Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/299.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php 添加编辑删除表单未添加到MySQL无错误_Php_Html - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php 添加编辑删除表单未添加到MySQL无错误

Php 添加编辑删除表单未添加到MySQL无错误

php html

Php 添加编辑删除表单未添加到MySQL无错误,php,html,Php,Html,我有这个添加-编辑-删除表单,问题是: 当我放置所有内容并单击ADD时,它会显示“Data added successfully.”但数据不在我的phpAdmin表中,也不显示在页面中。。。 或者仅仅是因为我的主人不使用MySQLi而是使用MySQL? 不要谈论SQL注入,因为我不是那么专业,也不知道如何保护它,这个页面将受到登录区域的保护,所以只有受限制的成员才能访问它 index.php <?php //including the database connection file in

我有这个添加-编辑-删除表单,问题是: 当我放置所有内容并单击ADD时,它会显示“Data added successfully.”但数据不在我的phpAdmin表中,也不显示在页面中。。。 或者仅仅是因为我的主人不使用MySQLi而是使用MySQL? 不要谈论SQL注入,因为我不是那么专业,也不知道如何保护它,这个页面将受到登录区域的保护,所以只有受限制的成员才能访问它

index.php

<?php
//including the database connection file
include_once("config.php");

//fetching data in descending order (lastest entry first)
//$result = mysql_query("SELECT * FROM users ORDER BY id DESC"); // mysql_query is deprecated
$result = mysqli_query($mysqli, "SELECT * FROM `user` ORDER BY id DESC"); // using mysqli_query instead
?>

<html>
<head>  
    <title>Homepage</title>
</head>

<body>
<a href="add.html">Add New Data</a><br/><br/>

    <table width='80%' border=0>

    <tr bgcolor='#CCCCCC'>
        <td>Steam Username</td>
        <td>Steam Password</td>
        <td>Steam Guard Code</td>
        <td>Update</td>
    </tr>
    <?php 
    //while($res = mysql_fetch_array($result)) { // mysql_fetch_array is deprecated, we need to use mysqli_fetch_array 
    while($res = mysqli_fetch_array($result)) {         
        echo "<tr>";
        echo "<td>".$res['steamUE']."</td>";
        echo "<td>".$res['steamPW']."</td>";
        echo "<td>".$res['steamGC']."</td>";    
        echo "<td><a href=\"edit.php?id=$res[id]\">Edit</a> | <a href=\"delete.php?id=$res[id]\" onClick=\"return confirm('Are you sure you want to delete?')\">Delete</a></td>";       
    }
    ?>
    </table>
</body>
</html>


主页



蒸汽用户名
蒸汽密码
蒸汽防护代码
更新
add.html

<html>
<head>
    <title>Add Data</title>
</head>

<body>
    <a href="index.php">Home</a>
    <br/><br/>

    <form action="add.php" method="post" name="form1">
        <table width="25%" border="0">
            <tr> 
                <td>Steam Username</td>
                <td><input type="text" name="steamUE"></td>
            </tr>
            <tr> 
                <td>Steam Password</td>
                <td><input type="text" name="steamPW"></td>
            </tr>
            <tr> 
                <td>Steam Guard Code</td>
                <td><input type="text" name="steamGC"></td>
            </tr>
            <tr> 
                <td></td>
                <td><input type="submit" name="Submit" value="Add"></td>
            </tr>
        </table>
    </form>
</body>
</html>


添加数据



蒸汽用户名
蒸汽密码
蒸汽防护代码
edit.php

<?php
// including the database connection file
include_once("config.php");

if(isset($_POST['update']))
{   

    $id = mysqli_real_escape_string($mysqli, $_POST['id']);

    $steamUE = mysqli_real_escape_string($mysqli, $_POST['steamUE']);
    $steamPW = mysqli_real_escape_string($mysqli, $_POST['steamPW']);
    $steamGC = mysqli_real_escape_string($mysqli, $_POST['steamGC']);   

    // checking empty fields
    if(empty($steamUE) || empty($steamPW) || empty($steamGC)) { 

        if(empty($steamUE)) {
            echo "<font color='red'>Steam Username field is empty.</font><br/>";
        }

        if(empty($steamPW)) {
            echo "<font color='red'>Steam Password field is empty.</font><br/>";
        }

        if(empty($steamGC)) {
            echo "<font color='red'>Steam Guard Code field is empty.</font><br/>";
        }       
    } else {    
        //updating the table
        $result = mysqli_query($mysqli, "UPDATE `user` SET steamUE='$steamUE',steamPW='$steamPW',steamGC='$steamGC' WHERE id='$id'");

        //redirectig to the display page. In our case, it is index.php
        header("Location: index.php");
    }
}
?>
<?php
//getting id from url
$id = $_GET['id'];

