不应在数据库mysql PHP上更新空白字段
如果用户试图只更新电子邮件,我总共有两个字段,即名称和电子邮件。。它应该只更新电子邮件字段,而不更新名称字段。在我的例子中,如果我们将输入字段保持为空,它将使用空值进行更新。这是我用来学习的PHP代码。我知道我提供的代码会导致sql注入,但它仅供我参考。请让我知道如何解决这个现有的代码,我知道我们要做些什么,如果(修剪($name)=='')等,但没有得到如何在这个代码上实现清晰的图片不应在数据库mysql PHP上更新空白字段,php,mysql,mysqli,sql-update,Php,Mysql,Mysqli,Sql Update,如果用户试图只更新电子邮件,我总共有两个字段,即名称和电子邮件。。它应该只更新电子邮件字段,而不更新名称字段。在我的例子中,如果我们将输入字段保持为空,它将使用空值进行更新。这是我用来学习的PHP代码。我知道我提供的代码会导致sql注入,但它仅供我参考。请让我知道如何解决这个现有的代码,我知道我们要做些什么,如果(修剪($name)=='')等,但没有得到如何在这个代码上实现清晰的图片 <?php require('connections/connect.php'); $res = ar
<?php
require('connections/connect.php');
$res = array();
if( $_REQUEST['tablename'] != null &&
$_REQUEST['idName'] != null &&
$_REQUEST['idValue'] != null
){
$tablename = $_REQUEST['tablename'] ;
$idName = $_REQUEST['idName'] ;
$idValue = $_REQUEST['idValue'] ;
$name= $_REQUEST['name'] ;
$email= $_REQUEST['email'] ;
if (mysqli_query($conn,"UPDATE $tablename SET status = 2 , name= '$name' , email ='$email' WHERE $idName = $idValue" ) ){
$res['done'] =false;
$res['error'] = false;
$res['message'] = "Verified.";
$res['tablename'] = $tablename;
$res['idName'] = $idName;
$res['idValue'] = $idValue;
$res['updateadhar'] = $updateadhar;
}else{
$res['done'] =true;
$res['error'] = true;
$res['message'] = "Try again later.";
}
}else{
$res['error'] = true;
$res['message'] = "Fields are missing.";
}
echo json_encode($res);
?>
您可以在更新中再次读取用户信息,并检查发布的电子邮件地址是否为空,使用您一直阅读的电子邮件数据
在这种情况下,您可以确定您正在更新一个exist用户
<?php
require('connections/connect.php');
$res = array();
if( $_REQUEST['tablename'] != null &&
$_REQUEST['idName'] != null &&
$_REQUEST['idValue'] != null
){
$tablename = $_REQUEST['tablename'] ;
$idName = $_REQUEST['idName'] ;
$idValue = $_REQUEST['idValue'] ;
$name= $_REQUEST['name'] ;
$email= !empty($_REQUEST['email']) ? $_REQUEST['email'] : "" ;
//read user info here
// $user = getUserInfo($idValue )
// if($email == ""){
// $email = $user['emial'];
// }
if (mysqli_query($conn,"UPDATE $tablename SET status = 2 , name= '$name' , email ='$email' WHERE $idName = $idValue" ) ){
$res['done'] =false;
$res['error'] = false;
$res['message'] = "Verified.";
$res['tablename'] = $tablename;
$res['idName'] = $idName;
$res['idValue'] = $idValue;
$res['updateadhar'] = $updateadhar;
}else{
$res['done'] =true;
$res['error'] = true;
$res['message'] = "Try again later.";
}
}else{
$res['error'] = true;
$res['message'] = "Fields are missing.";
}
echo json_encode($res);
试试这些代码
<?php
require('connections/connect.php');
$res = array();
if(!is_null($_REQUEST['tablename']) && !is_null($_REQUEST['idName']) && !is_null($_REQUEST['idValue'])){
if(!empty(trim($_REQUEST['name'])) && !empty(trim($_REQUEST['email']))){
$tablename = $_REQUEST['tablename'] ;
$idName = $_REQUEST['idName'] ;
$idValue = $_REQUEST['idValue'] ;
$name= trim($_REQUEST['name']);
$email= trim($_REQUEST['email']) ;
$sql = "UPDATE `{$tablename}`SET status = 2, name= '{$name}', email ='{$email}' WHERE `{$idName}` = '{$idValue}'";
if(mysqli_query($conn,$sql)){
$res = array_merge(array('done' => false, 'error' => false, 'message' => 'Verified.', 'updateadhar' => $updateadhar), compact('tablename','idName','idValue'));
}else{ $res = array('done' = true, 'error' => true, 'message' => "Try again later."); }
}else{ $res = array('error' => true, 'message' => "Name/Email are missing."); }
}else{ $res = array('error' => true, 'message' => "Fields are missing."); }
echo json_encode($res);
?>
您需要提供一个检查,查看$\u REQUES[]是否有name和/或email的值,然后编写sql更新accordingly@Mowzey,我想这就是他们寻求帮助的原因。谢谢你的快速回复。。我怎么检查?你能提供一个关于我现有代码的示例或演示吗。。当输入字段为空时,它仍在用空白值更新。。。(关于数据库值已存在…当输入为空时,不应使用空值更新)@Shabarishhetty我无法理解,您在数据库中有正确的数据,如果用户emial未通过邮寄发送或为空,请使用数据库电子邮件值,此机制有何问题
<?php
require('connections/connect.php');
$res = array();
if(!is_null($_REQUEST['tablename']) && !is_null($_REQUEST['idName']) && !is_null($_REQUEST['idValue'])){
if(!empty(trim($_REQUEST['name'])) && !empty(trim($_REQUEST['email']))){
$tablename = $_REQUEST['tablename'] ;
$idName = $_REQUEST['idName'] ;
$idValue = $_REQUEST['idValue'] ;
$name= trim($_REQUEST['name']);
$email= trim($_REQUEST['email']) ;
$sql = "UPDATE `{$tablename}`SET status = 2, name= '{$name}', email ='{$email}' WHERE `{$idName}` = '{$idValue}'";
if(mysqli_query($conn,$sql)){
$res = array_merge(array('done' => false, 'error' => false, 'message' => 'Verified.', 'updateadhar' => $updateadhar), compact('tablename','idName','idValue'));
}else{ $res = array('done' = true, 'error' => true, 'message' => "Try again later."); }
}else{ $res = array('error' => true, 'message' => "Name/Email are missing."); }
}else{ $res = array('error' => true, 'message' => "Fields are missing."); }
echo json_encode($res);
?>