PHP更新什么都没有发生
这就是edit.php文档中的代码PHP更新什么都没有发生,php,mysql,Php,Mysql,这就是edit.php文档中的代码 <?php session_start(); include_once("db.php"); if(!isset($_SESSION['id'])){ header("Location: login.php"); } if(!isset($_SESSION['id'])){ header("Location: index.php"); return;
<?php
session_start();
include_once("db.php");
if(!isset($_SESSION['id'])){
header("Location: login.php");
}
if(!isset($_SESSION['id'])){
header("Location: index.php");
return;
}
if(!isset($_GET['pid'])){
header("Location: index.php");
} else {
echo "This seems to work";
$pid = $_GET['pid'];
echo $pid;
}
if(isset($_POST['edit'])){
$title = strip_tags($_POST['title']);
$content = strip_tags($_POST['content']);
$title = mysqli_real_escape_string($db, $title);
$content = mysqli_real_escape_string($db, $content);
$sql = "UPDATE users SET title='$title', content='$content' WHERE id='$pid'";
if($title == "" || $content == ""){
echo "Please complete your post!";
return;
}
mysqli_query($db, $sql);
header("Location: index.php");
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Blog - Post</title>
</head>
<body>
<form action="edit.php" method="edit" enctype="mutlipart/form-data">
<input placeholder="Title" name="title" type="text" autofocus size="48"><br /><br />
<textarea placeholder="Content" name="content" rows="20" cols="50"></textarea><br />
<input name="edit" type="submit" value="Post">
</form>
</body>
</html>
像其他人说的那样使用PDO
如果你想继续使用你已有的代码。将表单标记更改为:
<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post" enctype="mutlipart/form-data">
您容易受到SQL注入的攻击。请编写“echo$SQL;”而不是header(),然后检查生成查询。它也可能与您的表结构有关,因此请尝试将该查询复制粘贴到phpMyAdmin中并检查错误
如果成功,请检查mysqli\u query
。如果未返回$db->connect\u error
method="post" //change to post. Default is get
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post" enctype="mutlipart/form-data">
$sql = "UPDATE users SET title=?, content=? WHERE id=?";
$statement = $db->prepare($sql);
$statement->bind_param('ssi', $title, $content, $pid);
if($statement->execute()){
//all good
} else {
echo $db->error;
}
<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post" enctype="mutlipart/form-data">