[英]Issue in updating the database, using php/mysql
I have this problem while updating my database, so, it all works, i mean i have the form, it prints the values, but when i try to update it, everything gets updated apart from the username and password.. 我在更新数据库时遇到了这个问题,所以,所有的工作都有效,我的意思是我拥有表格,它可以打印值,但是当我尝试更新它时,除了用户名和密码之外,所有内容都会更新。
Here is the code i use.. 这是我使用的代码。
Thanks! 谢谢!
if ($Act=='Save') {
mysql_query("BEGIN");
$sql = "Insert into tbl_galleries (gal_title,gal_image,username,password) Values (";
$sql.= "'". strip_tags(mysql_real_escape_string(trim($gal_title))). "','". strip_tags(mysql_real_escape_string(trim($gal_image))) ."','". strip_tags(mysql_real_escape_string(trim($username))). "',,'". strip_tags(mysql_real_escape_string(trim($password))). "',);";
$query = mysql_query($sql);
if(!$query){
mysql_query("ROLLBACK");
$myErrorsUpGr = mysql_error();
echo $myErrorsUpGr;
} else {
mysql_query("COMMIT");
echo 'Insertion was successfull.';
}
} else if ($Act=='Update'){
mysql_query("BEGIN");
$sql = " Update tbl_galleries set ";
$sql.= " gal_title='" . strip_tags(mysql_real_escape_string(trim($gal_title))) . "',";
$sql.= " gal_image='" . strip_tags(mysql_real_escape_string(trim($gal_image))) . "'";
$sql.= " where gal_id=" . $gal_id . ";";
$sql.= " username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= " password='" . strip_tags(mysql_real_escape_string(trim($password))) . "',";
<?php
include_once("db/envato_db.php");
if ($_SERVER['QUERY_STRING']!='')
{
$sql = "";
$sql = "SELECT gal_id,gal_title,gal_image,username,password FROM tbl_galleries where gal_id='" . $_REQUEST['gid'] ."';";
$query = mysql_query($sql) or $myErrorsP = mysql_error();
if(isset($myErrors) && $myErrorsP!='')
{
}
else
{
$row = mysql_fetch_row($query);
mysql_free_result($query);
$gal_id = $row[0];
$gal_title = $row[1];
$gal_image = $row[2];
$username = $row[3];
$password = $row[4];
}
}
?>
<tr>
<td width="104">Gallery Title:</td>
<td width="556"><input type="text" id="gtitle" name="gtitle" class="typeText" maxlength="50" value="<?php echo isset($gal_title)? $gal_title : ""?>" tabindex="1" /></td>
</tr>
<tr>
<td>Gallery Image:</td>
<td>
<input type="text" id="gimg" name="gimg" class="typeText" maxlength="100" value="<?php echo isset($gal_image)? $gal_image : ""?>" readonly/>
<input type="file" name="gimg_upl" id="gimg_upl"/>
<a href="javascript:;" onClick="ajaxFileUpload('gimg_upl','img_files');" title="Click to Upload Image" name="Click to Upload Image">Upload</a>
</td>
</tr>
<tr>
<td width="104">Username:</td>
<td width="556"><input type="text" id="gusername" name="gusername" class="typeText" maxlength="50" value="<?php echo isset($username)? $username : ""?>" tabindex="1" /></td>
</tr>
<tr>
<td width="104">Password:</td>
<td width="556"><input type="text" id="gpassword" name="gpassword" class="typeText" maxlength="50" value="<?php echo isset($password)? $password : ""?>" tabindex="1" /></td>
</tr>
</table>
<table id="savetbl" style="width:680px;" cellpadding="3">
<tr>
<td align="center" colspan="2">
<?php
if(isset($gal_id) && $gal_id!='')
{
if(!isset($myErrorsP))
{
?>
<input type="button" value="» Update «" class="but" name="button" alt="Update" title="Update" onClick="Do_Update('Update', '<?php echo $gal_id?>');" tabindex="3">
<?php
}
}
else
{
if(!isset($myErrorsP))
{
?>
<input type="button" value="» Save «" class="but" name="button" alt="Save" title="Save" onClick="Do_Update('Save','0');" tabindex="3">
<?php
}
}
?>
</td>
</tr>
On your code you have this : 在您的代码上,您有:
$sql.= " where gal_id=" . $gal_id . ";";
$sql.= " username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= " password='" . strip_tags(mysql_real_escape_string(trim($password))) . "',";
Try to set the where clause after the update of username & password : 尝试在更新用户名和密码后设置where子句:
$sql.= " username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= " password='" . strip_tags(mysql_real_escape_string(trim($password))) . "'";
$sql.= " where gal_id=" . $gal_id . ";";
Try this 尝试这个
$sql.= " where gal_id=" . $gal_id . ";";
$sql.= "AND username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= "AND password='" . strip_tags(mysql_real_escape_string(trim($password))) . "',";
Lines 22, 23, and 24 of your sample code 示例代码的第22、23和24行
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.