Fatal编程技术网
  • php/
  • Php 使用会话更新用户列

Php 使用会话更新用户列

php mysql

Php 使用会话更新用户列,php,mysql,Php,Mysql,我在我的php页面上有删除选项,但我添加了在删除之前归档数据的选项,但同时我想用person会话用户名更新用户名 $id=$_GET['id']; $sql="INSERT INTO c_archive_table(tech, eng, dr) SELECT tech, eng, dr FROM `Com` WHERE `id`='$id'"; $sql_user = "INSERT INTO c_archive_table('','user','$_SESSION['usernam

我在我的php页面上有删除选项,但我添加了在删除之前归档数据的选项,但同时我想用person会话用户名更新用户名

$id=$_GET['id'];

 $sql="INSERT INTO c_archive_table(tech, eng, dr) SELECT tech, eng, dr FROM   `Com` WHERE `id`='$id'";
 $sql_user = "INSERT INTO  c_archive_table('','user','$_SESSION['username']') WHERE `id`='$id'";
 $sql_delete="DELETE FROM `Com` WHERE `id`='$id'";
因此,移动到存档和删除工作,但将用户会话添加到用户列不起作用。

它不会是一个
插入
它将是一个
更新

 $sql_user = "UPDATE c_archive_table SET 'user'='".$_SESSION['username']."' WHERE `id`='$id'";

user
列替换为
$\u会话
名称进入的任何列名

查看上述问题中的突出显示。它将向您显示一个可能的问题。另外,请修复代码中的SQL注入漏洞。我认为,您需要将用户周围的引号替换为反勾号。谢谢,但由于某种原因,SQL
echo$\u会话['username']上的用户名仍然没有更新
显示用户名,但不确定为什么不保存在sql上。
$sql\u user=“更新c\u存档”表集“user'=”。$\u会话['username']。“'WHERE UPDATE c\u存档”表。id='id'成功了!谢谢你的帮助!!非常感谢您提供的详细信息。

$sql = new mysqli(MYSQL_HOST, MYSQL_USERNAME, MYSQL_PASSWORD, MYSQL_DATABASE);

// 1. Find the row in the existing table and get the contents
$query1 = '
SELECT
   `tech`,
   `eng`,
   `dr`
FROM `Cnom`
WHERE
   `id` = "'.$sql->real_escape_string($_GET['id']).'"
;';
   // Use real_escape_string to sanitize anything that the user could modify
$result1 = $sql->query($query1) or die ("<pre>Query failed:\n$query1</pre>");
   // die()ing with the query is always helpful for debugging
$row1 = $result1->fetch_assoc() or die ("<pre>No result returned for id {$_GET['id']}</pre>");

// 2. Insert the contents into the archive
$query2 = '
INSERT INTO `c_archive_table` (
   `user`,
   `tech`,
   `eng`,
   `dr`
)
VALUES (
   "'.$sql->real_escape_string($_SESSION['username']).'",
   "'.$sql->real_escape_string($row1['tech']).'",
   "'.$sql->real_escape_string($row1['eng']).'",
   "'.$sql->real_escape_string($row1['dr']).'"
);';
$sql->query($query2) or die ("<pre>Query failed:\n$query2</pre>");

// 3. Delete from the original table
$query3 = '
DELETE FROM `Cnom`
WHERE
   `id` = "'.$sql->real_escape_string($_GET['id']).'"
;';
$sql->query($query3) or die ("<pre>Query failed:\n$query3</pre>");



if (accessing_all_records) {
   // Access all records that aren't archived
   $query = '
SELECT
   *
FROM `Cnom`
WHERE
   `archived` = 0
;';
}

if (inserting_new_record) {
   // Create a new record and set archived to 0 by default (better yet, give it a default value)
   $query = '
INSERT INTO `Cnom` (
   `field_1`,
   ...,
   `archived`
)
VALUES (
   value_1,
   ...,
   0
);';
}

if (archiving) {
   // Update the record and set the archived value to 1
   $query = '
UPDATE `Cnom`
SET
   `archived` = 1
WHERE
   `id` = id
;';
}