Php 尝试更新输出没有错误但不工作
我正在尝试更新属性的值Php 尝试更新输出没有错误但不工作,php,mysql,sql,Php,Mysql,Sql,我正在尝试更新属性的值 $lid = $_GET["id"]; $check_user = mysql_query("select employee.Emp_Name, leave.Leave_Type from `leave`, employee where leave.Leave_ID = $lid AND leave.Emp_ID = employee.Emp_ID "); while($rows = mysql_fetch_assoc($check_user)) {
$lid = $_GET["id"];
$check_user = mysql_query("select employee.Emp_Name, leave.Leave_Type from `leave`, employee where leave.Leave_ID = $lid AND leave.Emp_ID = employee.Emp_ID ");
while($rows = mysql_fetch_assoc($check_user))
{
echo "<td>: </td>";
echo "<td>". $rows['Leave_Type']."</td>";
echo "</tr>";
echo "<td>: </td>";
echo "<td>". $rows['Emp_Name']."</td>";
echo "</tr>";
}
if (isset($_POST["submitbtn"]))
{
if($rows['Leave_Type'] == 'Annual')
{
mysql_query("update `leave` set Status = 'Approved' where Leave_ID = $lid");
}
}
$lid=$\u GET[“id”];
$check\u user=mysql\u query(“从'leave'中选择employee.Emp\u名称,leave.leave\u类型,雇员的leave.leave\u ID=$lid和leave.Emp\u ID=employee.Emp\u ID”);
而($rows=mysql\u fetch\u assoc($check\u user))
{
回声“;”;
回显“$rows['Leave_Type']”;
回声“;
回声“;”;
回显“$rows['Emp_Name']”;
回声“;
}
如果(isset($_POST[“submitbtn”]))
{
如果($rows['Leave_Type']=='year')
{
mysql_查询(“更新`leave`set Status='Approved',其中leave_ID=$lid”);
}
}
运行时没有错误,但数据库中属性的值没有更新转义变量以避免SQL注入
$lid = $_GET["id"];
$check_user = mysql_query("select employee.Emp_Name, leave.Leave_Type from `leave`, employee where leave.Leave_ID = '" . $lid . "' AND leave.Emp_ID = employee.Emp_ID ");
offtopic:mysql_*函数已弃用,请使用mysqli或PDO,而不要使用您的代码。您的代码容易受到SQL注入的攻击。如果没有正确转义,请不要在SQL查询中直接使用用户输入。查找
mysql\u real\u escape\u string()mysql\u查询mysql\u error$rows = mysql_fetch_assoc($check_user));
echo "<td>: </td>";
echo "<td>". $rows['Leave_Type']."</td>";
echo "</tr>";
echo "<td>: </td>";
echo "<td>". $rows['Emp_Name']."</td>";
echo "</tr>";
if (isset($_POST["submitbtn"]))
{
$Leave_Type = $_POST['Leave_Type'];
if($Leave_Type == 'Annual')
{
mysql_query("update `leave` set Status = 'Approved' where Leave_ID = '" . $lid . "'");
}
}