Warning: file_get_contents(/data/phpspider/zhask/data//catemap/5/tfs/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
PHP MySQL在MySQL生成的提交表上设置会话_Php_Session Variables_Mysql - Fatal编程技术网
Fatal编程技术网
  • php/
  • PHP MySQL在MySQL生成的提交表上设置会话

PHP MySQL在MySQL生成的提交表上设置会话

php mysql

PHP MySQL在MySQL生成的提交表上设置会话,php,session-variables,mysql,Php,Session Variables,Mysql,好了。我有一个网站,有一个登录名。成功登录后,将创建一个名为user的会话变量,其中包含userid、username、email等的数组。然后从那里我有其他网页的链接。给我带来麻烦的是我有一个名为membership.php的页面。此页面对用户ID、用户名、电子邮件进行选择查询,并生成一个包含所有用户的表。在每个名为“编辑”的用户旁边还有一个提交按钮。单击此按钮时,它将重定向到页面edit_account.php。我的目标是,当我单击edit按钮时,将创建一个会话变量,其中包含该特定用户的us

好了。我有一个网站,有一个登录名。成功登录后,将创建一个名为user的会话变量,其中包含userid、username、email等的数组。然后从那里我有其他网页的链接。给我带来麻烦的是我有一个名为membership.php的页面。此页面对用户ID、用户名、电子邮件进行选择查询,并生成一个包含所有用户的表。在每个名为“编辑”的用户旁边还有一个提交按钮。单击此按钮时,它将重定向到页面edit_account.php。我的目标是,当我单击edit按钮时,将创建一个会话变量,其中包含该特定用户的userid。然后,当它重定向到edit_account.php页面时,我可以使用该会话作为select语句的一部分,从表中收集数据,然后编辑该用户的详细信息。下面是我的代码的剪贴画,所以你可以看到我在说什么

<?php 

// First we execute our common code to connection to the database and start the session 
require("common.php"); 

// At the top of the page we check to see whether the user is logged in or not 
if(empty($_SESSION['user'])) 
{ 
    // If they are not, we redirect them to the login page. 
    header("Location: ../../index.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to index.php"); 
} 

// We can retrieve a list of members from the database using a SELECT query. 
// In this case we do not have a WHERE clause because we want to select all 
// of the rows from the database table. 
$query = " 
    SELECT 
id,
        roleid, 
        username, 
        email 
    FROM user
"; 

try 
{ 
    // These two statements run the query against your database table. 
    $stmt = $db->prepare($query); 
    $stmt->execute(); 
} 
catch(PDOException $ex) 
{ 
    // Note: On a production website, you should not output $ex->getMessage(). 
    // It may provide an attacker with helpful information about your code.  
    die("Failed to run query: " . $ex->getMessage()); 
} 


// Finally, we can retrieve all of the found rows into an array using fetchAll 
$rows = $stmt->fetchAll(); 


if (isset($_POST['Edit'])) {


    $_SESSION['id'] = $_POST['id'];
    header("Location: edit_account.php");

}

?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Registration</title>
<link href="../../css/default.css" rel="stylesheet" type="text/css" />
</head>

<div id="container">
    <div id="header">
        <h1>

        </h1>
    </div>
    <div id="navigation">
        <ul>
            <li><a href="../adminindex.php">Home</a></li>
            <li><a href="#">About</a></li>
            <li><a href="#">Services</a></li>
            <li><a href="#">Contact us</a></li>
            <li><a href="logout.php">Logout</a></li>
        </ul>
    </div>
    <div id="content">
        <h2>
            Users
        </h2>
    <form action="" method="post">    
    <table border="0" align="left" cellpadding="25px">

        <tr> 
            <th>ID</th> 
            <th>Role ID</th> 
            <th>Username</th> 
            <th>E-Mail Address</th> 
        </tr> 

        <?php foreach($rows as $row): ?> 
            <tr> 
                <td><?php echo $row['id']; ?></td>
                <td><?php echo $row['roleid']; ?></td> <!-- htmlentities is not needed here because $row['id'] is always an integer --> 
                <td><?php echo htmlentities($row['username'], ENT_QUOTES, 'UTF-8'); ?></td> 
                <td><?php echo htmlentities($row['email'], ENT_QUOTES, 'UTF-8'); ?></td> 
                <td><input name="Edit" type="submit" value="Edit" /></td>
                <td><input name="id" type="hidden" value="<?php echo $row['id']; ?>" /></td>
            </tr> 
        <?php 
        endforeach; 
        ?>

         </tr>
     </table>  
     </form>

    </div>
    <div id="footer">
        Copyright ©  2013
    </div>
</div>



<body>
</body>
</html>
但我尝试了很多东西,但似乎没有任何效果。同样在edit_account.php页面的顶部,我有以下代码:

echo '<pre>';
var_dump($_SESSION);
echo '</pre>';
提前谢谢你的帮助。非常感谢您所做的一切。

主要的问题是,您基本上是在构建一个表单,它看起来(去掉了所有松散的html):

注意,现在每行都有自己的表单,其中有一个提交按钮和一个隐藏字段。这样,只需提交一个隐藏字段,您就可以在PHP代码中获得正确的
id
值。

将表单代码放在每个表行中,而不是整个表中的单个表单中

另一个问题是你从管理员帐户登录,并且你正在更改管理员会话变量,所以为它声明另一个会话变量

或者,你也可以将更新代码放在提交表单的页面开头,这样就可以更新用户数据,而无需更改会话变量。

这很好。谢谢你,马克B。正是我想要的。这是html代码:

if (isset($_POST['Edit'])) {

$_SESSION['id'] = $_POST['id'];
header("Location: edit_account.php");

