1

我有一个基于 PHP 和 SQL 的常见问题解答脚本,允许访问者通过表单提交问题。然后,站点管理员可以编辑问题、添加答案并将内容发布到 FAQ 页面。

除了编辑用户提交的问题外,一切正常。输入表单允许我编辑用户提交的问题并提交提供的答案,但提交后它返回原始用户提交的问题而不是编辑后的问题。

例如,用户提交以下问题:

“英格兰的首都是什么地方?”

管理员可以将问题编辑为:

“英国的首都是哪里?”

和答案:

“英国的首都是伦敦”

虽然在编辑和提交之后,编辑后的问题并没有保存到数据库中,而是保存为原始用户提交的问题:

“英国的首都是什么”

这是来自 editfaq.php 页面的代码,您可以在其中编辑用户提交的问题或存储在数据库中的现有问题和答案。编辑现有条目的问题或答案可以正常工作,但是用户提交的问题不会保存。

任何帮助将非常感激。

    if (isset($_GET[type]) and $_GET[type] == n) {
$get_new = mysql_query("SELECT * FROM ofaq_new WHERE id = $_GET[id]");

  while ($row = mysql_fetch_array($get_new)) {
    $q = "$row[question]";
    $email = "$row[email]";
    $notify = "$row[notify]";
  }

  if (isset($_GET[edit])) {
    mysql_query("INSERT INTO ofaq_qa (q, a) VALUES ('$q', '$_POST[a]')");
    mysql_query("DELETE FROM ofaq_new WHERE id = $_GET[id]");
    echo "$lang[publishednew].";






    if ($notify == 1) {
      $message = "$lang[mail1]\n\n$lang[question]: $q\n$lang[answer]: $_POST[a]\n\n$lang[mail2] $config[name] $lang[mail3]\n$config[faqurl]";
      $message = wordwrap($message, 70);
      $subject = "$lang[yourq] $config[name]";
      $headers = "From: $config[name] <$config[adminmail]>";

      mail($email, $subject, $message, $headers);
    }
  } elseif (isset($_GET[id])) {
    echo "<b>edit user submitted question</b><p />";






    echo "<form action=faqedit.php?type=n&edit=1&id=$_GET[id] method=post>";
    echo "$lang[question]:<br />";
    echo "<input type=text name=q size=50 value='$q' /><br />";
    echo "$lang[answer]:<br />";
    echo "<textarea name=a rows=4 cols=50></textarea><br />";
    echo "<input type=submit value='$lang[pubnew]' />";
    echo "</form>";
  }
} else {
  $get_qa = mysql_query("SELECT * FROM ofaq_qa WHERE id = $_GET[id]");




  if (isset($_GET[id])) { 
    while ($row = mysql_fetch_array($get_qa)) { 
      $q = "$row[q]"; 
      $a = "$row[a]"; 
    } 




    echo "<b>edit existing question</b><p />"; 




    echo "<form action=faqedit.php?edit=1&sid=$_GET[id] method=post>"; 
    echo "$lang[question]:<br />"; 
    echo "<input type=text name=q size=30 value='$q' /><br />"; 
    echo "$lang[answer]:<br />"; 
    echo "<textarea name=a rows=4 cols=30>$a</textarea><br />"; 
    echo "<input type=submit value='$lang[editqa]' />"; 
    echo "</form>"; 

  } elseif (isset($_GET[edit])) { 
    mysql_query("UPDATE ofaq_qa set q='$_POST[q]', a='$_POST[a]' where id=$_GET[sid]"); 
    echo "$lang[written]";
  } else {
    echo "Oops... Something went horribly wrong!";
  }
}
4

2 回答 2

0

为什么不进行更新查询,而不是删除并重新插入?!

你应该写这个 "$_GET['edit']" 而不是这个 "$_GET[edit]" ...

好的,所以 "$_POST['a']" 包含管理员答案,但我看不到包含新答案的变量在哪里?

在 INSERT 查询中,您使用的是包含旧问题的“$q”变量,因此您将旧问题插入到第二个表中。

所以在管理表单中,尝试找到新问题字段的名称,如果(例如)它是“newQ”,那么......

if(isset($_GET['type']) AND $_GET['type'] == n) {
    $get_new = mysql_query('SELECT * FROM ofaq_new WHERE id = ' . $_GET['id']);

    $row = mysql_fetch_assoc($get_new); //You have only one record

    $q = $row['question'];
    $email = $row['email'];
    $notify = $row['notify'];

    if(isset($_GET[edit])) {
        mysql_query('INSERT INTO ofaq_qa (q, a) VALUES ("$_POST[\'newQ\']", "$_POST[\'a\']")');
        mysql_query('DELETE FROM ofaq_new WHERE id = ' . $_GET[id]);

echo $lang['publishednew'] . '.';

    //ETC
于 2013-03-31T00:00:21.917 回答
0

好的,这是一个很酷的小脚本。

文件:db.php

<?php
try {
    $pdo_options[PDO::ATTR_ERRMODE] = PDO::ERRMODE_EXCEPTION;
    $pdo_options[PDO::MYSQL_ATTR_INIT_COMMAND] = "SET NAMES utf8";

