您认为BMI输入有误,您确定
user_id
是正确的,如何查看数据库以确定存储的内容?
Updated Code Printout code: 更新了代码打印输出代码:
if (!mysqli_query($dbc,$query)) {
echo "Failed to store";
}
echo "<pre>\n----\nLookup:\nQuery:$query\n".
"Num rows:".mysqli_affected_rows($dbc)."\n</pre>\n";
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.