Javascript 执行消息框和查询，但更改不会反映在数据库中_Javascript_Php_Html_Css

Javascript 执行消息框和查询，但更改不会反映在数据库中

javascript php html css

Javascript 执行消息框和查询，但更改不会反映在数据库中,javascript,php,html,css,Javascript,Php,Html,Css,每当我按下启用或禁用按钮时，都会生成消息框，这意味着查询已执行，但更改不会反映在数据库中，并且在phpmyadmin中单独执行时，查询会将结果反映到数据库中。我甚至尝试了输出mysqli\u error（）函数，但也没有返回任何错误 <!doctype html> <html> <?php include'abcadmin.css' ?> <body> <br> <br> <br

每当我按下启用或禁用按钮时，都会生成

消息框

，这意味着查询已执行，但更改不会反映在数据库中，并且在phpmyadmin中单独执行时，查询会将结果反映到数据库中。我甚至尝试了输出
mysqli\u error（）
函数，但也没有返回任何错误

<!doctype html> <html> <?php include'abcadmin.css' ?> <body> <br> <br> <br> <br>         <br> <br> <br> <br> <center><h1></h1></center>     <form action="" method="POST"> <center><h4><b>Student Edit & Account Management</b></h4></center> <br> <center><h4>SAP ID: <input type="text" name="search"><br /></h4> </center>     <center><input type="submit" value="Search" name="submit" /> </center><br> </form> <br> <?php session_start(); global $a,$search,$b; $con=mysqli_connect('localhost','root','') or die(mysql_error()); mysqli_select_db($con,'sophomore') or die("cannot select DB"); if(isset($_POST["submit"])) { $search=$_POST['search']; $query=mysqli_query($con,"SELECT * FROM student_registration WHERE sap_id='".$search."'"); $numrows=mysqli_num_rows($query); if($numrows>0) { if(!empty($_POST['search'])) { if($numrows!=0) while($row=mysqli_fetch_assoc($query)) { { $stuname=$row['fname']; $stusurname=$row['lname']; $stusapid=$row['sap_id']; $studob=$row['dob']; $stuage=$row['age']; $stucourse=$row['course']; $stusemester=$row['semester']; $stustatus=$row['status']; $_SESSION['adminstusapid']=$stusapid; } } } echo '<h4><table align="center" width="">'; echo '<tr>'; echo '<td>'; echo "Name: "; echo '&nbsp'; echo '</td>'; echo '<td>'; echo $stuname; echo '</td>'; echo '</tr>'; echo '<h4><table align="center" width="">'; echo '<tr>'; echo '<td>'; echo "Surname: "; echo '&nbsp'; echo '</td>'; echo '<td>'; echo $stusurname; echo '</td>'; echo '</tr>'; echo '<h4><table align="center" width="">'; echo '<tr>'; echo '<td>'; echo "SAP ID: "; echo '&nbsp'; echo '</td>'; echo '<td>'; echo $stusapid; echo '</td>'; echo '</tr>'; echo '<h4><table align="center" width="">'; echo '<tr>'; echo '<td>'; echo "DOB: "; echo '&nbsp'; echo '</td>'; echo '<td>'; echo $studob; echo '</td>'; echo '</tr>'; echo '<h4><table align="center" width="">'; echo '<tr>'; echo '<td>'; echo "Age: "; echo '&nbsp'; echo '</td>'; echo '<td>'; echo $stuage; echo '</td>'; echo '</tr>'; echo '<h4><table align="center" width="">'; echo '<tr>'; echo '<td>'; echo "Course: "; echo '&nbsp'; echo '</td>'; echo '<td>'; echo $stucourse; echo '</td>'; echo '</tr>'; echo '<h4><table align="center" width="">'; echo '<tr>'; echo '<td>'; echo "Semester: "; echo '&nbsp'; echo '</td>'; echo '<td>'; echo $stusemester; echo '</td>'; echo '</tr>'; echo '</table>'; echo '</h4>'; echo '<br>'; echo '<form method="post">'; echo '<center>'; echo '<input type="submit" value="Enable" name="enabled">'; echo '&nbsp'; echo '&nbsp'; echo '<input type="submit" value="Disable" name="disabled">'; echo '</center>'; echo '</form>'; } else { echo "<script type='text/javascript'>alert('No results found!!')</script>"; } } $a=0; $b=1; if(isset($_POST["enabled"])){ $sqla="UPDATE student_registration SET status='$stucourse' WHERE sap_id='".$search."'"; if(mysqli_query($con, $sqla)){ echo "<script type='text/javascript'>alert('The account has been enabled!!')</script>"; } else { } } else { } if(isset($_POST["disabled"])){ $sqlb="UPDATE student_registration SET status='$b' WHERE sap_id='".$search."'"; if(mysqli_query($con, $sqlb)){ echo "<script type='text/javascript'>alert('The account has been disabled!!')</script>"; } else { } } else { }

学生编辑和帐户管理 SAP ID: 仅仅因为执行了查询并不意味着where匹配了任何内容。因此没有任何更新。因此，请确保$search 是您所认为的，而且它充满了SQLInjection漏洞。我已经重复了search的值，并且它正在重复正确的值@artisticfenix