0

我正在尝试更新属性的值

$lid        = $_GET["id"];
$check_user = mysql_query("select employee.Emp_Name, leave.Leave_Type from `leave`, employee where leave.Leave_ID = $lid AND leave.Emp_ID = employee.Emp_ID ");
while($rows = mysql_fetch_assoc($check_user))
{
    echo "<td>: </td>";
    echo "<td>". $rows['Leave_Type']."</td>";
    echo "</tr>";
    echo "<td>: </td>";
    echo "<td>". $rows['Emp_Name']."</td>";
    echo "</tr>";
}

if (isset($_POST["submitbtn"]))
{
    if($rows['Leave_Type'] == 'Annual')
    {
        mysql_query("update `leave` set Status = 'Approved' where Leave_ID = $lid");        
    }
}

当我运行它时没有错误,但我的数据库中的属性值没有更新

4

1 回答 1

0

转义变量以避免 SQL 注入

$lid        = $_GET["id"];
$check_user = mysql_query("select employee.Emp_Name, leave.Leave_Type from `leave`, employee where leave.Leave_ID = '" . $lid . "' AND leave.Emp_ID = employee.Emp_ID ");

据我了解,如果您选择了等于 ID 的内容,那么您的 ID 可能是唯一的,并且您不需要 while 循环,如果您需要抱歉:)

$rows = mysql_fetch_assoc($check_user));

    echo "<td>: </td>";
    echo "<td>". $rows['Leave_Type']."</td>";
    echo "</tr>";
    echo "<td>: </td>";
    echo "<td>". $rows['Emp_Name']."</td>";
    echo "</tr>";

现在,如果您想发布帖子,我希望您在某个地方有一个表格,然后您进行了更新

if (isset($_POST["submitbtn"]))
{
    $Leave_Type = $_POST['Leave_Type'];

    if($Leave_Type == 'Annual')
    {
        mysql_query("update `leave` set Status = 'Approved' where Leave_ID = '" . $lid . "'");        
    }
}
于 2013-08-29T15:59:17.683 回答