1

数据库的输出看起来不错,但更新的输入没有传递到数据库

edit.php - 从这里所有值都正确显示

<?php
session_start();

$name = $_SESSION['name'];
$sur = $_SESSION['sur'];
$pass = $_SESSION['pass'];

echo $name.' '.$sur.' '.$pass;

//connect
$dbh = mysql_connect ("localhost", "xxx_admin", "xxx") 
       or die ('ERROR!');
       mysql_select_db ("xxx_database"); 

$query="SELECT * FROM client_info WHERE (first='$name' AND last='$sur' AND password='$pass')";
$result=mysql_query($query);


    $id = mysql_result($result,$i,"id");
    $first = mysql_result($result,$i,"first");
    $last = mysql_result($result,$i,"last");
    $phone = mysql_result($result,$i,"phone");
    $mob = mysql_result($result,$i,"mob");
    $fax = mysql_result($result,$i,"fax");
    $email = mysql_result($result,$i,"email");
    $web = mysql_result($result,$i,"web");
    $com = mysql_result($result,$i,"com");
    $add = mysql_result($result,$i,"add");
    $city = mysql_result($result,$i,"city");
    $state = mysql_result($result,$i,"state");
    $zip = mysql_result($result,$i,"zip");
    $zone = mysql_result($result,$i,"zone");
    $office = mysql_result($result,$i,"office");
    $office_num = mysql_result($result,$i,"office_num");
    $ext_mob = mysql_result($result,$i,"ext_mob");
    $ext_phone = mysql_result($result,$i,"ext_phone");
    $ext_office = mysql_result($result,$i,"ext_office");
    $srv = mysql_result($result,$i,"srv");
    $stype = mysql_result($result,$i,"stype");
    $voip = mysql_result($result,$i,"voip");
    $vpass = mysql_result($result,$i,"vpass");
    $regDate = mysql_result($result,$i,"regDate");
    $acct = mysql_result($result,$i,"acct");
    $Nagent = mysql_result($result,$i,"Nagent");
    $agents = mysql_result($result,$i,"agents");
    $password = mysql_result($result,$i,"password");

?>
<html>
<head>
<title></title>
</head>

<body>

<form method="post" action="update.php" name="gen">
<b>Personal Info:</b>
<p>First Name:<input type="text" name="first" size="20" value="<?php echo $first; ?>"/></p>
<p>Last Name:<input type="text" name="last" size="20" value="<?php echo $last; ?>"/></p>
<p>Mob:<input type="text" name="mob" size="20" value="<?php echo $mob; ?>"/>
ext:<input type="text" name="ext_mob" size="4" value="<?php echo $ext_mob; ?>"/></p>
<p>Phone:<input type="text" name="phone" size="20" value="<?php echo $phone; ?>"/>
ext:<input type="text" name="ext_phone" size="4" value="<?php echo $ext_phone; ?>"/></p>
<p>Fax:<input type="text" name="fax" size="20" value="<?php echo $fax; ?>"/></p>
<p>E-mail:<input type="text" name="email" size="35" value="<?php echo $email; ?>"/></p>
<p>Address:<input type="text" name="add" size="40" value="<?php echo $add; ?>"/></p>
<p>City:<input type="text" name="city" size="20" value="<?php echo $city; ?>"/></p>
<p>State:<input type="text" name="state" size="20" value="<?php echo $state; ?>"/></p>
<p>Zip Code:<input type="text" name="zip" size="5" value="<?php echo $zip; ?>"/></p>
<p>Zone:<input type="text" name="zone" size="5" value="<?php echo $zone; ?>"/></p>
<br>

<b>Office Info:</b>
<p>Company:<input type="text" name="com" size="40" value="<?php echo $com; ?>"/></p>
<p>Office Address:<input type="text" name="office" size="40" value="<?php echo $office; ?>"/></p>
<p>Office Num #:<input type="text" name="office_num" size="15" value="<?php echo $office_num; ?>"/>
ext:<input type="text" name="ext_office" size="4" value="<?php echo $ext_office; ?>"/></p>
<p>Website:<input type="text" name="web" size="30" value="<?php echo $web; ?>"/></p><br>

Old password:
<input type="password" size="20" name="oldpassword">
New password:
<input type="password" size="20" name="newpassword">
verify new password
<input type="password" size="20" name="verpassword">

<input type="text" size="20" name="id" value="<?php echo $id; ?>">
<input type="submit" value="Update Database">
</form>




