我正在尝试用php更新数据库中的一个表。我有一个函数,它调用数据库中设置为可见(visible=1)的所有页面,并在网站上列出它们。每个页面都有一个单选按钮,如果单选按钮设置为yes(值=1),则javascript会调用一个下拉选项。我希望用户能够选择他们的选项,当他们点击提交按钮时,可以将信息(页面名称和职位编号)插入到我的表格中。
下面是代码:
<?php
if (isset($_POST['submit'])) {
// Perform Update
$name = $_POST['visible_{$page["menu_name"]}'];
$featured_position = $_POST['featured_position'];
$query = "UPDATE pages SET
featured_position = {$featured_position}
WHERE menu_name = {$name}";
$result = mysql_query($query);
// test to see if the update occurred
if (mysql_affected_rows() == 1) {
// Success!
$message = "The page was successfully updated.";
} else {
$message = "The page could not be updated.";
$message .= "<br />" . mysql_error();
}
}
?>
<?php if (!empty($message)) {
echo "<p class='"message'">" . $message . "</p>";
} ?>
<form action="add_feature2.php" method="post">
<?php echo list_all_pages(); ?>
<input type="submit" name="submit" value="Edit Featured Companies" />
</form>
<?php
function get_all_pages() {
global $connection;
$query = "SELECT *
FROM pages ";
$query .= "WHERE visible = 1 ";
$query .= "ORDER BY position ASC";
$page_set = mysql_query($query, $connection);
confirm_query($page_set);
return $page_set;
}
function list_all_pages(){
$output = "<ul>";
//$output .= $counter = 0;
$page_set = get_all_pages();
while ($page = mysql_fetch_array($page_set)) {
$output .= "<li>{$page["menu_name"]}</li>";
$output .= " <div id='"$page[id]'" style='display: none'><select name='featured_position'><option value='1'>1</option><option value='2'>2</option><option value='3'>3</option></select></div>";
$output .= " <input onclick='"javascript:document.getElementById('$page[id]').style.display = 'none';'" type='"radio'" name='"visible_{$page["menu_name"]} '" value='"0'" checked='"checked'" /> No <input onclick='"javascript:document.getElementById('$page[id]').style.display = 'block';'" type='"radio'" name='"visible_{$page["menu_name"]} '"value='"1'" /> Yes";
//$output .= $counter = $counter+1;
}
$output .= "</ul>";
return $output;
}
?>
以下是该网站的链接:http://www.firetreegraphics.com/widget_corp-final/add_feature2.php
我将单选按钮上的name属性更改为计数器。我之所以将单选按钮名称属性设置为变量,是因为我已经动态创建了单选按钮,并且每组单选按钮都必须具有唯一的名称,否则所有集合都会链接在一起。
$name = $_POST['{$counter}'];
$featured_position = $_POST['featured_position'];
$query = "UPDATE pages SET
featured_position = '{$featured_position}'
WHERE menu_name = '{$name}'";
$result = mysql_query($query);
//echo($query);
var_dump($_REQUEST);
function list_all_pages(){
$output = "<ul>";
$counter = 0;
$page_set = get_all_pages();
while ($page = mysql_fetch_array($page_set)) {
$output .= "<li>{$page["menu_name"]}</li>";
$output .= " <div id='"$page[id]'" style='display: none'><select name='featured_position'><option value='1'>1</option><option value='2'>2</option><option value='3'>3</option></select></div>";
$output .= " <input onclick='"javascript:document.getElementById('$page[id]').style.display = 'none';'" type='"radio'" name='"$counter'" value='"0'" checked='"checked'" /> No <input onclick='"javascript:document.getElementById('$page[id]').style.display = 'block';'" type='"radio'" name='"$counter'" value='"1'" /> Yes";
$counter = $counter+1;
}
$output .= "</ul>";
return $output;
}
我希望您需要引用您的变量:
$query = "UPDATE pages SET
featured_position ='{$featured_position}'
WHERE menu_name = '{$name}'";
无论如何
您真的应该考虑移动到PDO
或mysqli_*
。它不仅可以帮助您编写更安全的代码(您的代码中目前存在SQL注入漏洞),还可以为您处理所有报价。
编辑:
$output .= " <div id='"$page[id]'" style='display: none'><select name='featured_position_{$counter}'><option value='1'>1</option><option value='2'>2</option><option value='3'>3</option></select></div>";
$output .= " <input onclick='"javascript:document.getElementById('$page[id]').style.display = 'none';'" type='"radio'" name='"visible_{$counter}'" value='"0'" checked='"checked'" /> No <input onclick='"javascript:document.getElementById('$page[id]').style.display = 'block';'" type='"radio'" name='"visible_{$counter}'" value='"1'" /> Yes";
我把这些单选按钮改名为"visible_";这将允许您在更新查询中使用页面的ID。我还重命名了select,所以每行都有自己的select,称为"featured_position_"。
我认为你必须有一个循环来检查每个值:
$page_set = get_all_pages();
while ($page = mysql_fetch_array($page_set)) {
$id = $_POST["visible_" . $page["id"]];
$featured_position = $_POST['featured_position_' . $page["id"];
$query = "UPDATE pages SET
featured_position = '{$featured_position}'
WHERE id = '{$name}'";
我认为那就足够了。
首先,PHP mysql API已被弃用,并且在很大程度上"不受推荐"。你应该使用MySQLi,好吧,你不必这样做,但它几乎是一样的,这就是我建议它的原因。
当我第一次看的时候,我在你的一个查询中看到了这个问题:
"UPDATE pages SET
featured_position = {$featured_position}
WHERE menu_name = {$name}";
假定{$name}
是一个字符串。因此,您的查询以WHERE menu_name = string
结尾,而它应该用引号括起来。
"UPDATE pages SET
featured_position = {$featured_position}
WHERE menu_name = '{$name}' ";