1. 首頁
  2. 問答
  3. MYSQL:如何「重新排序」與已停用的idno表?

MYSQL:如何「重新排序」與已停用的idno表?

2011-06-06 35 views
0

以下代碼假定idno(主鍵)繼續並從1開始。
但是,我將該ID設置爲自動增量和可刪除。
隨着時間的推移,idno可能不會從1開始,可能會停止。
我該如何修改代碼來應對這種情況?MYSQL:如何「重新排序」與已停用的idno表?

的jQuery:

$(document).ready(function(){ 
    function slideout(){ 
    setTimeout(function(){ 
     $("#response").slideUp("slow", function() { 
    }); 
    }, 2000); 
} 

$("#response").hide(); 
$(function() { 
    $("#list ul").sortable({ opacity: 0.8, cursor: 'move', update: function() { 

    var order = $(this).sortable("serialize") + '&update=update'; 
    $.post("updateList.php", order, function(theResponse){ 
     $("#response").html(theResponse); 
     $("#response").slideDown('slow'); 
     slideout(); 
    }); 
    }         
});});});

HTML

<body> 
<div id="container"> 
<div id="list"> 

<div id="response"> </div> 
<ul> 
<?php 
    include("connect.php"); 
    // $query = "SELECT id, text FROM dragdrop ORDER BY listorder ASC"; 
    $query = "SELECT id, name, type FROM project_list ORDER BY 'order' ASC"; 
    $result = mysql_query($query); 
    while($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
    { 
    $id = stripslashes($row['id']); 
    $name = stripslashes($row['name']); 
    $type = stripslashes($row['type']); 

?> 
<li id="arrayorder_<?php echo $id ?>"> <?php echo $name?> <?php echo $type; ?> 
<div class="clear"></div> 
</li> 
<?php 
    } 
?> 
</ul> 
</div> 
</div> 
</body>

updateList.php

<?php 
    include("connect.php"); 
    $array = $_POST['arrayorder']; 

    if ($_POST['update'] == "update") { 
    $count = 1; 
    foreach ($array as $idval) { 
     $query = "UPDATE project_list SET 'order' = " . $count . " WHERE id = " . $idval; 
     mysql_query($query) or die('Error, insert query failed'); 
     $count ++;  
    } 
    echo 'Updated!'; 
    } 
?>

來源

2011-06-06 Feng-Chun Ting

+0

此代碼有一個錯誤:'「SELECT id,name,type FROM project_list ORDER BY'order'ASC」'。使用反引號'而不是正常的蜱蟲。 – Johan 2011-06-06 17:56:13

回答

0

您有SQL注入孔(我聽說SONY正在招聘)。

改變最後的代碼塊到:

<?php 
include("connect.php"); 
$array = mysql_real_escape_string($_POST['arrayorder']); 

if ($_POST['update'] == "update"){ 

    $count = 1; 
    foreach ($array as $idval) { 
    $query = "UPDATE project_list SET `order` = '$count' WHERE id = '$idval'"; 
    mysql_query($query) or die('Error, update query failed'); 
    $count ++; 
    } 
    echo 'Updated!'; 
} 
?>

這將解決SQL注入漏洞。請注意,將注入字段與'單引號或mysql_real_escape_string()不起作用是非常重要的!

order之類的保留字還需要反引號`,而不是單引號。

來源

2011-06-06 18:03:06 Johan

+0

SET @ newid = 0; update table_name set id =(SELECT @newid:= @ newid + 1); – 2011-06-07 16:05:34

+0

http://jsfiddle.net/tp9Rz/ – 2011-06-08 16:19:49

相關問題

 相關問題