尝试只更新表单中一次收到的字段,其他字段在PHP中变为空白
我正在尝试创建一个更新PHP函数,它正在工作,但我遇到了一些问题,我收到了来自表单的用户名电子邮件和密码,但如果用户将其中一个或两个留空,我想更新唯一一个没有留空的函数,例如“pass”,但当我这样做时,其他两个字段将更新为nothing或数据库中的blank,我的代码中有哪些错误尝试只更新表单中一次收到的字段,其他字段在PHP中变为空白,php,html,Php,Html,我正在尝试创建一个更新PHP函数,它正在工作,但我遇到了一些问题,我收到了来自表单的用户名电子邮件和密码,但如果用户将其中一个或两个留空,我想更新唯一一个没有留空的函数,例如“pass”,但当我这样做时,其他两个字段将更新为nothing或数据库中的blank,我的代码中有哪些错误 <?php session_start(); $id = $_SESSION['user_id']; $email = $_POST['emailAlter']; $no
<?php
session_start();
$id = $_SESSION['user_id'];
$email = $_POST['emailAlter'];
$nome = $_POST['nameAlter'];
$pass = $_POST['passAlter'];
$con = mysqli_connect("localhost", "root", "", "smarttime");
$query = mysqli_query($con,"UPDATE users SET use_name = '$nome', use_email = '$email', use_pass = '$pass' WHERE use_id = '$id'");
$test = mysqli_query($con,"SELECT * from users");
$row = mysqli_fetch_array($test);
if (!$con) {
die('Erro de Acesso à BD' . mysqli_connect_error());
}
if(!isset($email) || trim($email) == '')
{
$email = mysqli_query($con,"SELECT use_email from users where use_id ='$id");
$query = mysqli_query($con,"UPDATE users SET use_name = '$nome', use_email = '$email', use_pass = '$pass' WHERE use_id = '$id'");
}
if(!isset($nome) || trim($nome) == '')
{
$nome = mysqli_query($con,"SELECT use_name from users where use_id ='$id");
$query = mysqli_query($con,"UPDATE users SET use_name = '$nome', use_email = '$email', use_pass = '$pass' WHERE use_id = '$id'");
}
if(!isset($pass) || trim($pass) == '')
{
$nome = mysqli_query($con,"SELECT use_pass from users where use_id ='$id");
$query = mysqli_query($con,"UPDATE users SET use_name = '$nome', use_email = '$email', use_pass = '$pass' WHERE use_id = '$id'");
}
$query;
header('Location: logged.php');
exit();
?>
如果我假设用户id始终存在并且有效,那么您可以构建如下查询:
$setters = array();
if ($trim($email) != '') $setters[] = "use_email = '$email'";
if ($trim($nome) != '') $setters[] = "use_name = '$nome'";
if ($trim($pass) != '') $setters[] = "use_pass = '$pass'";
$query = "UPDATE users SET ".implode(", ",$setters)." WHERE use_id = '$id'";
$result = mysqli_query($con,$query);
因此,查询取决于输入的存在 如果我假设用户id始终存在并且有效,那么您可以构建如下查询:
$setters = array();
if ($trim($email) != '') $setters[] = "use_email = '$email'";
if ($trim($nome) != '') $setters[] = "use_name = '$nome'";
if ($trim($pass) != '') $setters[] = "use_pass = '$pass'";
$query = "UPDATE users SET ".implode(", ",$setters)." WHERE use_id = '$id'";
$result = mysqli_query($con,$query);
因此,查询取决于输入的存在 首先要更新,然后检查条件。更新之前必须检查所有变量
<?php
session_start();
$id = $_SESSION['user_id'];
$email = $_POST['emailAlter'];
$nome = $_POST['nameAlter'];
$pass = $_POST['passAlter'];
$con = mysqli_connect("localhost", "root", "", "smarttime");
$query = "UPDATE users SET ";
if (!$con) {
die('Erro de Acesso à BD' . mysqli_connect_error());
}
if(isset($email) && trim($email) != '')
{
$query .= "use_email = '$email' ";
}
if(isset($nome) && trim($nome) != '')
{
$query .= "use_name = '$nome' ";
}
if(isset($pass) && trim($pass) != '')
{
$query .= "use_pass = '$pass' ";
}
mysqli_query($con,$query." WHERE use_id = '$id'");;
header('Location: logged.php');
exit();
?>
首先要更新,然后检查条件。更新之前必须检查所有变量
<?php
session_start();
$id = $_SESSION['user_id'];
$email = $_POST['emailAlter'];
$nome = $_POST['nameAlter'];
$pass = $_POST['passAlter'];
$con = mysqli_connect("localhost", "root", "", "smarttime");
$query = "UPDATE users SET ";
if (!$con) {
die('Erro de Acesso à BD' . mysqli_connect_error());
}
if(isset($email) && trim($email) != '')
{
$query .= "use_email = '$email' ";
}
if(isset($nome) && trim($nome) != '')
{
$query .= "use_name = '$nome' ";
}
if(isset($pass) && trim($pass) != '')
{
$query .= "use_pass = '$pass' ";
}
mysqli_query($con,$query." WHERE use_id = '$id'");;
header('Location: logged.php');
exit();
?>
您将进行一个仅包含要更新的字段的查询。您可以检查是否输入了这样的内容:if(trim($pass)!=''…
。我真的希望这段代码永远不会进入公共系统,因为它对SQL注入是开放的。搜索这个词来了解更多。这是一个学校项目,老师并没有真正教我们任何东西,这不是为了学习company@KIKOSoftware它成功了,你能把它作为一个答案贴出来让我接受吗?谢谢哇,太快了。我将尝试回答。您将进行一个仅包含要更新的字段的查询。您可以检查是否输入了这样的内容:if(trim($pass)!=''…
。我真的希望这段代码永远不会进入公共系统,因为它对SQL注入是开放的。搜索这个词来了解更多。这是一个学校项目,老师并没有真正教我们任何东西,这不是为了学习company@KIKOSoftware它成功了,你能把它作为一个答案贴出来让我接受吗?谢谢哇,太快了。我要试着回答。