[英]Updating a form in PHP through mysql
我正在建立一個列表,用戶可以在其中更新或刪除現有聯系人。 我創建了index.php,它成功將聯系人發送到數據庫。 list.php在表中顯示從index.php輸入的聯系人列表。 現在,用戶應該刪除或編輯每個聯系人。
不幸的是,我點擊Edit之后,我的edit_user.php返回了一個錯誤: SQL語法有錯誤; 檢查與您的MySQL服務器版本相對應的手冊,以在第1行的''附近使用正確的語法。此外,當我在list.php中單擊“編輯”時,我希望edit_user.php顯示帶有預先填寫的聯系人的編輯表單信息。
我是Web開發的新手。 抱歉,有太多代碼。 請幫助我發現我的錯誤。 這是config.php
<?php
$dbhost = 'mysql51-031.wc2.dfw1.stabletransit.com';
$dbuser = '549359_sargis';
$dbpass = '********';
$dbname = '549359_sargis';
$table = 'Contacts';
$connection = mysql_connect($dbhost,$dbuser,$dbpass) or die(mysql_error());
$select_db = mysql_select_db($dbname,$connection) or die(mysql_error());
?>
這是我的list.php
<?php
include("config.php");
?>
<html>
<head>
<title>Contact List</title>
<link rel="stylesheet" type="text/css" href="style.css" />
<a href="index.php">Create New Contact</a><hr/>
</head>
<body>
<?php
$result = mysql_query("SELECT * FROM Contacts", $connection);
$num_rows = mysql_num_rows($result);
if($num_rows > 0)
{
echo "<center><h1>Contact List: (Updated)</h1><table border = '1'>";
echo "<thead>";
echo "<tr>";
echo "<th> Firstname </th>";
echo "<th> Lastname </th>";
echo "<th> Email </th>";
echo "<th> Phone </th>";
echo "<th> Date </th>";
echo "<th> Action </th>";
echo "</th>";
echo "</thead>";
echo "<tbody>";
$query = mysql_query("SELECT * FROM Contacts");
while($record = mysql_fetch_array($query))
{
echo "<tr>";
echo "<td>" . $record['firstname'] . "</td>";
echo "<td>" . $record['lastname'] . "</td>";
echo "<td>" . $record['email'] . "</td>";
echo "<td>" . $record['phone_number'] . "</td>";
echo "<td>" . $record['timesstamp'] . "</td>";
echo "<td align='center'>"; ?>
<a href="edit_user.php"><input type="hidden" name="id" value="<?php echo $id; ?>" />Edit</a>
<?php echo "| <a href='list.php?action=delete&id=$id'>Delete</a></td>";
echo "</tr>";
}
echo "</table>";
echo "</center>";
}
else
echo "<center><h4>No contacts found.</h4></center>";
?>
</body>
</html>
這是edit_user.php
<?php
include("config.php");
?>
<html>
<head>
<title>Edit User</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<?php
if(isset($_POST['submit']))
//if (isset($_POST))
{
$id = intval($_POST['id']);
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$phonenumber = $_POST['phonenumber'];
$sql = "UPDATE Contacts SET firstname='".mysql_real_escape_string($firstname)."', lastname='".mysql_real_escape_string($lastname)."', email='".mysql_real_escape_string($email)."', phone_number='".mysql_real_escape_string($phonenumber)."', timesstamp =NOW() WHERE id=".mysql_real_escape_string($id);
//$sql = "UPDATE Contacts SET firstname='$firstname', lastname='$lastname', email='$email', phone_number='$phonenumber', timesstamp =NOW() WHERE id=$id";
//print_r($_POST).'<br />';echo $sql;exit;
$result = mysql_query($sql);
if($result)
{
header("Location: list.php");
}
else
{
echo "There was a problem with the query: ".mysql_error().".";
}
}
?>
<body>
<form action="edit_user.php?id=<?php echo $id;?>" method="POST">
<div>
First name: <input type ='text' id='firstname' name='firstname' value="<?php echo $firstname; ?>"/><br />
Last name: <input type = 'text' id='lastname' name='lastname'value="<?php echo $lastname; ?>"/><br />
Email: <input type = 'text' id='email' name='email' value="<?php echo $email; ?>"/><br />
Phone Number: <input type = 'text' id='phone_number' name='phonenumber' value="<?php echo $phonenumber; ?>"/><br />
<input type = 'submit' name = 'submit' value='Update' />
</div>
</form>
</body>
</html>
通常,此錯誤是由於無效字符未在SQL語句中轉義引起的。
但是有些事情我建議更改。
首先移動
$id = $_POST['id'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$phonenumber = $_POST['phonenumber'];
之后
if(isset($_POST['submit'])) {
另外,只需踢一下,就可以更改:
$id = $_POST['id'];
至:
$id = intval($_POST['id']);
然后在您的SQL語句中,將其更改為:
$sql = "UPDATE Contacts SET firstname='".mysql_real_escape_string($firstname)."', lastname='".mysql_real_escape_string($lastname)."', email='".mysql_real_escape_string($email)."', phone_number='".mysql_real_escape_string($phonenumber)."', timesstamp =NOW() WHERE id=".mysql_real_escape_string($id);
看來您有一個鏈接編輯:
<a href="edit_user.php?id=<? echo $record['id']; ?>" > Edit </a>
在這種情況下,id是get參數而不是POST參數。
因此,在edit_user.php中,應為:
$id = $_GET['id'];
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.