如何在PHP中一次编辑多个值
我试图一次编辑多个列。我希望用户能够编辑很多字段。我不确定我到底做错了什么。任何帮助都将不胜感激。声明您的mySQL查询存在问题,请联系技术支持,并提供以下信息:如何在PHP中一次编辑多个值,php,mysql,edit,field,Php,Mysql,Edit,Field,我试图一次编辑多个列。我希望用户能够编辑很多字段。我不确定我到底做错了什么。任何帮助都将不胜感激。声明您的mySQL查询存在问题,请联系技术支持,并提供以下信息: <?php $dbserver = ""; $dblogin = ""; $dbpassword = ""; $dbname = ""; $con = mysqli_connect("$dbserver","$dblogin","$dbpas
<?php
$dbserver = "";
$dblogin = "";
$dbpassword = "";
$dbname = "";
$con = mysqli_connect("$dbserver","$dblogin","$dbpassword","$dbname");
if (!$con)
{
die('Could not connect to the mySQL server please contact technical
support with the following information: ' . mysqli_connect_errno());
}
$organization = mysqli_real_escape_string($_POST['organization']);
$firstname = mysqli_real_escape_string($_POST['firstname']);
$lastname = mysqli_real_escape_string($_POST['lastname']);
$rank = mysqli_real_escape_string($_POST['rank']);
$branch= mysqli_real_escape_string($_POST['branch']);
$gender= mysqli_real_escape_string($_POST['gender']);
$emailaddress = mysqli_real_escape_string($_POST['emailaddress']);
$jobtitle = mysqli_real_escape_string($_POST['jobtitle']);
$company = mysqli_real_escape_string($_POST['company']);
$businessphone = mysqli_real_escape_string($_POST['businessphone']);
$homephone = mysqli_real_escape_string($_POST['homephone']);
$mobilephone = mysqli_real_escape_string($_POST['mobilephone']);
$faxnumber = mysqli_real_escape_string($_POST['faxnumber']);
$address = mysqli_real_escape_string($_POST['address']);
$city = mysqli_real_escape_string($_POST['city']);
$state = mysqli_real_escape_string($_POST['state']);
$zippostal = mysqli_real_escape_string($_POST['zippostal']);
$country = mysqli_real_escape_string($_POST['country']);
$notes = mysqli_real_escape_string($_POST['notes']);
$donorid = mysqli_real_escape_string($_POST['donorid']);
// make the query a variable so we can print out if it fails
$query = "UPDATE donors SET organization = '$organization', firstname =
'$firstname', lastname = '$lastname', rank = '$rank', branch = '$branch',
gender = '$gender', emailaddress = '$emailaddress', jobtitle = '$jobtitle',
company = '$company', businessphone = '$businessphone', homephone =
'$homephone', mobilephone = '$mobilephone', faxnumber = '$faxnumber', address =
'$address', city = '$city', state = '$state', zippostal = '$zippostal', country
= '$country', notes = '$notes', donorid = '$donorid' WHERE donorid =
'$donorid'";
$sql = mysqli_query($con,$query) or die('There was a problem with your mySQL
query please contact technical support with the following information: ' .
mysqli_error());
// troubleshooting for development only
if(mysqli_affected_rows($sql) < 1){
die('There was a problem with your mySQL query : ' . $query);}
mysqli_close($con);
header( 'Location: http://localhost/moddonor.php' ) ;
?>
您没有提到错误是什么,但是
例如,我认为必须使用单引号(')来包装这些值
设置组织=$organization
变成
set organization='$organization'您没有提到错误是什么,但是
例如,我认为必须使用单引号(')来包装这些值
设置组织=$organization
变成
设置organization='$organization'您使用的是mysql\u connect()
,但使用的是mysqli\u query()
。您还需要将您的值用引号括起来。
/“
将您的连接更改为asmysql\u
函数已折旧
$con = mysqli_connect("$dbserver", "$dblogin", "$dbpassword", "$dbname");
if (!$con)
{
die('Could not connect to the mySQL server please contact
technical support with the following information: ' . mysqli_error());
}
mysqli_query($con,"UPDATE donors set organization = '$organization', firstname =
'$firstname', lastname = '$lastname', rank = '$rank', branch = '$branch',
gender = '$gender', emailaddress = '$emailaddress', jobtitle = '$jobtitle', company
='$company', businessphone = '$businessphone', homephone = '$homephone',
mobilephone = '$mobilephone', faxnumber = '$faxnumber', address = '$address', city =
'$city', state = '$state', zippostal = '$zippostal', country = '$country',
note = '$note' WHERE donorid= '$donorid'");
此外,学习如何做准备好的陈述也是有益的-
请参见-或
编辑
显然,在查询中使用变量之前,您没有设置变量。注意:请确保清理所有用户输入。请参阅
