0

我有一个带有用于更新记录和图像的表单的 php 页面 我不知道更新语句有什么问题 ,, 字段的值被采用了,我可以通过 GET 方法在 url 上看到它们......但是当我运行页面并且更新记录信息没有改变,页面上什么也没有出现,,因为没有字段r进行更新我认为我的更新语句有问题,,,这里是代码:

<?php

    // Connect to the database
    require("includes/conn.php");
    // Script Variables

    $target_dir = 'images/';

    $file_given = false;
    $inputs_given = false;
    $id_given = false;

    if(isset($_POST['serialid']) && $_POST['serialid'] != "")
    {
        $serialid = $_POST['serialid'];
        $id_given = true;
    }


        // You only need to catch input from a create or modify action, so start by checking for ALL the REQUIRED inputs
        if(isset($_POST['name']) && $_POST['name'] != "" && isset($_POST['description']) && $_POST['description'] != "" && isset($_POST['price']) && $_POST['price'] != "")
        {
            $name = $_POST['name'];
            $paragraph = $_POST['description'];
            $price = $_POST['price'];

            if(isset($_POST['picture']) && $_POST['picture'] != "")
            {
                $picture = basename($_FILES['picture']['name']);
                $file_given = true; 
            } 

            // Just some verification (not really much, but you can write your own functions and slot them in
            $name_safe = true;
            $description_safe = true;
            $price_safe = true;
            $picture_safe = false;


            if($_FILES["picture"]["type"] == "image/gif" || $_FILES["picture"]["type"] == "image/jpg" || $_FILES["picture"]["type"] == "image/png" || $_FILES["picture"]["type"] == "image/bmp")
                $picture_safe = true;

            if($name_safe && $description_safe && $price_safe && $picture_safe)
                $inputs_given = true;
        }

        if($id_given && $inputs_given)
        {
            // Search for the record and see if it exists
            $get_record = mysql_query("SELECT serial, picture FROM products WHERE serial='$serialid'");
            $record_exists = mysql_num_rows($get_record);

            if($record_exists == 1)
            {
                if($file_given)
                {
                    $update_image = ", picture='$picture'";

                    // Now we need to remove the old image from the file system and upload our new one in it's place

                    $previous_image = mysql_result($get_record,'0','picture');
                    unlink($target_dir . $previous_image);

                    //Now that the previous image has been removed, we need to upload our new image
                    $new_image = $target_dir . $picture ;
                    move_uploaded_file($_FILES['picture']['tmp_name'], $new_image);
                }
                else
                    $update_image = "";

                if(mysql_query("UPDATE products SET name='$name', description='$description', price='$price', " . $update_image . " WHERE serial='$serialid'"))
                    $action_output = "Record successfully modified.";
                else
                    $action_output = "Record modification unsuccessful.";
            }
            else
                $action_output = "The record id you specified does not exist.";
        }

?>
<html>
    <head>
        <title>Manage Records</title>
    </head>

    <body>
        <?php echo $action_output; ?>
    </body>
</html>
<?php
    // Disconnect from the database
?>

这是我点击修改时的网址

http://localhost/Shopping/update.php?name=View+Sonic+LCD&description=LCD&price=250&picture=C%3A%5CDocuments+and+Settings%5Ce2565%5CMy+Documents%5CTwasul%5Ctlogo%5Cicon%5Cpic1.jpg&serialid=1

我的修改表格是这个

<?php

    // Connect to the database
    require("includes/conn.php");
    $id_given = false;
    if(isset($_POST['serialid']) && $_POST['serialid'] != "")
    {
        $serialid = $_POST['serialid'];
        $id_given = true;
    }

    if($id_given)
    {
        $get_record = mysql_query("SELECT * FROM products WHERE serial='$serialid'");
        $record = mysql_fetch_array($get_record);

        $output = '<form method="POST" enctype="multipart/form-data" action="update.php?serialid=' . $record['serialid'] . '&action=modify">

                    <table>
                    <tr>
                    <td>Name:</td>
                    <td><input name="name" type="text"  value="' . $record['name'] . '"/></td>
                    </tr>
                    <tr>
                    <td>Description :</td>
                    <td><textarea name="description" cols="45" rows="5">' . $record['description'] . '</textarea></td>
                    </tr>
                    <tr>
                    <td>Price:</td>
                    <td><input name="price" type="text"  value="' . $record['price'] . '"/></td>
                    </tr>
                    <td colspan="2"><img height="50" width="50" src="../images/' . $record['picture'] . '"/><br/>' . $record['picture'] . '</td>
                    </tr> 
                    <tr>
                    <td>Modify Image:</td>
                    <td><input name="picture" type="file" value="" /></td>
                    </tr>
                    <tr>
                    <td colspan="2"><input type="submit" value="Modify Record"/>
                    </td>
                    </tr>
                    </table>

</form>';

    }
    else
        $output = 'No record id was specified.';
?>
<html>
    <head>
        <title>Modify Record</title>
    </head>

    <body>
        <?php echo $output; ?>
    </body>
</html>
<?php
    // Disconnect from the database
?>
4

2 回答 2

1

First, you have an extra comma in this line, before the WHERE :

if(mysql_query("UPDATE products SET name='$name', description='$description', price='$price', " . $update_image . " WHERE serial='$serialid'"))

The correct syntax is :

if(mysql_query("UPDATE products SET name='$name', description='$description', price='$price' " . $update_image . " WHERE serial='$serialid'"))

Then, you said

I can see them on url through the GET method

But in your script you are using $_POST variable to get values, use $_GET instead or change the method of your form to post.
If you want to upload a picture you have to use post method, the file will be available in the $_FILES variable.
In your example, you pass parameters by URL so, with the get method, and the "picture" is just the path to the picture in your PC, and it's not uploaded on the server.

EDIT :
Add "<input type='hidden' name='serialid' value='".$record['serialid']."' />" AND "<input type='hidden' name='action' value='modify' />" in your form instead of add this parameters to the action url of it, and it should work

于 2012-06-04T09:41:51.463 回答
0

您已经添加了逗号 in $update_image = ", picture='$picture'";以及 in

if(mysql_query("UPDATE products SET name='$name', description='$description', price='$price' ," .$update_image ." WHERE serial='$serialid'"))

删除逗号$update_image = " picture='$picture'";或删除此

if(mysql_query("UPDATE products SET name='$name', description='$description', price='$price' " . $update_image . " WHERE serial='$serialid'"))'

于 2012-06-04T09:46:48.690 回答