我做了一个程序。在这个程序中,用户可以登录并更改用户个人资料中的详细信息。详细信息是:用户名,密码,电子邮件。我的代码是:
配置文件.php
<?php
include_once "db_connection.php";
if (isset($_GET['user_name']))
{
$user_name = $_GET['user_name'];
$result = mysql_query("SELECT * FROM users WHERE user_name LIKE '$user_name' ")
or die(mysql_error());
$row = mysql_fetch_assoc($result);
if($row)
{
$user_email = $row['user_email'];
}
else
{
echo "error";
}
}
?>
profile.php 中的形式是:
<form id="form1" action="updateprofile.php" method="post" class="form">
<fieldset class="form-inline">
<div class="form-col-3-8" style="padding-top:10px;padding-bottom:20px;"align="center">
<label>UserName<span class="required">*</span></label>
<input type="text" name="user_name" value="<?php echo $user_name; ?>" />
</div>
<div class="form-col-2-8" style="padding-top:10px;padding-bottom:20px;"align="center">
<label>Password<span class="required">*</span></label>
<input type="password" name="password"/>
</div>
<div class="form-col-3-8" style="padding-top:10px;padding-bottom:20px;"align="center">
<label>E-mail<span class="required">*</span></label>
<input type="text" name="user_email" value="<?php echo $user_email; ?>" />
</div>
</fieldset>
<div class="da-button-row">
<input type="reset" value="Reset" />
<input type="submit" value="Submit" name="submit"/>
</div>
</form>
最后 updateprofile.php 是:
<?php
include_once "db_connection.php";
if (isset($_POST['submit']))
{
$user_name = $_POST['user_name'];
$user_name2 = mysql_real_escape_string(htmlspecialchars($_POST['user_name']));
$password = mysql_real_escape_string(htmlspecialchars($_POST['password']));
$passwordmd = md5($password);
$user_email = mysql_real_escape_string(htmlspecialchars($_POST['user_email']));
mysql_query("UPDATE users SET user_name='$user_name2', user_email='$user_email' ,user_password_hash='$passwordmd' WHERE user_name LIKE '$user_name'")
or die(mysql_error());
header("Location: index.php");
}
?>
一切正常,但是当我推送提交时,数据库中的详细信息不会改变。我究竟做错了什么?