Php 未保存在数据库表中
我想在db表中编辑记录,但它不保存在db表中,并且在我提交此表单后没有任何更改 这是我忘记放的代码Php 未保存在数据库表中,php,mysql,mysqli,Php,Mysql,Mysqli,我想在db表中编辑记录,但它不保存在db表中,并且在我提交此表单后没有任何更改 这是我忘记放的代码 <?php require('db.php'); include("auth.php"); //include auth.php file on all secure pages $id_doc=$_REQUEST['id_doc']; $query = "SELECT * from doc where id_doc='".$id_doc."'"; $result = mysqli_que
<?php
require('db.php');
include("auth.php"); //include auth.php file on all secure pages
$id_doc=$_REQUEST['id_doc'];
$query = "SELECT * from doc where id_doc='".$id_doc."'";
$result = mysqli_query($connection, $query) or die ( mysqli_error());
$row = mysqli_fetch_assoc($result);
?>
尝试以下操作:
<?php
if(isset($_POST['new']) && $_POST['new']==1)
{
$id_doc=$_REQUEST['id_doc'];
$query = "SELECT * from doc where id_doc='".$id_doc."'";
$result = mysqli_query($connection, $query) or die ( mysqli_error());
$row = mysqli_fetch_assoc($result);
$title =$_REQUEST['title'];
$date = $_REQUEST['date'];
$from_to = $_REQUEST['from_to'];
$details = $_REQUEST['details'];
$d_location = $_REQUEST['d_location'];
$d_stat = $_REQUEST['d_stat'];
$update="update doc set title='".$title."', date='".$date."', from_to='".$from_to."', details='".$details."', d_location='".$d_location."', d_stat='".$d_stat."' where id_doc='".$id_doc."'";
if(mysqli_query($connection, $update)) {
$status = "File Record Updated Successfully. </br></br><a href='v_doc.php'>View Updated Record</a>";
} else {
die(mysqli_error($connection));
}
echo '<p style="color:#FF0000;">'.$status.'</p>';
} else {
// here some else code
}
?>
一旦你得到它,这应该会告诉你确切的错误。在此处显示,以便我们检查并更正。不是答案。评论太长了
撇开参数化查询问题不谈,我觉得这更容易理解:
UPDATE doc
SET title = '$title'
, date = '$date'
, from_to = '$from_to'
, details = '$details'
, d_location = '$d_location'
, d_stat = '$d_stat'
WHERE id_doc = '$id_doc'
现在请参见关于参数化查询在elseDon中添加结束标记不要将用户的数据直接写入SQL查询。了解如何立即使用参数。否则,您的站点将面临巨大的安全问题。警告:当使用mysqli
时,您应该使用和将用户数据添加到查询中。不要使用字符串插值或串联来完成此操作,因为您已经创建了严重的错误。切勿将$\u POST
、$\u GET
或任何用户数据直接放入查询中,如果有人试图利用您的错误进行攻击,这可能会非常有害。无需编辑帖子,请在此处评论您所获得的错误我得到了“警告:mysqli\u error()正好需要1个参数”$result=mysqli\u query($connection,$query)或die(mysqli\u error());获取原始答案中的更新代码。您应该始终在所有mysqli_错误函数中传递$connection对象,即在所有位置用mysqli_错误($connection)替换$result=mysqli_查询($connection,$query)或die(mysqli_错误($connection));先生
UPDATE doc
SET title = '$title'
, date = '$date'
, from_to = '$from_to'
, details = '$details'
, d_location = '$d_location'
, d_stat = '$d_stat'
WHERE id_doc = '$id_doc'