[英]update table in mysql when user loses focus of a textarea?
I want users of my site to be able to update their profile information by clicking into a textarea. 我希望我站点的用户能够通过单击文本区域来更新其个人资料信息。 When they type in some text and click out of the text area (on blur), I want this to update a table in my database called 'bio'.
当他们输入一些文本并单击超出文本区域(模糊时)时,我希望它更新数据库中名为“ bio”的表。
I have been working on this for several days, I'm ashamed to admit but I am really new to php and sql so I am learning as I go along. 我已经为此工作了好几天,我感到很to愧,但是我对php和sql真的很陌生,所以我在学习的同时也正在学习。 I have tried to make sense of a script but it's probably completely wrong.
我试图弄清脚本的含义,但这可能是完全错误的。 Can someone please advise me of what I need to do?
有人可以告诉我我需要做什么吗?
Here's my code: 这是我的代码:
<textarea id="bio" style="width: 456px;
margin-top:3px;
text-align:left;
margin-left:-2px;
height: 120px;
resize: none;
border: hidden;" textarea name="bio" data-id="bio">
<?php echo $profile['bio'] ?>
</textarea>
<script type="text/javascript">
$('textarea').on('blur',function () {
var bioVal = $(this).val(),
id = $(this).data('id');
$.ajax({
type: "POST",
url: "includes/changebio.php",
data: {bio:bioVal , id:id},
success: function(msg) {
$('#bio-' + id).val(msg);
}
})
});
</script>
Here's the url php file that should do the work: 这是应该工作的url php文件:
function update_profilebio() {
global $connection;
global $profile_id;
$query = "UPDATE ptb_profiles
SET bio=''
WHERE ptb_profiles.user_id = \"$profile_id\"
AND ptb_profiles.user_id = ptb_users.id";
$update_profilebio_set = mysql_query($query, $connection);
confirm_query($update_profilebio_set);
return $update_profilebio_set;
}
I checked HTML+JavaScript code and AJAX POST request is sending data correctly to the PHP script (You may check this in Chrome Developer Tools or with Firebug add-on). 我检查了HTML + JavaScript代码,并且AJAX POST请求已将数据正确发送到PHP脚本(您可以在Chrome开发者工具中或使用Firebug附加组件进行检查)。
This changebio.php script has only definition of this update_profilebio() function ? 这个changebio.php脚本只有此update_profilebio()函数的定义吗? Definition alone won't execute this function, you need to call it.
仅定义不会执行此功能,您需要调用它。
<?php
update_profilebio(); // tells php to call the function, defined below
function update_profilebio() {
global $connection;
global $profile_id;
$query = "UPDATE ptb_profiles
SET bio=''
WHERE ptb_profiles.user_id = \"$profile_id\"
AND ptb_profiles.user_id = ptb_users.id";
$update_profilebio_set = mysql_query($query, $connection);
confirm_query($update_profilebio_set);
return $update_profilebio_set;
}
?>
Also, SQL query has two conditions and I don't understand this part "...AND ptb_profiles.user_id = ptb_users.id ". 另外,SQL查询有两个条件,我不理解这部分“ ... AND ptb_profiles.user_id = ptb_users.id”。 You update only one column in one table, the only thing you need is user id which you provide in first where condition.
您只更新一个表中的一列,唯一需要的是您在第一个where条件中提供的用户ID。
Your HTML + jQuery code looks ok, just cheng php output <?php echo $profile['bio'] ?>
by adding htmlspecialchars
, that will help you avoid some trouble 您的HTML + jQuery代码看起来不错,只需通过添加
htmlspecialchars
使php输出<?php echo $profile['bio'] ?>
,这将帮助您避免麻烦
<?php echo htmlspecialchars($profile['bio']); ?>
The thing that fails in your code is SQL query; 代码失败的原因是SQL查询。 you are setting bio to empty text.
您正在将bio设置为空文本。 Also you have condition on matching
user_id
with other table id, but you have not joined this table in your query. 另外,您还具有将
user_id
与其他表ID匹配的条件,但是您尚未在查询中加入该表。 Just requiring user_id
to be equal to given integer is enough. 仅要求
user_id
等于给定的整数就足够了。 Also remember to escape user input properly, to prevent them from injecting malicious code into your database. 还要记住,要正确避免用户输入,以防止他们将恶意代码注入数据库。
SQL should look like this: SQL应该看起来像这样:
$bio = mysql_real_escape_string($_POST['bio']);
$query = "
UPDATE
ptb_profiles
SET
bio='{$bio}'
WHERE
ptb_profiles.user_id = " . intval($profile_id);
You got your quoting wrong, try something like this 您引用的报价有误,请尝试这样的操作
$query = "UPDATE ptb_profiles SET bio='".$_REQUEST['bio']."'
WHERE ptb_profiles.user_id = ".$profile_id;
SQL usually uses single quotes, PHP uses both. SQL通常使用单引号,PHP两者都使用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.