0

您好我正在尝试从 HTML 表单更新单个字段,由于某种原因,我传递给更新查询的会话变量之一未被接受。我已经在页面中回显了该变量,因此相当确定它存在于内存中。

注意,我知道我的代码非常不安全,但我正在学习 PHP,一旦我掌握了基础知识,我会检查它并使其达到最佳实践标准。

E2A:如果我做 var_dump($filename); 在尝试运行查询之前它返回 string(6) "356/18",在查询之后它返回 NULL。我没有在任何地方取消设置变量,所以它会去哪里!

这是我的表格:

      <form method="post" action="">
      <p>Your username is:&nbsp;<?php echo $_SESSION['userid'] ?>&nbsp;Your company ID is:&nbsp;<?php echo $companyid['id']?></p>
      <h3>Please enter note for file: <?php echo $filename; ?></h3>
      <table width="200" cellpadding="5">
        <tr>
        <th width="18%" align="right" nowrap>Add Note:&nbsp;</th>
        <td width="82%" nowrap>
            <input type="text" name="note" />
        </td>
        </tr>
        <tr>
        <td colspan="2" width="100%" nowrap>
            <input type="submit" value="Submit" name="Submit" />
        </td>
        </tr>
        </table>
      </form>

这是我的更新查询:

     $sql = "UPDATE fields SET Notes =          ('".mysql_real_escape_string(stripslashes($_REQUEST['note']))."') 
        WHERE companyId='".$companyid['id']."' AND fileNumber ='".$filename."'";
    if($result = mysql_query($sql)) { 
        echo "<h1>Thank you</h1>Your information has been entered into our database<br><br>";
        echo $sql;
        echo $filename;
        } else { 
        echo "ERROR: ".mysql_error(); 
        } 
        } else {

回显 $sql 会产生以下结果:

     UPDATE fields SET Notes = ('asdasda') WHERE companyId='11' AND fileNumber =''

这是我实例化 POST 变量的地方。

         include "header.php";
         $checkFiles = "checkFiles.php";
         // Catches form input from previous page and stores it into session variable called filename for future reference;
         $_SESSION['filename']=$_POST['filename'];
         $filename = $_SESSION['filename'];
         //User id stuff from previous page too; 
         $userid = $_SESSION['userid'];
         $id = mysql_query("SELECT id FROM users WHERE DXNumber='".$userid."'");
         // Returns pointer so fetch it as an array and insert it into variable $companyid for later use;
         $companyid = mysql_fetch_array($id);
4

2 回答 2

1

您需要包含session_start()在每个文件的顶部。

做就是了:

AND fileNumber ='".$_SESSION[filename]."'";

在您的更新查询中。

如果这不起作用,请确保设置了 for 的值$_SESSION[filename]

于 2013-01-16T16:42:39.283 回答
0 
<h3>Please enter note for file: <?php echo $filename; ?></h3>

创建输入框

<input type="text" name="filename" value="<?php echo $filename; ?>"/>

然后文件名值将传递给 $_POST 数组

于 2013-01-16T16:57:52.393 回答