编辑2
更新后的脚本中存在一些问题-
organization=$\u POST['$organization'],$firstname=$\u POST['$firstname']
,mysql\u error()
,等等。请尝试使用以下代码编辑
<?php
$dbserver = "";
$dblogin = "";
$dbpassword = "";
$dbname = "";
$con = mysqli_connect("$dbserver","$dblogin","$dbpassword","$dbname");
if (!$con)
{
die('Could not connect to the mySQL server please contact technical support with
the following information: ' . mysqli_connect_errno());
}
$organization = mysqli_real_escape_string($_POST['organization']);
$firstname = mysqli_real_escape_string($_POST['firstname']);
$lastname = mysqli_real_escape_string($_POST['lastname']);
$rank = mysqli_real_escape_string($_POST['rank']);
$branch= mysqli_real_escape_string($_POST['branch']);
$gender= mysqli_real_escape_string($_POST['gender']);
$emailaddress = mysqli_real_escape_string($_POST['emailaddress']);
$donorid = mysqli_real_escape_string($_POST['donorid']);
// make the query a variable so we can print out if it fails
$query = "UPDATE donors SET organization = '$organization', firstname = '$firstname', lastname = '$lastname', rank = '$rank', branch = '$branch', gender = '$gender', emailaddress = '$emailaddress' WHERE donorid = '$donorid'";
$sql = mysqli_query($con,$query) or die('There was a problem with your mySQL query please contact technical support with the following information: ' . mysqli_error());
// troubleshooting for development only
if(mysqli_affected_rows($sql) < 1){
die('There was a problem with your mySQL query : ' . $query);}
mysqli_close($con);
header( 'Location: http://localhost/moddonor.php' ) ;
您使用的是mysql\u connect()
,但是使用的是mysqli\u query()
。您还需要将您的值括在引号中”
/“
将您的连接更改为asmysql\u
函数已折旧
$con = mysqli_connect("$dbserver", "$dblogin", "$dbpassword", "$dbname");
if (!$con)
{
die('Could not connect to the mySQL server please contact
technical support with the following information: ' . mysqli_error());
}
mysqli_query($con,"UPDATE donors set organization = '$organization', firstname =
'$firstname', lastname = '$lastname', rank = '$rank', branch = '$branch',
gender = '$gender', emailaddress = '$emailaddress', jobtitle = '$jobtitle', company
='$company', businessphone = '$businessphone', homephone = '$homephone',
mobilephone = '$mobilephone', faxnumber = '$faxnumber', address = '$address', city =
'$city', state = '$state', zippostal = '$zippostal', country = '$country',
note = '$note' WHERE donorid= '$donorid'");
此外,学习如何做准备好的陈述也是有益的-
请参见-
或
编辑
显然,在查询中使用变量之前,您没有设置它们。注意:确保对任何用户输入进行消毒。看
编辑2
更新后的脚本中存在一些问题-organization=$\u POST['$organization'],$firstname=$\u POST['$firstname']
,mysql\u error()
,等等。请尝试使用以下代码编辑
<?php
$dbserver = "";
$dblogin = "";
$dbpassword = "";
$dbname = "";
$con = mysqli_connect("$dbserver","$dblogin","$dbpassword","$dbname");
if (!$con)
{
die('Could not connect to the mySQL server please contact technical support with
the following information: ' . mysqli_connect_errno());
}
$organization = mysqli_real_escape_string($_POST['organization']);
$firstname = mysqli_real_escape_string($_POST['firstname']);
$lastname = mysqli_real_escape_string($_POST['lastname']);
$rank = mysqli_real_escape_string($_POST['rank']);
$branch= mysqli_real_escape_string($_POST['branch']);
$gender= mysqli_real_escape_string($_POST['gender']);
$emailaddress = mysqli_real_escape_string($_POST['emailaddress']);
$donorid = mysqli_real_escape_string($_POST['donorid']);
// make the query a variable so we can print out if it fails
$query = "UPDATE donors SET organization = '$organization', firstname = '$firstname', lastname = '$lastname', rank = '$rank', branch = '$branch', gender = '$gender', emailaddress = '$emailaddress' WHERE donorid = '$donorid'";
$sql = mysqli_query($con,$query) or die('There was a problem with your mySQL query please contact technical support with the following information: ' . mysqli_error());
// troubleshooting for development only
