Php html的值属性中的if-else构造问题
上面的代码片段从数据库中获取最新注册的员工ID。 ------------------------>--------------------Php html的值属性中的if-else构造问题,php,Php,上面的代码片段从数据库中获取最新注册的员工ID。 ------------------------>-------------------- public function getEmployeeId() { if (!isset($_SESSION["email"]) || !isset($_SESSION["passwrd"])) { header("Location:index.php"); // Cannot Access
public function getEmployeeId() {
if (!isset($_SESSION["email"]) || !isset($_SESSION["passwrd"])) {
header("Location:index.php");
// Cannot Access this page without Login.
}
if (empty($_POST)){
$_SESSION['ids'] = "";
$query = mysqli_query($this->connection, "SELECT MAX(EmployeeId) AS EmployeeId FROM employees") or die("Query execution failed: " . mysqli_error());
while ($row = $query->fetch_assoc()) {
// Push the id to the array.
$_SESSION['ids'] = $row["EmployeeId"];
}
}
}
public function updateSalary(){
if (!isset($_SESSION["email"]) || !isset($_SESSION["passwrd"])) {
header("Location:index.php");
// This code Snippet ensures that in order to access this page Employee needs to be Login.
}
$EmployeeID = (isset($_GET['EmployeeId']) ? $_GET['EmployeeId'] : '');
$query = mysqli_query($this->connection, "SELECT * FROM salary WHERE EmployeeId= '" . $EmployeeID . "'") or die("Query execution failed: " . mysqli_error());
while ($row = $query->fetch_assoc()){
// Push the id to the array
$_SESSION['eids'] = $row["EmployeeId"];
$_SESSION['salry'] = $row["Salary"];
if ($_SESSION['ids']) {
$_SESSION['ids'] = "";
}
}
这不是未设置的会话$\u会话['id']=“”这是为会话分配空字符串值。session unset应该是unset($\u session['ids'])
如果($\u session['ids'])
似乎总是被设置为空值,它的比较是检查它是否只存在并且没有被赋值,这不是问题吗?这不是unset$\u session['ids'=”这是为会话分配空值。会话未设置应该是unset($\u session['id'))
Yes,当我想插入数据时,该值来自textfield中的数据库,但当我想更新一些数据时,id不在text field中。您的代码易受SQL注入攻击,您需要修复此问题。是的,它工作正常,谢谢
<td>
<input type="number" name="EmployeeId" placeholder="EmployeeId" value="<?php if (isset($_SESSION["ids"])){echo $id_salaries;}else{echo $emp_id;} ?>" id="EmployeeId" autocomplete="off" class="form-control" readonly>
</td>