}
但我似乎遇到了另一个问题:(我还想在每行添加一个删除按钮来删除该用户帐户。现在看起来是这样的:

if (isset($_POST['Delete'])) {

// Everything below this point in the file is secured by the login system 

// We can retrieve a list of members from the database using a SELECT query. 
// In this case we do not have a WHERE clause because we want to select all 
// of the rows from the database table. 
$query = " 
    DELETE 
    FROM user
    WHERE
        id = :id 
"; 

// The parameter values 
$query_params = array( 
    ':id' => $_POST['id'] 
); 

try 
{ 
    // These two statements run the query against your database table. 
    $stmt = $db->prepare($query); 
    $result = $stmt->execute($query_params); 
}

catch(PDOException $ex) 
{ 
    // Note: On a production website, you should not output $ex->getMessage(). 
    // It may provide an attacker with helpful information about your code.  
    die("Failed to run query: " . $ex->getMessage()); 
} 


// Finally, we can retrieve all of the found rows into an array using fetchAll 
$rows = $stmt->fetch(); 


    // This redirects the user back to the members-only page after they register 
    header("Location: ../adminindex.php"); 

    // Calling die or exit after performing a redirect using the header function 
    // is critical.  The rest of your PHP script will continue to execute and 
    // will be sent to the user if you do not die or exit. 
    die("Redirecting to adminindex.php.php"); 


}
我的问题是重定向。当我单击“删除”按钮时,它实际上会运行查询,但之后它只是重定向到memberlist.php,但页面是空的!?为什么会发生这种情况?我是否缺少一些内容?我已尝试更改标题位置,但没有成功。感谢您的帮助!

确保您正在调用每个标题你能调试一下吗?使用
var_dump
并确保你认为存在的东西确实存在。我还想看看这样一个工具,它可以让你轻松地检查请求。好的,所以session_start()是在common.php中调用的,它包含了common.php,这样就可以了,否则它就不会找到“用户”会话。我对会话变量使用了var_dump。我知道这是有效的,因为[“id”]=>NULL。我称我的会话为“id”。此外,如果我硬编码一个数字,例如$\u session['id']=2,它会工作,并显示为2。谢谢。请查看我的“答案”回答这个问题。让我知道你认为你不需要在每个表单元格中都使用
foo
是毫无意义的。没有表单字段,所以没有任何内容要提交。对,我理解,谢谢。你知道我为什么要重定向到空白页吗? 
<form>
<input name="Edit" type="submit" value="Edit" />
<input name="id" type="hidden" value="foo" />
<input name="Edit" type="submit" value="Edit" />
<input name="id" type="hidden" value="bar" />
<input name="Edit" type="submit" value="Edit" />
<input name="id" type="hidden" value="baz" />
etc...
</form>

<table>
<tr><td><form><input type="hidden" name="id" value="foo"><input type="submit"></form></td></tr>
<tr><td><form><input type="hidden" name="id" value="bar"><input type="submit"></form></td></tr>
<tr><td><form><input type="hidden" name="id" value="baz"><input type="submit"></form></td></tr>
etc..
</table>

        <?php foreach($rows as $row): ?> 
        <tr> 
            <td> <form action="" method="post"> <?php echo $row['id']; ?> </form> </td> 
            <td> <form action="" method="post"> <?php echo $row['roleid']; ?>  </form> </td>
            <td> <form action="" method="post"> <?php echo htmlentities($row['username'], ENT_QUOTES, 'UTF-8'); ?> </form> </td>  
            <td> <form action="" method="post"> <?php echo htmlentities($row['email'], ENT_QUOTES, 'UTF-8'); ?> </form> </td>  
            <td> <form action="" method="post"> <input name="Edit" type="submit" value="Edit" /> <input name="id" type="hidden" value="<?php echo $row['id']; ?>" /> </form> </td>

        </tr> 
    <?php endforeach; ?>

if (isset($_POST['Edit'])) {

$_SESSION['id'] = $_POST['id'];
header("Location: edit_account.php");

}

<td> <form action="" method="post"> <input name="Delete" type="submit" value="Delete" /> <input name="id" type="hidden" value="<?php echo $row['id']; ?>" /> </form> </td>

if (isset($_POST['Delete'])) {

// Everything below this point in the file is secured by the login system 

// We can retrieve a list of members from the database using a SELECT query. 
// In this case we do not have a WHERE clause because we want to select all 
// of the rows from the database table. 
$query = " 
    DELETE 
    FROM user
    WHERE
        id = :id 
"; 

// The parameter values 
$query_params = array( 
    ':id' => $_POST['id'] 
); 

try 
{ 
    // These two statements run the query against your database table. 
    $stmt = $db->prepare($query); 
    $result = $stmt->execute($query_params); 
}

catch(PDOException $ex) 
{ 
    // Note: On a production website, you should not output $ex->getMessage(). 
    // It may provide an attacker with helpful information about your code.  
    die("Failed to run query: " . $ex->getMessage()); 
} 


// Finally, we can retrieve all of the found rows into an array using fetchAll 
$rows = $stmt->fetch(); 


    // This redirects the user back to the members-only page after they register 
    header("Location: ../adminindex.php"); 

    // Calling die or exit after performing a redirect using the header function 
    // is critical.  The rest of your PHP script will continue to execute and 
    // will be sent to the user if you do not die or exit. 
    die("Redirecting to adminindex.php.php"); 


}