if(mysqli_affected_rows($sql) < 1){
die('There was a problem with your mySQL query : ' . $query);}
mysqli_close($con);
header( 'Location: http://localhost/moddonor.php' ) ;
根据@Sean answer上的对话,您需要动态地构建查询,类似的方法应该可以工作(还应该注意,我使用php5.3+特定语法来处理带有数组映射的anon函数)
:
你做错了很多事情:
您同时使用的是mysql\u*
和mysqli\u*
它们是不可互换的。使用mysqli.*
,因为mysql.*
已弃用,不应再使用ans;所有mysql函数都应该是mysqli
版本
你需要在你的值周围加引号,你还需要转义那些值。因为你使用的是mysqli
资源连接是查询函数的第二个参数,而不是第一个参数
--
根据@Sean answer上的对话,您需要动态地构建查询,类似这样的方法应该可以工作(还应该注意,我使用php5.3+特定语法对带有array\u map
)的anon函数执行以下操作:
你做错了很多事情:
您同时使用的是mysql\u*
和mysqli\u*
它们是不可互换的。使用mysqli.*
,因为mysql.*
已弃用,不应再使用ans;所有mysql函数都应该是mysqli
版本
你需要在你的值周围加引号,你还需要转义那些值。因为你使用的是mysqli
资源连接是查询函数的第二个参数,而不是第一个参数
--
是什么告诉你你做得不对?发生了什么事?你希望发生什么?在更新中用引号括住所有这些值?我认为你的查询是无效的。我认为没有引号只适用于数字。让我来测试一下。如果您输入的字符串看起来像是字符串,那么它们周围需要有”
引号并正确转义。或者更好的是,使用参数化queries@DustinVicent在新编辑中,查询仍有错误。我对下面的答案进行了第二次编辑,修复了您的一些错误,并添加了mysqli\u infected\u rows()
,以便在查询不起作用的情况下错误地输出代码并打印查询。是什么告诉您您做得不正确?发生了什么事?你希望发生什么?在更新中用引号括住所有这些值?我认为你的查询是无效的。我认为没有引号只适用于数字。让我来测试一下。如果您输入的字符串看起来像是字符串,那么它们周围需要有”
引号并正确转义。或者更好的是,使用参数化queries@DustinVicent在新编辑中,查询仍有错误。我已经对下面的答案进行了第二次编辑,修复了您的一些错误,并添加了mysqli\u infected\u rows()
,如果查询不起作用,则将代码出错并打印查询。好的,下面是我现在的内容。我试着只是更改组织并点击提交,什么都没有发生,没有更改,它的行为就像更新一样,但事实并非如此。在您的示例中,您还需要将mysql\u error()
更改为mysqli\u error()
。@Sean:很好,错过了那个。谢谢好的,这是我现在拥有的。我试着只是更改组织并点击提交,什么都没有发生,没有更改,它的行为就像更新一样,但事实并非如此。在您的示例中,您还需要将mysql\u error()
更改为mysqli\u error()
。@Sean:很好,错过了那个。谢谢尝试添加或死亡(mysqli_error())代码>在您的
// array of field => bind type
$fields = array(
'firstname' => 's',
'lastname' => 's',
'rank' => 'i',
// other fields EXCEPT donorid
);
// template for the sql
$sqlTemplate = 'UPDATE SET %s WHERE donorid = ?';
// array to hold the fields we will actually use with the query
$params = array();
// lets check the fileds against those allowed
// and stick them in the $params array - note we exclude donorid
// because its required
foreach ($fields as $field => $type) {
if(isset($_POST[$field]) && !empty($_POST[$field])) {
$params[$field] = array(
'value' => $_POST[$field],
'type' => $type
);
}
}
// if we actually have something to update then lets prep the sql
if(!empty($params)) {
$forUpdate = array_map(function ($f) { return $field . ' = ?'; }, array_keys($params));
$sql = sprtintf($sqlTemplates, implode(',', $forUpdate));
// $sql is now the parameterized query like my example below
// compile all the parameter types into a single string like 'ssi'
$types = implode('', array_map(function($v){ return $v['type'];}, $params));
// now we need to push the $stmt and the $types onto $params
array_unshift ($params, $stmt, $types);
// params now looks like:
// Array ( 0 => Msqil_Stmt, 1 => 'ssi', 'firstname' => 'thevalue', 'lastname' => 'value', 'rank' => 1, etc..)
// now call bindparam via call_user_func_array
call_user_func_array('mysql_stmt_bind_param', $params);
// now execute the query:
mysqli_stmt_execute($stmt);
}
// with mysqli the db name is passed as an argument wen creating the connection
$con = mysqli_connect("$dbserver","$dblogin","$dbpassword", $dbname);
if (!$con) {
die('Could not connect to the mySQL server please contact
technical support with the following information: ' . mysqli_error());
}
$sql = "UPDATE donors set organization = ?, firstname =
?, lastname = ?, rank = ?, branch = ?,
gender = ?, emailaddress = ?, jobtitle = ?, company
=?, businessphone = ?, homephone = ?,
mobilephone =?, faxnumber = ?, address = ?, city =
?, state = ?, zippostal =?, country = ?,
note = ?
WHERE donorid= ?";
$stmt = mysqli_preapre($sql);
mysqli_bind_param($stmt,
'ssisss...i',
$organization,
$firstname,
$lastname,
$rank,
$branch,
$gender,
$emailaddress,
// other feilds... the must be in the same order as named in the query
// then lastly the donorid
$donorid
);
// execute the query
mysqli_stmt_excecute($stmt);
mysqli_close($con);
header( 'Location: http://localhost/moddonor.php' ) ;