0

I have been trying to create a simple form to update details on a database, the PHP code is below:

// UPDATE THE DATABASE RECORDS //
$update = $_GET['update'];
if($update == "true"){
    $setDetails="UPDATE users SET email='{$_POST['email']}', api_key='{$_POST['api_key']}', api_secret='{$_POST['api_secret']}' WHERE username='{$_POST['username']}'";
    if(mysql_query($setDetails)){
        $updatemsg = '<div class="alert alert-success"><a href="#" class="close" data-dismiss="alert">×</a><strong>Success!</strong> Your details have been updated in our database.</div>';
    }else{
        $updatemsg = '<div class="alert alert-error"><a href="#" class="close" data-dismiss="alert">×</a><strong>Failure!</strong> Your details could not be updated in our database. Please try again later or contact us if this keeps happening.</div>';
    }
}else if($update == "false"){
    $updatemsg = '<div class="alert alert-success"><a href="#" class="close" data-dismiss="alert">×</a><strong>Success!</strong> Your changed were discarded.</div>';
}
// UPDATE THE DATABASE RECORDS //

// GET THE DATABASE RECORDS //
$getDetails="SELECT * FROM users WHERE username='$username'";
$details=mysql_query($getDetails);
$num=mysql_numrows($details);
if($num != 0){
    $new_user = false;
    $username=mysql_result($details,0,"username");
    $email=mysql_result($details,0,"email");
    $subscription_type=mysql_result($details,0,"subscription_type");
    $subscription_date=mysql_result($details,0,"subscription_date");
    $api_key=mysql_result($details,0,"api_key");
    $api_secret=mysql_result($details,0,"api_secret");
    setcookie("api_key", $api_key, time()+50000);
    setcookie("api_secret", $api_secret, time()+50000);
}else{
    $new_user = true;
}
// GET THE DATABASE RECORDS //

The variables defined when the database records are fetched are then used to populate a HTML form:

<form action="?update=true" method="POST">
<h2>Your Details</h2>
<input id="username" name="username" type="text" placeholder="" disabled="true" class="input-xlarge" value="<?=$username?>">
<input id="email" name="email" type="text" placeholder="" class="input-xlarge" value="<?=$email?>">
<input id="subscription_type" name="subscription_type" type="text" placeholder="" disabled="true" class="input-xlarge" value="<?=$subscription_type?>">
<input id="subscription_date" name="subscription_date" type="text" placeholder="" disabled="true" class="input-xlarge" value="<?=$subscription_date?>">
<input id="api_key" name="api_key" type="text" placeholder="" class="input-xlarge" value="<?=$api_key?>">
<input id="api_secret" name="api_secret" type="text" placeholder="" class="input-xlarge" value="<?=$api_secret?>">
<button type="submit" class="btn btn-success" id="saveChanges"><i class="icon-ok icon-white"></i> Save Changes</button> <a href="?update=false" class="btn btn-danger" id="discardChanges"><i class="icon-remove icon-white"></i> Discard Changes</a>
</form>

When the page is loaded first time, the form is populated with no problems, but when it is edited and submitted $updatemsg is the 2nd one (Success) but there are no changes to the data in the database. Any ideas?

4

2 回答 2

2

看起来它失败了,因为引号和括号使用不正确。但是您需要做的是:

$email = mysql_real_escape_string($_POST['email']);

....

"UPDATE users SET email='$email'.....

依此类推,依此类推。如果不是这样,在 else 部分调用 mysql_error() 它会告诉你查询是否失败。

于 2013-07-04T06:53:42.123 回答
0

首先,我将在常量文件中声明 api 机密,而不是通过页面上的 http 帖子。假设帖子值存在,请尝试以下操作以使更新正常工作

$setDetails="UPDATE users SET email='".$_POST['email']."', api_key='".$_POST['api_key']."', api_secret='".$_POST['api_secret' ]."' WHERE username='".$_POST['username']."'";

于 2013-07-04T06:55:23.443 回答