[英]Unable to Update and Insert Data into Database Using PHP
I'm new to PHP. 我是PHP新手。 I want to update the status of my checked checkbox to 0. I want to insert the userid and the boxid which is the checkbox into another table. 我想将选中的复选框的状态更新为0。我想将userid和boxid(即复选框)插入另一个表。 However, my code is unable to update and insert. 但是,我的代码无法更新和插入。
This is my code: 这是我的代码:
if(isset($_POST['Next']))
{
foreach($_POST['boxs'] as $f => $value){
$sql = "UPDATE box SET status = '0' WHERE boxid = '$f'";
mysqli_query($con,$sql) or die(mysqli_error($con));
$result = "INSERT INTO booked(username, boxid) VALUES('$_POST[username]', '$f')";
mysqli_query($con,$result) or die(mysqli_error($con));
}
}
This is my checkbox: 这是我的复选框:
<?php
$query = "SELECT * FROM box WHERE status = 1";
$result = @mysqli_query($con, $query);
$num_rows = @mysqli_num_rows($result);
$disable = '';
if (!$num_rows){
$disable = 'disabled="disabled"';
}
?>
<form method = "post" action = "">
<input type='checkbox' name="boxs[]" id="1.1" value ="1.1" <?php echo $disable ?>/>
<label for="1.1" class="background1"></label> <br/>
<input type='checkbox' name="boxs[]" id="1.2" value ="1.2"<?php echo $disable ?>/>
<label for="1.2" class="background2"></label>
<br/>
<input type='checkbox' name="boxs[]" id="1.3" value ="1.3"<?php echo $disable ?>/>
<label for="1.3" class="background2"></label>
<input type="submit" name="Next" id="Next" value="next" />
</form>
So, any idea what's wrong with my code? 因此,您知道我的代码有什么问题吗?
Change like this, you have used wrong quotes, plus missing $conn
param for mysqli_query
function 像这样更改,您使用了错误的引号,加上缺少用于mysqli_query
函数的$conn
参数
if(isset($_POST['Next']))
{
foreach($_POST['boxs'] as $f => $value){
$sql = "UPDATE box SET status = '0' WHERE boxid = '$f'";
mysqli_query($con,$sql) or die(mysqli_error($con));
$result = "INSERT INTO booked(username, boxid) VALUES('$_POST[username]', '$f')";
mysqli_query($con,$result) or die(mysqli_error($con));
}
}
If you call mysqli_query procedurally, you need you need to connect to the DB first: 如果您以程序方式调用mysqli_query ,则需要首先连接到数据库:
$link = mysqli_connect("127.0.0.1", "my_user", "my_password", "my_db");
if (!$link) {
echo "Error: Unable to connect to MySQL." . PHP_EOL;
echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
exit;
}
Then pass the connection when you're doing the query: 然后在执行查询时传递连接:
mysqli_query($link,$sql) or die(mysqli_error($con));
And in the end, close the connection: 最后,关闭连接:
mysqli_close($link);
Instead of using direct substitution values, you could use below methods to avoid sql injection. 除了使用直接替换值外,还可以使用以下方法来避免sql注入。
This will help to solve your problem. 这将有助于解决您的问题。
Using MySQLi (for MySQL): 使用MySQLi(对于MySQL):
$stmt = $dbConnection->prepare('SELECT * FROM employees WHERE name = ?');
$stmt->bind_param('s', $name);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
// do something with $row
}
Please refer How can I prevent SQL-injection in PHP ? 请参阅如何防止PHP中的SQL注入 ?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.