//selecting data associated with this particular id
$result = mysqli_query($mysqli, "SELECT * FROM `user` WHERE id='$id'");

while($res = mysqli_fetch_array($result))
{
    $steamUE = $res['steamUE'];
    $steamPW = $res['steamPW'];
    $steamGC = $res['steamGC'];
}
?>
<html>
<head>  
    <title>Edit Data</title>
</head>

<body>
    <a href="index.php">Home</a>
    <br/><br/>

    <form name="form1" method="post" action="edit.php">
        <table border="0">
            <tr> 
                <td>Steam Username</td>
                <td><input type="text" name="steamUE" value="<?php echo $steamUE;?>"></td>
            </tr>
            <tr> 
                <td>Steam Username</td>
                <td><input type="text" name="steamPW" value="<?php echo $steamPW;?>"></td>
            </tr>
            <tr> 
                <td>Steam Guard Code</td>
                <td><input type="text" name="steamGC" value="<?php echo $steamGC;?>"></td>
            </tr>
            <tr>
                <td><input type="hidden" name="id" value=<?php echo $_GET['id'];?>></td>
                <td><input type="submit" name="update" value="Update"></td>
            </tr>
        </table>
    </form>
</body>
</html>
它没有说明或显示任何错误或任何其他问题,它只说明成功添加的数据,没有其他内容。我不明白为什么它没有在我的表中添加任何数据,我一遍又一遍地检查所有内容,可能是因为我累了,但我尝试重命名表名,但没有任何更改,是一样的…

发现了三个错误

add.php
:列名应不带“”。检查以下各项

$result = mysqli_query($mysqli, "INSERT INTO user (steamUE,steamPW,steam_GC) VALUES ('$steamUE','$steamPW','$steamGC')");

$result = mysqli_query($mysqli, "UPDATE user SET steamUE='$steamUE',steamPW='$steamPW',steamGC='$steamGC' WHERE id='$id'");

$result = mysqli_query($mysqli, "DELETE * FROM user WHERE id='$id'");

edit.php
:“$id中缺少“”。检查以下各项

$result = mysqli_query($mysqli, "INSERT INTO user (steamUE,steamPW,steam_GC) VALUES ('$steamUE','$steamPW','$steamGC')");

$result = mysqli_query($mysqli, "UPDATE user SET steamUE='$steamUE',steamPW='$steamPW',steamGC='$steamGC' WHERE id='$id'");

$result = mysqli_query($mysqli, "DELETE * FROM user WHERE id='$id'");

delete.php
:$id中缺少“”。检查以下各项

$result = mysqli_query($mysqli, "INSERT INTO user (steamUE,steamPW,steam_GC) VALUES ('$steamUE','$steamPW','$steamGC')");

$result = mysqli_query($mysqli, "UPDATE user SET steamUE='$steamUE',steamPW='$steamPW',steamGC='$steamGC' WHERE id='$id'");

$result = mysqli_query($mysqli, "DELETE * FROM user WHERE id='$id'");
如果与DB的连接成功,它必须工作(这个答案应该得到您的绿色标记:D)

或者仅仅是因为我的主人不与MySQLi合作,而是与 MySQL

无论我在哪里遇到问题,都会遇到一些错误或空白页。

检查数据库连接。转到mysqli,用$sql with(errno)解释它,但在$sql之前调用您的参数。使用if条件检查您的连接。在添加时,请使用prepared with$stmnt并执行它。

不要告诉我(或任何人)您的网页在哪里。任何人只要有一点点知识和你的URL,就可以在15秒内擦除你的整个数据库。所有的桌子。不夸张。在解决任何问题之前,先解决这个比巨大的安全问题更大的问题。谷歌“SQL注入”并修复它。使用事先准备好的陈述。我只需要去你的网站/delete.php?id=0;有害的SQL_语句和boom。如果添加@NewBee的单引号,url就会变成
yourwebsite/delete.php?id=0';有害的SQL_语句;选择'dummy
@Roemer yes此处存在SQL注入问题。最好的办法是转到PDO。真的。但如果这不可用,mysqli也可以准备语句。修复了,但仍然没有,没有添加phpAdmintables@unnamedUser从表名中删除引号,我稍后编辑了它们,以防遗漏。尝试使用mysql并检查DB connection.done,仍然没有添加到我的表中。。。如何从mysqli转换到mysql?我喝了三杯,喝了一杯errors@unnamedUser
index.php
也有这样的错误,不应该是
$res[id]
be
$res['id']
?解析错误:语法错误,意外的“”(t_封装了_和_空格),在添加'to'id'时需要标识符(t_字符串)或变量(t_变量)或数字(t_NUM_字符串)