0

这是我的 php 代码。在此代码中,如果用户编辑他/她的信息并单击更新按钮,则必须在数据库端更新发布的值。我的用户表名是 users。但是当我想发布一些值时名称更新而不是其他人。日期也更改为 0000-00-00。为什么会发生这种情况?我不明白。任何想法和回复都会有所帮助?

<?php
if(isset($_POST['update']))
{

 include("db.php");

$name = $_POST['name'];

$password1 = md5($_POST['password1']);
$password2 = md5($_POST['password2']);
$date_of_birth = $_POST['date_of_birth'];
$place_of_birth = $_POST['place_of_birth'];
$info = $_POST['info'];
$nationality = $_POST['nationality'];

   echo $_POST['name'];
   echo $name;
   echo $date_of_birth;
   echo $info;
   echo $place_of_birth;
   echo $nationality;

if ($password1 != $password2) {
    include "src/header.php";
    include "src/mainmenu.php";
    echo '<p>Error: password does not match. Try again</a>';
    echo '<p><a href="EditProfile.php">Try again</p>';
    include "src/footer.php";
    exit;
}
//If the name and the other fields are empty
if($name=='' || $email=='' || $password1=='' || $password2=='' || $date_of_birth==       
    ''|| $place_of_birth==''|| $info=='' || $nationality=='' ){
    include "src/header.php";
    include "src/mainmenu.php";
    echo '<p>Error:You didn\'t fill the fields.Try again</a>';
    echo '<p><a href="EditProfile.php">Try again</p>';
    include "src/footer.php";
    exit;
}


   $email=$_SESSION['email'];

   $sql = "UPDATE users SET name='".mysql_real_escape_string($name)."',
                     info=     
   '".mysql_real_escape_string($info)."',

   password=".mysql_real_escape_string($password2)."'

   place_of_birth='".mysql_real_escape_string($place_of_birth)."',

   date_of_birth='".mysql_real_escape_string($date_of_birth)."', 

   nationality='".mysql_real_escape_string($nationality)."'
                     WHERE email ='$email'";


  $retval = mysql_query($sql,$link);



  if (!$retval|| $retval==false) {
    include "src/header.php";
    include "src/mainmenu.php";
    die('Could not update data: ' . mysql_error());
    echo '<p><a href="EditProfile.php">Try again</a></p>';
    include "src/footer.php";
    mysql_close($link);
    exit;
}
else {
    echo "Updated data successfully\n";

    //header('Location: private.php');
}

  mysql_close($link);
  }
 else
 {
 include("db.php"); 

 $email=$_SESSION['email'];
 $run = mysql_query("select * from users where email='$email'") or die("Error!");
 $read = mysql_fetch_assoc($run);

 ?>
 <form method="post" action="<?php $_PHP_SELF ?>">
<fieldset>
<legend>Update Profile</legend>
<p>
    <label for="name">Full name:</label> <input type="text" name="name"     
 id="name" value="<?PHP echo $read['name']; ?>"/> 
<br>
    <label for="email">Email:</label> <input type="email" name="email"   
 id="email" value="<?PHP echo $read['email']; ?>"/> 
<br>
    <label for="password1">Password:</label> <input type="password"    
 name="password1" id="password1" />
<br>
    <label for="password2">Confirm password:</label> <input type="password"  
 name="password2" id="password2" />
<br>
    <label for="date_of_birth">Date of birth (yyyy-mm-dd):</label> <input  
type="date" name="date_of_birth" id="date_of_birth"  value="<?PHP echo 
$read['date_of_birth']; ?>"/>
<br>
    <label for="place_of_birth">Place of birth:</label> <input type="text"  
 name="place_of_birth" id="place_of_birth" value="<?PHP echo $read['place_of_birth']; ?
 >"/>
<br>
    <label for="info">Information:</label> <textarea name="info" id="info" 
rows="5" cols="50" ></textarea>
<br>
    <label for="nationality">Nationality:</label> <input type="text"    ,
name="nationality" id="nationality" value="<?PHP echo $read['nationality']; ?>"/>
</p>

<p class="center"><input value="Update" type="submit" name="update" id="update"/>  
 </p>
</fieldset>
</form>
<?php

}
?>
4

2 回答 2

1

你的代码在这里错了;

password=".mysql_real_escape_string($password2)."'

随之改变;

password='".mysql_real_escape_string($password2)."',
于 2013-05-18T13:31:01.350 回答
0

$date在 MySQL 数据库中存储datetime字段时,您需要使用格式对其进行date('Y-m-d H:i:s')格式化。

于 2013-05-18T13:30:21.350 回答