[英]Updating records in database
guys, i have these codes for updating the records in the database. 伙计们,我有这些代码来更新数据库中的记录。
please.. check if these is correct? 请..检查这些是否正确?
<?php
session_start();
include "db.php";
$username = $_SESSION['username'];
$query="SELECT * FROM members where username='".mysql_real_escape_string($username)."'";
$result=mysql_query($query);
$num=mysql_numrows($result);
mysql_close();
$userid =mysql_result($result,$i, 'userid');
$firstname =mysql_result($result,$i,'firstname');
$lastname =mysql_result($result,$i,'lastname');
$username =mysql_result($result,$i,'username');
$email =mysql_result($result,$i,'email');
$age =mysql_result($result,$i,'age');
?>
<form action="update.php" method="post">
<input type="hidden" name="u_userid" value="<? echo "$userid" ?>">
<table>
<tr><td>ID:</td> <td><? echo "$userid"?></td></tr>
<tr><td>First Name:</td> <td> <input type="text" name="u_firstname" value="<? echo "$firstname"?>"></td></tr>
<tr><td>Last Name: </td> <td><input type="text" name="u_lastname" value="<? echo "$lastname"?>"></td></tr>
<tr><td>Username:</td> <td> <input type="text" name="u_username" value="<? echo "$username"?>"></td></tr>
<tr><td>Email:</td> <td> <input type="text" name="u_email" value="<? echo "$email"?>"></td></tr>
<tr><td>Age: </td> <td><input type="text" name="u_age" value="<? echo "$age"?>"></td></tr>
<tr><td></td><td><input type="Submit" value="Update Info">
</td></tr>
</form>
<tr><td></td><td><form action="form2.html" method="post">
<input type="submit" value="Cancel"></form></td></tr>
</table
and in update.php 并在update.php中
<?php
session_start();
include "db.php";
$userid =mysql_result($result, 'userid');
$firstname =mysql_result($result, 'firstname');
$lastname =mysql_result($result, 'lastname');
$username =mysql_result($result, 'username');
$email =mysql_result($result, 'email');
$age =mysql_result($result, 'age');
include "db.php";
$query="UPDATE members SET firstname='$u_firstname' , lastname='$u_lastname', username='$u_username' , email='$u_email', age='$u_age' ";
$result=mysql_query($query);
mysql_close();
echo "Record Updated
<br><br>
<form action=\"form2.html\" >
<input type=\"submit\" value=\"ok!\" />
</form>
";
?>
actually it shows a lot of errors/warning like this 实际上它显示了很多错误/警告,像这样
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in C:\\web\\htdocs\\salome\\this\\update.php on line 7 警告:mysql_result():在第7行的C:\\ web \\ htdocs \\ salome \\ this \\ update.php中,提供的参数不是有效的MySQL结果资源
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in C:\\web\\htdocs\\salome\\this\\update.php on line 8 警告:mysql_result():在第8行的C:\\ web \\ htdocs \\ salome \\ this \\ update.php中,提供的参数不是有效的MySQL结果资源
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in C:\\web\\htdocs\\salome\\this\\update.php on line 9 警告:mysql_result():提供的参数在第9行的C:\\ web \\ htdocs \\ salome \\ this \\ update.php中不是有效的MySQL结果资源
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in C:\\web\\htdocs\\salome\\this\\update.php on line 10 警告:mysql_result():提供的参数在第10行的C:\\ web \\ htdocs \\ salome \\ this \\ update.php中不是有效的MySQL结果资源
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in C:\\web\\htdocs\\salome\\this\\update.php on line 11 警告:mysql_result():在第11行的C:\\ web \\ htdocs \\ salome \\ this \\ update.php中,提供的参数不是有效的MySQL结果资源
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in C:\\web\\htdocs\\salome\\this\\update.php on line 12 警告:mysql_result():在第12行的C:\\ web \\ htdocs \\ salome \\ this \\ update.php中,提供的参数不是有效的MySQL结果资源
WHAT WILL I DO.. 我该怎么办..
please help me... :-( 请帮我... :-(
You are trying to get a result from the database (but even without executing a query) while you have to use edited data from the form via $_POST array 您试图从数据库中获取结果(即使不执行查询),而必须通过$ _POST数组使用表单中的已编辑数据
<?php
session_start();
include "db.php";
$user_id = mysql_real_escape_string($_SESSION['userid']);
$firstname = mysql_real_escape_string($_POST['u_firstname']);
$lastname = mysql_real_escape_string($_POST['u_lastname']);
$lastname = mysql_real_escape_string($_POST['u_lastname']);
$username = mysql_real_escape_string($_POST['u_username']);
$email = mysql_real_escape_string($_POST['u_email']);
$age = mysql_real_escape_string($_POST['u_age']);
//etc
$query = "UPDATE members SET firstname='$firstname', lastname='$lastname',
username='$username' , email='$email', age='$age'
WHERE userid = '$user_id'";
$result = mysql_query($query) or trigger_error(mysql_error().$query);
Note that user identification should come from a SESSION, not FORM 请注意,用户标识应来自SESSION,而不是FORM
And you should never edit user id. 而且您永远不要编辑用户ID。
In Update query use like this, 在更新查询中使用这种方式,
$query="UPDATE members SET firstname='$u_firstname' , lastname='$u_lastname', username='$u_username' , email='$u_email', age='$u_age' where userid = '$u_userid' ";
use mysql_close();
使用mysql_close();
at the end of page (ie after the fetching result). 在页面末尾(即在获取结果之后)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.