0

我想在mysql中更新我的数据。但是,如果我想更新(例如名字),photo_profile 将会丢失。

 <?php
    include 'function_page_user.php';

    if(($_FILES['photo_profile']) and ($_POST['firstname']) and ($_POST['lastname']) and ($_POST['password']))
    {
        session_start();

        include 'connect.php';
        $foldername="assets/img/user/";
        $firstname = mysql_real_escape_string($_POST["firstname"]);
        $lastname = mysql_real_escape_string($_POST["lastname"]);
        $pwd = mysql_real_escape_string($_POST["password"]);

        if((!empty($firstname) and !empty($lastname) and !empty($pwd)) and($_FILES['photo_profile']))
        {
            $image = $foldername . basename ($_FILES['photo_profile'] ['name']);
            mysql_query ("update user set firstname = '".$firstname."' , lastname = '".$lastname."' , password = '".$pwd."' , photo_profile='".$image."' where id_user ='".$_SESSION['id']."'");
            move_uploaded_file($_FILES['photo_profile']['tmp_name'], $image);
            echo "<script>alert ('File Succes To edit');</script>";
            $page="formubahuser.php";

            echo redirectPage($page);   
        }
        else echo "variabel empty";
    }
    else 
        echo ("your data is not complete<a href=formubahuser.php>Fill it again</a>");
?>
4

1 回答 1

0

您的代码中有许多主要问题。在继续之前,您需要阅读以下主题:

1) phpmysql_函数已被弃用。这意味着这些函数将在未来版本的 php.ini 中被删除。您应该改用pdomysqli

2)当您将密码存储在数据库中时,它们应该始终、始终、始终是加密的。

关于您的问题,我想您是在问如何在不取消设置照片网址的情况下更改元数据(例如名字)。尝试这样的事情:

$updatequery = "UPDATE user SET firstname = '".$firstname."' , lastname = '".$lastname."' , password = '".$pwd."'";
if( $_FILES['photo_profile'])
{ 
   $image = $foldername . basename ($_FILES['photo_profile'] ['name']);
   $updatequery .= ", photo_profile='".$image."'"; 
}
$updatequery .= " where id_user ='".$_SESSION['id']."'";
于 2013-07-07T17:22:48.967 回答