</body>
</html>

update.php - 它说更新成功,但我的数据库没有变化

<?php
session_start();

$ud_id=$_POST['id'];
$name = $_SESSION['name'];
$sur = $_SESSION['sur'];
$pass = $_SESSION['pass'];

$ud_first = $_POST['first'];
$ud_last = $_POST['last'];
$ud_phone = $_POST['phone'];
$ud_mob = $_POST['mob'];
$ud_fax = $_POST['fax'];
$ud_email = $_POST['email'];
$ud_web = $_POST['web'];
$ud_com = $_POST['com'];
$ud_add = $_POST['add'];
$ud_city = $_POST['city'];
$ud_state = $_POST['state'];
$ud_zip = $_POST['zip'];
$ud_zone = $_POST['zone'];
$ud_office = $_POST['office'];
$ud_office_num = $_POST['office_num'];
$ud_ext_mob = $_POST['ext_mob'];
$ud_ext_phone = $_POST['ext_phone'];
$ud_ext_office = $_POST['ext_office'];
$ud_password = $_POST['newpassword'];

//connect
$dbh = mysql_connect ("localhost", "xxx_admin", "xxx") 
       or die ('ERROR!');
       mysql_select_db ("xxx_database"); 


$query="UPDATE client_info SET first='$ud_first',last='$ud_last',phone='$ud_phone',mob='$ud_mob',fax='$ud_fax',email='$ud_email',web='$ud_web',com='$ud_com',add='$ud_add',city='$ud_city',state='$ud_state',zip='$ud_zip',zone='$ud_zone',office='$ud_office',office_num='$ud_office_num',ext_mob='$ud_ext_mob',ext_phone='$ud_ext_phone',ext_office='$ud_ext_office',password='$ud_password' WHERE id='$ud_id'";

mysql_query($query);

echo "Record Updated at ID: ".$ud_id;
mysql_close();     

?>
4

3 回答 3

1

由于我不知道您的表结构,请尝试此操作并进行相应的调试。

$query="UPDATE client_info SET first='$ud_first',
last='$ud_last',
phone='$ud_phone',
mob='$ud_mob',
fax='$ud_fax',
email='$ud_email',
web='$ud_web',
com='$ud_com',
add='$ud_add',
city='$ud_city',
state='$ud_state',
zip='$ud_zip',
zone='$ud_zone',
office='$ud_office',
office_num='$ud_office_num',
ext_mob='$ud_ext_mob',
ext_phone='$ud_ext_phone',
ext_office='$ud_ext_office',
password='$ud_password' WHERE id=$ud_id;";

mysql_query($query) or die(mysql_error());
于 2012-10-29T06:58:28.393 回答
0

  1. 最重要的是,我强烈建议您在向数据库发送任何内容之前转义您的用户输入。它将逃避特殊字符并避免使用关键字来弄乱您的数据库。为此,只需像这样使用 mysql_real_escape_string() ;

    $ud_first = mysql_real_escape_string($_POST['first']);

  2. 您应该检查 mysqli,因为 mysql 已被废弃。如果你刚刚开始你的代码,我建议你尽快切换。效率和安全性将会提高。

  3. 添加一个 ; 在你查询的最后。将帮助服务器知道它在哪里结束。

  4. 更改or die ('ERROR!');为 ordie (mysql_error());这将回显 mysql 服务器遇到的最后一个错误。它很可能会告诉您您的问题是什么。

我给你这些提示,因为我不明白为什么你的代码不能按预期工作。

于 2012-10-29T05:52:58.517 回答
0

超出了这个问题的范围,但为什么要分别分配每个结果值?

您期望一个结果,并且由于 $i not set 实际上是 null 它可以工作,也许您可​​以通过使用来简化您的生活和代码

$r = mysql_fetch_assoc($result);
foreach($r as $key=>$value){ $$key=$value; }

如果预期或可能有更多行,则必须在 foreach 循环或类似解决方案中关闭它。另一方面,处理帖子和保护输入也可能很简单

$allowed_post_vars=array('city','zip',...); // define ok variables
foreach($allowed_post_vars as $postvar)// each of them
{ $ud='ud_'.$postvar; // prepare longer name, like $ud_city etc 
  $$ud=mysql_real_escape_string($_POST[$postvar]); //assign it sanitized value
}
于 2012-10-29T07:33:57.850 回答