[英]How do I write a script to change an integer in my MySQL database?
I've pretty much never coded in PHP and MySQL before, so you'll have to excuse my god awful code. 我以前几乎从未用PHP和MySQL编写过代码,因此您必须原谅我糟糕的代码。
I have a 3 columns in my database. 我的数据库中有3列。 ID, Class, and Need. ID,类别和需求。
Basically, I'm trying to find the easiest way for me to code a page in order to allow users to change the "Need" value of each row from 0 to 1, or 1 to 0. 基本上,我试图为我编写页面编码的最简单方法,以便允许用户将每行的“ Need”值从0更改为1,或从1更改为0。
Currently I have it working where I have 2 buttons that run 2 separate but almost identical scripts whose only purpose is to change a specific row's "Need" value to 1 or 0 (shown below) 目前,我在有两个运行两个单独但几乎相同的脚本的按钮上工作,它们的唯一目的是将特定行的“ Need”值更改为1或0(如下所示)
<?php
mysql_connect("localhost", "muffins", "sugarcookies") or die(mysql_error());
mysql_select_db("crackers_cheese") or die(mysql_error());
mysql_query("UPDATE recruitment SET Need=1
WHERE ID='1'");
mysql_close($con);
header("location: /admin.html");
?>
The inverse .php file is identical except for "SET Need=0" 反向.php文件是相同的,除了“ SET Need = 0”
So, what can I do instead of having 22 individual .php files whos only purpose is setting each specific row to 0 or 1. 因此,我可以做什么,而不是拥有22个单独的.php文件,其唯一目的是将每个特定行设置为0或1。
Thanks! 谢谢!
Have one of your buttons send an HTTP parameter to indicate whether the field should be 0 or 1. Also, look at using the PDO class instead of mysql_* functions. 让您的按钮之一发送一个HTTP参数,以指示该字段应为0还是1。此外,还要考虑使用PDO类而不是mysql_ *函数。
Here's an example of how it can be done using PDO functions: 这是使用PDO函数可以完成此操作的示例:
<?php
if(!isset($_POST['need'])) {
die('Missing need parameter');
} elseif($_POST['need'] !== '0' && $_POST['need'] !== '1') {
die('Invalid need values');
}
if(!isset($_POST['id']) || !is_numeric($_POST['id'])) {
die('Missing ID');
}
$db = new \PDO('mysql:dbname=crackers_cheese;host=localhost', 'muffins', 'sugarcookies');
$statement = $db->prepare("UPDATE `recruitment` SET `Need` = :need WHERE `ID`= :id");
$statement->bindValue(':need', $_POST['need'], \PDO::PARAM_INT);
$statement->bindValue(':id', $_POST['id'], \PDO::PARAM_INT);
$statement->execute();
header("location: /admin.html");
?>
Note that since you are using a prepared statement here, the data does not need to be escaped using real_escape_string or anything like that, thus mitigating SQL injection attacks. 请注意,由于您在此处使用的是预备语句,因此不需要使用real_escape_string或类似的东西对数据进行转义,从而减轻了SQL注入攻击。
It is good practice to use parameter binding instead of concatenating a query to prevent SQL injection attacks. 优良作法是使用参数绑定而不是连接查询以防止SQL注入攻击。 For more information, see: Are PDO prepared statements sufficient to prevent SQL injection? 有关更多信息,请参见: PDO准备好的语句是否足以防止SQL注入?
<form method='POST' action='update.php'>
<label for='id'>ID:</label>
<input type='number' name='id' id='id'>
<input type='radio' name='need' value='0' id='needfalse'> <label for='needfalse'>Need = 0</label>
<input type='radio' name='need' value='1' id='needtrue'> <label for='needtrue'>Need = 1</label>
<button type='submit'>Submit</button>
This isn't the best form designed. 这不是设计的最佳形式。 I've used radio buttons here, it would be slightly more complex to do it with actual buttons, but this should be sufficient to get you started. 我在这里使用了单选按钮,用实际的按钮来做会稍微复杂一些,但这足以让您入门。
Assuming you just want to toggle (set to 1 if it is 0 or set to 0 if it is 1) you could use the following SQL update statement: 假设您只想切换(如果为0,则设置为1;如果为1,则设置为0),则可以使用以下SQL更新语句:
update table_name
set need = abs(need - 1)
where id = 1
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.