    $db = new PDO('mysql:host=localhost;dbname=try', 'root', '', $pdo_options);
}
catch (Exception $e) {
    die('Erreur : ' . $e->getMessage());
}
?>

文件:ask.php

<?php
//RUNNING THE SESSION
session_start();

//Import the database connection object
require_once 'db.php';

//INIT THE ERRORS MESSAGES AS EMPTY
$serverMsg = '';

//IF THE QUESTION IS SENT
if(isset($_POST['quest']) AND isset($_POST['email'])) {
    //CHEKING IF THE DATAS ARE CORRECT
    if(empty($_POST['quest'])) $serverMsg .= '<p>Empty question.</p>';
    if(empty($_POST['email'])) $serverMsg .= '<p>Empty email.</p>';
    elseif(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) $serverMsg .= '<p>Wrong email.</p>';

    //CHEKING IF THE USER DOESNT ABUSE
    if(!isset($_SESSION['quest_nbr'])) $_SESSION['quest_nbr'] = 0;

    if($_SESSION['quest_nbr'] > 2) $serverMsg .= '<p>Please wait a few minutes before asking more questions.</p>';

    //IF NO ERROR
    if(empty($serverMsg)) {
        $req = $db->prepare('INSERT INTO faq (quest, email) VALUE (:q, :em)');
        $req->bindParam(':q', $_POST['quest'], PDO::PARAM_STR);
        $req->bindParam(':em', $_POST['email'], PDO::PARAM_STR);
        $req->execute();
        $serverMsg = '<p>Question added.</p>';

        //INCREMENTING THE USER QUESTIONS
        $_SESSION['quest_nbr']++;
    }
}
?>

<form method="post" action="">
    <?php echo $serverMsg; ?>
    <p>Email : <input type="text" name="email"></p>
    <p>Question : <textarea name="quest"></textarea></p>
    <p><input type="submit" value="Ask"></p>
</form>

文件:admin_edit.php

<?php
//RUNNING THE SESSION
session_start();

// CHECKING IF CURRENT USER IS AN ADMIN
// Example
if(!isset($_SESSION['admin']) OR $_SESSION['admin'] == null) die('You are not allowed to be here.');

//Import the database connection object
require_once 'db.php';

//INIT THE ERRORS MESSAGES AS EMPTY
$serverMsg = '';

//IF A QUESTION IS SELECTED (to be edited)
if(isset($_GET['questId']) AND is_numeric($_GET['questId'])) {
    //IF THE NEW QUESTION AND ANSWER FORM IS SENT

    if(isset($_POST['newQuest']) AND isset($_POST['newAns'])) {
        if(empty($_POST['newQuest'])) $serverMsg .= '<p>Empty question.</p>';
        if(empty($_POST['newAns'])) $serverMsg .= '<p>Empty answer.</p>';


        //IF EVERYTHING'S OK
        if(empty($serverMsg)) {
            //CHEKING IF QUESTION REALLY EXISTS
            $req = $db->prepare('SELECT email FROM faq WHERE id = :id');
            $req->bindParam(':id', $_GET['questId'], PDO::PARAM_INT);
            $req->execute();
            $data = $req->fetch();

            //IF QUESTION EXIST, WE UPDATE IT
            if(!empty($data)) {
                $req = $db->prepare('UPDATE faq SET quest = :q, ans = :a WHERE id = :id');
                $req->bindParam(':q', $_POST['newQuest'], PDO::PARAM_STR);
                $req->bindParam(':a', $_POST['newAns'], PDO::PARAM_STR);
                $req->bindParam(':id', $_GET['questId'], PDO::PARAM_INT);
                $req->execute();
                $serverMsg = '<p>Question edited and is visible now.</p>';

                //SENDING EN EMAIL
                $userEmail = $data['email'];
                /*

                */
            }
        }
    }

    //SHOWING THE FORM
    $req = $db->prepare('SELECT * FROM faq WHERE id = :id');
    $req->bindParam(':id', $_GET['questId'], PDO::PARAM_INT);
    $req->execute();
    $data = $req->fetch();

    echo '<form method="post" action="admin_edit.php?questId='.$_GET['questId'].'">'.$serverMsg.'
        <p>Question : <textarea name="newQuest">'.$data['quest'].'</textarea></p>
        <p>Answer : <textarea name="newAns">'.$data['ans'].'</textarea></p>
        <p><input type="submit" value="Edit"></p>
    </form>';

}
else {
    // SELECTING QUESTIONS NOT ANSWERED YET
    $req = $db->prepare('SELECT * FROM faq WHERE ans = ""');
    $req->execute();
    while($data = $req->fetch()) {
        echo '<a href="admin_edit.php?questId='.$data['id'].'">'.substr($data['quest'], 0, 15).' ...</a><br />';
    }
}

echo '<a href="admin_edit.php">Show questions without answer.</a>';
?>

用于创建相应表的 SQL 查询

CREATE TABLE IF NOT EXISTS `faq` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `quest` varchar(255) NOT NULL,
  `ans` text NOT NULL,
  `email` varchar(45) NOT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `quest` (`quest`)
) ENGINE=InnoDB  DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
于 2013-03-31T16:48:58.307 回答