问题描述
我有一张如下所示的表格:
我希望能够在php中编辑一行。
这些值来自像这样的html文件:
用户名
[email protected] < - 将写入文本框
密码
strong>student2 < - 将写入文本框
姓名
student2 < - 将写入文本框
姓
student2 < - 将写入文本框
角色
学生< - This将被写入文本框中
我的php文件是:
<?php
$ hostname =localhost;
$ database =mydb;
$ username =myuser;
$ password =mypsw;
$ link = mysql_connect($ hostname,$ username,$ password)或
die(Prosoxi!Provlima stin sundesi me ton server:。mysql_error());
mysql_select_db($ database,$ link);
$ b $ mysql_query(UPDATE user
SET username ='.mysql_real_escape_string($ _ POST [nusername])。',
SET password ='.mysql_real_escape_string($ _ POST [ ($ _ POST [nname])。',
SET surname ='.mysql_real_escape_string($ _ POST [nsurname])。'',
SET name ='.mysql_real_escape_string ,
SET role ='.mysql_real_escape_string($ _ POST [nrole])。'
WHERE username ='。mysql_real_escape_string($ _ POST [us])。');
mysql_close($ link);
header(Location:users.php);
?>
1.更新不会发生,所以php文件有问题,找到。
2。如果我选择某个用户名,我该如何在html文件中实现已填充的框,并使用正确的值?
有人可以帮助我吗?先谢谢你。 :
这里有很多事情要做。
始终将整数作为主键,例如:id MEDIUMINT NOT NULL AUTO_INCREMENT。然后把它作为主键。
您需要使用 mysql_real_escape_string()
您需要连接您的查询,因此它应该看起来像这样:
mysql_query 更新用户
SET用户名='.mysql_real_escape_string($ _ POST [nusername])。'
SET password ='.mysql_real_escape_string($ _ POST [npassword])。''
SET name''.mysql_real_escape_string($ _ POST [nname])。''
SET surname ='.mysql_real_escape_string($ _ POST [nsurname])。'
SET role ='.mysql_real_escape_string($ _BOST [nrole])。''
WHERE username ='。mysql_real_escape_string($ _ POST [us])。');
这是更正的代码:
<?php
$ hostname = localhost的;
$ database =mydb;
$ username =myuser;
$ password =mypsw;
$ link = mysql_connect($ hostname,$ username,$ password)或
die(Prosoxi!Provlima stin sundesi me ton server:。mysql_error());
mysql_select_db($ database,$ link);
$ b mysql_query(UPDATE user
SET username ='.mysql_real_escape_string($ _ POST ['nusername'])。',
SET password ='.mysql_real_escape_string($ _POST ['npassword'])。'',
SET name ='.mysql_real_escape_string($ _ POST ['nname'])。'',
SET surname ='.mysql_real_escape_string($ _ POST [ 'nsurname'])。',
SET role ='.mysql_real_escape_string($ _ POST ['nrole'])。''
WHERE username ='。mysql_real_escape_string($ _ POST ['us' ]) ')。
mysql_close($ link);
header(Location:users.php);
?>
请注意围绕_POST var,$ _POST ['nusername']的单引号您有$ _POST [ n用户名]。
立即试用,看看它是否更新。
I have a table that looks like this:
and I want to be able to edit a row in php.The values are taken from a html file like this:
Username
[email protected] <--This will be written in a text box
Password
student2 <--This will be written in a text box
Name
student2 <--This will be written in a text box
Surname
student2 <--This will be written in a text box
Role
student <--This will be written in a text box
My php file is:
<?php
$hostname = "localhost";
$database = "mydb";
$username = "myuser";
$password = "mypsw";
$link = mysql_connect( $hostname , $username , $password ) or
die("Prosoxi!Provlima stin sundesi me ton server : " . mysql_error());
mysql_select_db($database,$link);
mysql_query("UPDATE user
SET username = '".mysql_real_escape_string($_POST[nusername])."',
SET password = '".mysql_real_escape_string($_POST[npassword])."',
SET name = '".mysql_real_escape_string($_POST[nname])."',
SET surname = '".mysql_real_escape_string($_POST[nsurname])."',
SET role = '".mysql_real_escape_string($_POST[nrole])."'
WHERE username='".mysql_real_escape_string($_POST[us])."'");
mysql_close($link);
header("Location: users.php");
?>
1.The update does not happen, so there's something wrong in the php file, that I can't find.
2. How can I achieve already filled boxes in the html file, with the right values, if I choose a certain username?
Can someone help me? Thank you in advance. :)
There is a lot going on here.
Always us a integer as a primary key, example: id MEDIUMINT NOT NULL AUTO_INCREMENT. Then make it the primary key.
you need to sanitize your input to the database using
mysql_real_escape_string()you need to concatenate your query, so it should look like this:
mysql_query("UPDATE user SET username = '".mysql_real_escape_string($_POST[nusername])."' SET password = '".mysql_real_escape_string($_POST[npassword])."' SET name = '".mysql_real_escape_string($_POST[nname])."' SET surname = '".mysql_real_escape_string($_POST[nsurname])."' SET role = '".mysql_real_escape_string($_POST[nrole])."' WHERE username='".mysql_real_escape_string($_POST[us])."'");
Here is corrected code:
<?php
$hostname = "localhost";
$database = "mydb";
$username = "myuser";
$password = "mypsw";
$link = mysql_connect( $hostname , $username , $password ) or
die("Prosoxi!Provlima stin sundesi me ton server : " . mysql_error());
mysql_select_db($database,$link);
mysql_query("UPDATE user
SET username = '".mysql_real_escape_string($_POST['nusername'])."',
SET password = '".mysql_real_escape_string($_POST['npassword'])."',
SET name = '".mysql_real_escape_string($_POST['nname'])."',
SET surname = '".mysql_real_escape_string($_POST['nsurname'])."',
SET role = '".mysql_real_escape_string($_POST['nrole'])."'
WHERE username='".mysql_real_escape_string($_POST['us'])."'");
mysql_close($link);
header("Location: users.php");
?>
notice the single quote surrounding the _POST var, $_POST['nusername'] you had $_POST[nusername].
Try it now, and see if it updates.
这篇关于在php中更新一行mysql的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!