PHP表单无法编辑MySQL表数据
[英]PHP Form isn't Editing MySQL Table Data
问题描述
I have a PHP form that displays a MySQL Table row's column data inside of the inputs. 
我有一个PHP表单,在输入中显示MySQL表行的列数据。 For example, each column is put into a seperate input's value. 例如,将每一列放入单独的输入值中。 I did this because I want the user to be able to edit the column data for a specific row. 我这样做是因为我希望用户能够编辑特定行的列数据。 The user should be able to edit one of the input values, hit the submit button, and the column data for that row in the MySQL table will be changed. 用户应该能够编辑输入值之一,单击“提交”按钮,并且MySQL表中该行的列数据将被更改。 Currently, when I hit submit, I get the error Could not edit job position: . 目前,当我点击Submit时,出现错误Could not edit job position: 。 This happens even if I leave the input values the same. 即使我将输入值保持不变,也会发生这种情况。
Here is a picture of the full PHP page: 这是完整的PHP页面的图片: More information: In the photo you can see that there is an edit and delete link for each table row.
详细信息:在照片中,您可以看到每个表格行都有一个编辑和删除链接。 The table rows represent the MySQL Table rows. 表行代表MySQL表行。 When an edit link is clicked, my PHP form appears at the bottom, with inputs for the title, description, model, make, year, and price column. 单击一个编辑链接时,我的PHP表单显示在底部,标题,描述,型号,品牌,年份和价格列均带有输入。 These inputs contain the values of each column for that table row. 这些输入包含该表行的每一列的值。
Here is my full PHP page's code: 这是我完整的PHP页面的代码:
<!DOCTYPE html>
<head>
<title>GBM Trailer Service Ltd. ::: Used Units Management</title>
</head>
<body>
<?php
$dbLink = new mysqli('dacom', 'ksbm', 'Kiaer', 'kabm');
if(mysqli_connect_errno()) {
die("MySQL connection failed: ". mysqli_connect_error());
}
//Up and Down Arrow Links: PHP Code
$conn = new mysqli('dsm', 'kam', 'Kfr', 'kcm');
// if an arrow link was clicked...
if ($_GET['dir'] && $_GET['id']) {
// make GET vars easier to handle
$dir = $_GET['dir'];
// cast as int and couple with switch for sql injection prevention for $id
$id = (int) $_GET['id'];
// decide what row we're swapping based on $dir
switch ($dir) {
// if we're going up, swap is 1 less than id
case 'up':
// make sure that there's a row above to swap
$swap = ($id > 1)? $id-- : 1;
break;
// if we're going down, swap is 1 more than id
case 'down':
// find out what the highest row is
$sql = "SELECT count(*) FROM used_trailers";
$result = mysqli_query($conn, $sql) or die();
$r = mysqli_fetch_row($result);
$max = $r[0];
// make sure that there's a row below to swap with
$swap = ($id < $max)? $id++ : $max;
break;
// default value (sql injection prevention for $dir)
default:
$swap = $id;
} // end switch $dir
// swap the rows. Basic idea is to make $id=$swap and $swap=$id
$sql = "UPDATE used_trailers SET orderid = CASE orderid WHEN $id THEN $swap WHEN $swap THEN $id END WHERE orderid IN ($id, $swap)";
$result = mysqli_query($conn, $sql) or die;
} // end if GET
// set a result order with a default (sql infection prevention for $sortby)
$sortby = ($_GET['sortby'] == 'title')? $_GET['sortby'] : 'orderid';
// Delete link: PHP Code
// delete from table
if ($_GET['del'] == 'true') {
// cast id as int for security
$id = (int) $_GET['id'];
// delete row from table
$sql = "DELETE FROM used_trailers WHERE orderid = '$id'";
$result = mysqli_query($conn, $sql) or die();
// select the info, ordering by usort
$sql = "SELECT orderid, title FROM used_trailers ORDER BY orderid";
$result = mysqli_query($conn,$sql) or die();
// initialize a counter for rewriting usort
$job_pos_sortt = 1;
// while there is info to be fetched...
