Php 使用会话更新用户列
我在我的php页面上有删除选项,但我添加了在删除之前归档数据的选项,但同时我想用person会话用户名更新用户名Php 使用会话更新用户列,php,mysql,Php,Mysql,我在我的php页面上有删除选项,但我添加了在删除之前归档数据的选项,但同时我想用person会话用户名更新用户名 $id=$_GET['id']; $sql="INSERT INTO c_archive_table(tech, eng, dr) SELECT tech, eng, dr FROM `Com` WHERE `id`='$id'"; $sql_user = "INSERT INTO c_archive_table('','user','$_SESSION['usernam
$id=$_GET['id'];
$sql="INSERT INTO c_archive_table(tech, eng, dr) SELECT tech, eng, dr FROM `Com` WHERE `id`='$id'";
$sql_user = "INSERT INTO c_archive_table('','user','$_SESSION['username']') WHERE `id`='$id'";
$sql_delete="DELETE FROM `Com` WHERE `id`='$id'";
因此,移动到存档和删除工作,但将用户会话添加到用户列不起作用。它不会是一个
插入
它将是一个更新
$sql_user = "UPDATE c_archive_table SET 'user'='".$_SESSION['username']."' WHERE `id`='$id'";
将
user
列替换为$\u会话
名称进入的任何列名查看上述问题中的突出显示。它将向您显示一个可能的问题。另外,请修复代码中的SQL注入漏洞。我认为,您需要将用户周围的引号替换为反勾号。谢谢,但由于某种原因,SQLecho$\u会话['username']上的用户名仍然没有更新
显示用户名,但不确定为什么不保存在sql上。$sql\u user=“更新c\u存档”表集“user'=”。$\u会话['username']。“'WHERE UPDATE c\u存档”表。id='id'代码>成功了!谢谢你的帮助!!非常感谢您提供的详细信息。
$sql = new mysqli(MYSQL_HOST, MYSQL_USERNAME, MYSQL_PASSWORD, MYSQL_DATABASE);
// 1. Find the row in the existing table and get the contents
$query1 = '
SELECT
`tech`,
`eng`,
`dr`
FROM `Cnom`
WHERE
`id` = "'.$sql->real_escape_string($_GET['id']).'"
;';
// Use real_escape_string to sanitize anything that the user could modify
$result1 = $sql->query($query1) or die ("<pre>Query failed:\n$query1</pre>");
// die()ing with the query is always helpful for debugging
$row1 = $result1->fetch_assoc() or die ("<pre>No result returned for id {$_GET['id']}</pre>");
// 2. Insert the contents into the archive
$query2 = '
INSERT INTO `c_archive_table` (
`user`,
`tech`,
`eng`,
`dr`
)
VALUES (
"'.$sql->real_escape_string($_SESSION['username']).'",
"'.$sql->real_escape_string($row1['tech']).'",
"'.$sql->real_escape_string($row1['eng']).'",
"'.$sql->real_escape_string($row1['dr']).'"
);';
$sql->query($query2) or die ("<pre>Query failed:\n$query2</pre>");
// 3. Delete from the original table
$query3 = '
DELETE FROM `Cnom`
WHERE
`id` = "'.$sql->real_escape_string($_GET['id']).'"
;';
$sql->query($query3) or die ("<pre>Query failed:\n$query3</pre>");
if (accessing_all_records) {
// Access all records that aren't archived
$query = '
SELECT
*
FROM `Cnom`
WHERE
`archived` = 0
;';
}
if (inserting_new_record) {
// Create a new record and set archived to 0 by default (better yet, give it a default value)
$query = '
INSERT INTO `Cnom` (
`field_1`,
...,
`archived`
)
VALUES (
value_1,
...,
0
);';
}
if (archiving) {
// Update the record and set the archived value to 1
$query = '
UPDATE `Cnom`
SET
`archived` = 1
WHERE
`id` = id
;';
}