我一直在尝试通过使用html表单更新表上的记录。我能够成功创建和删除记录,但无法更新它。我不确定我做错了什么。可能是SQL查询语法吗?还是我的保存按钮没有调用我的条件声明?我将不胜感激。

ps。我知道我的SQL数据库可以进行SQL注入。它将很快实施!

<?php
    include('partregister2.php');
    $epr='';
    $msg='';
    if(isset($_GET['epr']))
    $epr=$_GET['epr'];

    //+++++++++++++++ UPDATE PARTICIPANTS RECORD +++++++++++++++++
    if($epr=='saveup'){
        $Name=$_POST['name'];
        $Surname=$_POST['surname'];
        $Date_of_Birth=$_POST['dob'];
        $Age_at_Camp=$_POST['age'];
        $Branch=$_POST['branch'];
        $Gender=$_POST['gender'];
        $Address=$_POST['address'];
        $Contact_No=$_POST['contactNo'];
        $Next_of_Kin=$_POST['nextKin'];
        $Kin_ContactNo=$_POST['kinContact'];
        $Attendance_Camp=$_POST['attendCamp'];
        $Attendance_School=$_POST['attendSchool'];
        $Comments=$_POST['comments'];
        $event_name_FK=$_POST['Event_Name'];
        $Room_Name_FK=$_POST['Room_Name'];
        $a_sql = mysql_query("UPDATE participants SET Name='$Name',Surname='$Surname',Date_of_Birth ='$Date_of_Birth',Age_at_Camp ='$Age_at_Camp',Branch ='$Branch',Gender ='$Gender',Address ='$Address',
        Contact_No ='$Contact_No',Next_of_Kin ='$Next_of_Kin',Kin_ContactNo = '$Kin_ContactNo',Attendance_Camp ='$Attendance_Camp',Attendance_School ='$Attendance_School',Comments ='$Comments',event_name_FK ='$event_name_FK',Room_Name_FK ='$Room_Name_FK' WHERE partID='$id'");
        if(a_sql)
            header("location:index.php");
        else
            $msg='Error : '.mysql_error();
    }
?>

<html>
    <head>

    </head>
    <body>
<?php
    if($epr=='update'){
        $id=$_GET['id'];
        $row=mysql_query("SELECT * FROM participants WHERE partID='$id'");
        $st_row=mysql_fetch_array($row);
        ?>
    <h2 align="center">Update Participant Records</h2>
        <form method="POST" action='index.php?epr=saveup'>
        <table align="center">

        <tr>
        <td>First Name:</td>
        <td><input type='text' name ='name' value="<?PHP echo $st_row['Name'] ?>"/></td>
        </tr>

        <tr>
        <td>Surname:</td>
        <td><input type='text' name ='surname' value="<?PHP echo $st_row['Surname'] ?>"/></td>
        </tr>

        <tr>
        <td>Date of Birth:</td>
        <td><input type='date' name ='dob' value="<?PHP echo $st_row['Date_of_Birth']  ?>"/></td>
        </tr>

        <tr>
        <td>Age at Camp:</td>
        <td><input type='text' name ='age' value="<?PHP echo $st_row['Age_at_Camp'] ?>"/></td>
        </tr>

        <tr>
        <td>Branch:</td>
        <td><select name='branch' value="<?PHP echo $st_row['Branch'] ?>"/>
        <option></option>
        <option>Brixton</option>
        <option>North London</option>
        <option>East London</option>
        <option>Southall</option>
        <option>Leicester</option>
        <option>Newport</option>
        <option>Liverpool</option></td>
        </tr>
        </select>

        <tr>
        <td>Gender:</td>
        <td>Male<input type="radio" value="male" name="gender" value="<?PHP echo $st_row['Gender'] ?>"/>
        Female<input type="radio" value="female" name="gender" value="<?PHP echo $st_row['Gender'] ?>" /><td/>
        </tr>

        <tr>
        <td>Address:</td>
        <td><input type='text' name ='address' value="<?PHP echo $st_row['Address'] ?>"/></td>
        </tr>

        <tr>
        <td>Contact No:</td>
        <td><input type='text' name ='contactNo' value="<?PHP echo $st_row['Contact_No'] ?>"/></td>
        </tr>

        <tr>
        <td>Next of Kin:</td>
        <td><input type='text' name ='nextKin' value="<?PHP echo $st_row['Next_of_Kin'] ?>"/></td>
        </tr>

        <tr>
        <td>Kin's Contact No:</td>
        <td><input type='text' name ='kinContact' value="<?PHP echo $st_row['Kin_ContactNo'] ?>"/></td>
        </tr>

        <tr>
        <td>Attendance at Camp:</td>
        <td><input type='text' name ='attendCamp' value="<?PHP echo $st_row['Attendance_Camp'] ?>"/></td>
        </tr>

        <tr>
        <td>Attendance at Sunday School:</td>
        <td><input type='text' name ='attendSchool' value="<?PHP echo $st_row['Attendance_School'] ?>"/></td>
        </tr>

        <tr>
        <td>Comments:</td>
        <td><input type='text' name ='comments' value="<?PHP echo $st_row['Comments'] ?>"/></td>
        </tr>


        <tr>
        <td>Event Name:</td>
        <td><select name='Event_Name' value="<?PHP echo $st_row['event_name_FK'] ?>">
<?php
        $res = mysql_query("SELECT * FROM events");
        while($row=mysql_fetch_array($res))
        {
?>
        <option>
        <?php echo $row["Event_Name"]; ?>
        </option>
        <?php } ?>
        </tr>
        </select>


        <tr>
        <td>Allocate Room:</td>
        <td><select name='Room_Name' value="<?PHP echo $st_row['Room_Name_FK'] ?>">
<?php
        $res = mysql_query("SELECT * FROM rooms");
        while($row=mysql_fetch_array($res))
        {
?>
        <option>
        <?php echo $row["Room_Name"]; ?>
        </option>
        <?php } ?>
        </td>
        </select>
        </tr>
        <td></td>
        <tr>
        <td></td>
        <td><input type ='submit' name='save'/></td>
        </tr>
    </table>
    </form>
    <?php } else{
?>
</body>
</html>

最佳答案

我认为您忘记添加$



$a_sql = mysql_query("UPDATE participants SET Name='$Name',Surname='$Surname',Date_of_Birth ='$Date_of_Birth',Age_at_Camp ='$Age_at_Camp',Branch ='$Branch',Gender ='$Gender',Address ='$Address',
        Contact_No ='$Contact_No',Next_of_Kin ='$Next_of_Kin',Kin_ContactNo = '$Kin_ContactNo',Attendance_Camp ='$Attendance_Camp',Attendance_School ='$Attendance_School',Comments ='$Comments',event_name_FK ='$event_name_FK',Room_Name_FK ='$Room_Name_FK' WHERE partID='$id'");
        if($a_sql)  //here
            header("location:index.php");
        else
            $msg='Error : '.mysql_error();

关于php - 使用HTML表单在php上更新sql表,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/43368922/

10-12 17:53