while ($r = mysqli_fetch_assoc($result)) {
$job_poss = $r['orderid'];
// update the usort number to the one in the next number
$sql = "UPDATE used_trailers SET orderid = '$job_pos_sortt' WHERE title = '$job_poss'";
$update = mysqli_query($conn, $sql) or die();
// inc to next avail number
$job_pos_sortt++;
} // end while
} // end if del
// Connect to the database
$dbLink = new mysqli('da.com', 'am', 'aer', 'kabm');
if(mysqli_connect_errno()) {
die("MySQL connection failed: ". mysqli_connect_error());
}
// Query for a list of all existing files
$sql = 'SELECT * FROM used_trailers ORDER BY orderid';
$result = $dbLink->query($sql);
// Check if it was successfull
if($result) {
// Make sure there are some files in there
if($result->num_rows == 0) {
echo '<p>There are no files in the database</p>';
}
else {
// Print the top of a table
echo '<table width="100%" border="1">
<tr valign="middle" align="center">';
echo "<td>Order</td>";
echo "<td>Title</td>";
echo '<td valign="middle"><b>Description</b></td>
<td valign="middle"><b>Model</b></td>
<td valign="middle"><b>Make</b></td>
<td valign="middle"><b>Year</b></td>
<td valign="middle"><b>Price</b></td>
<td valign="middle"><b>Photo 1</b></td>
<td valign="middle"><b>Photo 2</b></td>
<td valign="middle"><b>Photo 3</b></td>
<td valign="middle"><b>Photo 4</b></td>
<td valign="middle"><b>Photo 5</b></td>
<td valign="middle"><b>PDF</b></td>
<td valign="middle"><b>Edit/Delete</b></td>
</tr>';
// Print each file
while($row = $result->fetch_assoc()) {
echo "
<tr valign='middle' align='center'>
<td align = 'center' valign = 'center'><a style='color:black;' href='{$_SERVER['PHP_SELF']}?dir=up&id={$row['orderid']}'>/\</a>
<a style='color:black;' href='{$_SERVER['PHP_SELF']}?dir=down&id={$row['orderid']}'>\/</a></td>
<td valign='middle'>{$row['title']}</td>
<td valign='middle'>{$row['description']}</td>
<td valign='middle'>{$row['model']}</td>
<td valign='middle'>{$row['make']}</td>
<td valign='middle'>{$row['year']}</td>
<td valign='middle'>{$row['price']}</td>
<td valign='center'><img width=100 height=100 src=images/{$row['photo']}></td>
<td valign='center'><img width=100 height=100 src=images/{$row['photo1']}></td>
<td valign='center'><img width=100 height=100 src=images/{$row['photo2']}></td>
<td valign='center'><img width=100 height=100 src=images/{$row['photo3']}></td>
<td valign='center'><img width=100 height=100 src=images/{$row['photo4']}></td>
<td valign='center'><a target='_blank' href='downloadfile.php?id={$row['id']}'>{$row['name']}</a></td>
<td align = 'center' valign = 'center'><b><a href='pdfget.php?orderid={$row['orderid']}' style='color:black;'>Edit</a> <a href='{$_SERVER['PHP_SELF']}?del=true&id={$row['orderid']}' style='color:black;' onclick='return show_confirm();'>Delete</a></b></td>
</tr>";
}
// Close table
echo '</table>';
}
// Free the result
$result->free();
}
else
{
echo 'Error! SQL query failed:';
echo "<pre>{$dbLink->error}</pre>";
}
// Close the mysql connection
$dbLink->close();
?>
<?php
if (isset($_GET["orderid"])) {
$sn = (int)($_GET["orderid"]);
if(isset($_POST['update']))
{
$job_pos_sort = $_POST['orderid'];
$job_pos = $_POST['title'];
$job_pose = $_POST['description'];
$job_pose1 = $_POST['make'];
$job_pose2 = $_POST['model'];
$job_pose3 = $_POST['year'];
$job_pose4 = $_POST['price'];
$dbhost = 'daom';
$dbuser = 'keabm';
$dbpass = 'Kaer';
$dbname = 'keagbm';
$conn = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
if(! $conn )
{
die('Could not connect: ' . mysqli_error());
}
$sql = "UPDATE used_trailers SET title='$job_pos', description='$job_pose', make='$job_pose1', model='$job_pose2', year='$job_pose3', price='$job_pose4' WHERE orderid=$job_pos_sort";
$retval = mysqli_query($conn, $sql);
if(! $retval )
{
die(mysqli_error($conn) . "update failed");
}
echo "Edited job position successfully. <br />\n";
echo "Click <a style='color:black;' href='managecareers.php'>here</a> to refresh the page";
}
else
{
$job_posname = "SELECT title FROM used_trailers WHERE orderid = $sn";
$query=mysqli_query($conn, $job_posname);
$array=mysqli_fetch_assoc($query);
$job_posname=stripslashes($array['title']);
$job_posname1 = "SELECT description FROM used_trailers WHERE orderid = $sn";
$query=mysqli_query($conn, $job_posname1);
$array=mysqli_fetch_assoc($query);
$job_posname1=stripslashes($array['description']);
$job_posname2 = "SELECT make FROM used_trailers WHERE orderid = $sn";
$query=mysqli_query($conn, $job_posname2);
$array=mysqli_fetch_assoc($query);
$job_posname2=stripslashes($array['make']);
$job_posname3 = "SELECT model FROM used_trailers WHERE orderid = $sn";
$query=mysqli_query($conn, $job_posname3);
$array=mysqli_fetch_assoc($query);
$job_posname3=stripslashes($array['model']);
$job_posname4 = "SELECT year FROM used_trailers WHERE orderid = $sn";
$query=mysqli_query($conn, $job_posname4);
$array=mysqli_fetch_assoc($query);
$job_posname4=stripslashes($array['year']);
$job_posname5 = "SELECT price FROM used_trailers WHERE orderid = $sn";
$query=mysqli_query($conn, $job_posname5);
$array=mysqli_fetch_assoc($query);
$job_posname5=stripslashes($array['price']);
?>
<div align="center">
<p style="position:relative; left:-11px;">Edit Job Position</p>
<form method="post" action="">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td><input name="job_pos_sort" type="hidden" id="job_pos_sort" value="<?php echo $sn;?>"></td>
</tr>
<tr>
<td width="100" style="color:white;">Job Position:</td>
<td><input name="job_pos" type="text" id="job_pos" value="<?php echo $job_posname;?>"><span id="measure"></span></td>
<td><input name="description" type="text" id="description" value="<?php echo $job_posname1;?>"></td>
<td><input name="make" type="text" id="make" value="<?php echo $job_posname2;?>"></td>
<td><input name="model" type="text" id="model" value="<?php echo $job_posname3;?>"></td>
<td><input name="year" type="text" id="year" value="<?php echo $job_posname4;?>"></td>
<td><input name="price" type="text" id="price" value="<?php echo $job_posname5;?>"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Edit">
</td>
</tr>
</table>
</form>
</div>
<?php
}
}
else {
}
?>
</body>
</html>
All help is greatly appreciated. 非常感谢所有帮助。 Thank you for any help. 感谢您的任何帮助。
1 个解决方案
解决方案1
0 已采纳 2014-02-19 22:37:46
You need to put the data in quotes in your query: 您需要将数据放在查询中的引号中:
$sql = "UPDATE used_trailers SET title='$job_pos', description='$job_pose', make='$job_pose1', model='$job_pose2', year='$job_pose3', price='$job_pose4' WHERE orderid=$job_pos_sort";
Also, you should escape any database parameters from your input or they will break your query - mysqli_real_escape_string() for mySQL or pg_escape_string() for Postgres: 另外,您应该从输入mysqli_real_escape_string()任何数据库参数,否则它们将中断您的查询-对于MySQL,使用pg_escape_string()对于Postgres,使用pg_escape_string() :
$job_pos_sort = mysqli_real_escape_string($_POST['orderid']);
$job_pos = mysqli_real_escape_string($_POST['title']);
$job_pose = mysqli_real_escape_string($_POST['description']);
$job_pose1 = mysqli_real_escape_string($_POST['make']);
$job_pose2 = mysqli_real_escape_string($_POST['model']);
$job_pose3 = mysqli_real_escape_string($_POST['year']);
$job_pose4 = mysqli_real_escape_string($_POST['price']);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
PHP / MYSQL:表上未显示数据 - PHP/MYSQL: data isn't appearing on the table
PHP + MySQL编辑表格数据 - php + MySQL editing table data
使用PHP HTML表单的MySQL表更新无法正常工作 - MySQL Table Update with PHP HTML Form isn't Working
使用php编辑mysql表中的数据 - Editing data from mysql table using php
在MySQL和PHP中编辑表单 - Editing a form in MySQL and PHP
表单数据正在提交,但没有进入MySQL - Form data is submitting, but isn't going into mySQL
表单不将数据发布到MySQL数据库中吗? - Form isn't posting data into MySQL database?
PHP无法正确输入MySql数据 - PHP isn't properly inputting MySql data
为什么数据不显示php mysql - Why data isn't showing php mysql
用html表单编辑mysql表 - editing mysql table with html form
相关标签