錯誤當更新MySQL數據庫和PHP

Question

我是新手，我想更新數據庫，當我提交表單更新記錄，我得到這個錯誤

Notice: Undefined index: idno in /Library/WebServer/Documents/practice/employee/edit_employee.php on line 6 Call Stack: 0.0001 633952 1. {main}() /Library/WebServer/Documents/practice/employee/edit_employee.php:0 

這是代碼

<?php 
require_once '../includes/configuration.php'; 

    if (!isset($_POST['enter'])) 
    { 
     $employee_id_passport = $_GET['idno']; 

     $sql_query = "SELECT * FROM employee_master WHERE employee_id_passport = '$employee_id_passport'"; 
     $result = mysql_query($sql_query, $connection); 
     $row = mysql_fetch_assoc($result); 


?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
"http:www.w3.org/TR/xhthml1/DTD/xhtml1-transitional.dtd"> 

<html xmls="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 

<head> 
    <title> </title> 

    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> 
    <link rel="stylesheet" type "text/css" href="styles/global.css" /> 
</head> 

<body> 
    <form name="view_employee" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" /> 
     Employee ID/Passport: <input type="text" name="id_passport" disabled="disabled" value="<?php echo $row['employee_id_passport']; ?>" /> <br /> 
     First Name: <input type="text" name="first_name" value="<?php echo $row['first_name']; ?>" /> <br /> 
     Surname: <input type="text" name="surname" value="<?php echo $row['surname']; ?>" /> <br /> 
     Mobile Number: <input type="text" name="mobile_number" value="<?php echo $row['mobile_number']; ?>"/> <br /> 
     <input type="submit" value="Enter" name="submit" /> 
    </form> 
</body> 

<html> 
<?php 
    } 
    else 
    { 
     $_POST['employee_id_passport'] = $employee_id_passport; 
     $_POST['first_name'] = $first_name; 
     $_POST['surname'] = $surname; 
     $_POST['mobile_number'] = $mobile_number; 

     $sql_query_update = "UPDATE employee_master SET first_name = '$first_name', SET surname = '$surname', SET mobile_number = '$mobile_number', WHERE employee_id_passport = '$employee_id_passport'"; 

     $result = mysql_query($sql_query_update, $connection); 
    } 


?> 

Answer 1

你的代碼中的一些錯誤。

• 永遠不要信任用戶輸入任何內容而不驗證和清理其數據。
• 始終針對錯誤或意外情況進行測試並採取相應措施。
• SQL命令中的WHERE子句之前沒有逗號。

嘗試以下：

<?php 

require_once '../includes/configuration.php'; 

if(!isset($_POST)){ 
# No Update Form Submission 
    if(isset($_GET['idno'])){ 
    # ID Number Set for Query 
    $employee_id_passport = mysql_real_escape_string($_GET['idno']); 
    $sql_query = "SELECT * FROM employee_master WHERE employee_id_passport = '$employee_id_passport'"; 
    if(!($result = mysql_query($sql_query , $connection))){ 
    # Query Failed 
    }elseif(mysql_num_rows($result)==0 || mysql_num_rows($result)>1){ 
    # Query Succeeded, but No Rows Returned OR More than One Row Returned 
    }else{ 
     $row = mysql_fetch_assoc($result); 
    } 
    }else{ 
    # No ID Number sent for Query 
    } 

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
    "http:www.w3.org/TR/xhthml1/DTD/xhtml1-transitional.dtd"> 
<html xmls="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 
<head> 
<title>Employee Search</title> 
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> 
<link rel="stylesheet" type "text/css" href="styles/global.css" /> 
</head> 

<body> 
<?php if($row){ ?> 
    <form name="view_employee" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" /> 
     Employee ID/Passport: <input type="text" name="id_passport" disabled="disabled" value="<?php echo $row['employee_id_passport']; ?>" /> <br /> 
     First Name: <input type="text" name="first_name" value="<?php echo $row['first_name']; ?>" /> <br /> 
     Surname: <input type="text" name="surname" value="<?php echo $row['surname']; ?>" /> <br /> 
     Mobile Number: <input type="text" name="mobile_number" value="<?php echo $row['mobile_number']; ?>"/> <br /> 
     <input type="submit" value="Enter" name="submit" /> 
    </form> 
<?php } ?> 
</body> 
<html> 
<?php 
} else { 
# Declare Error Holder 
    $error = array(); 
# Declare Field Holder 
    $field = array(); 
# Validate 
    if(!isset($_POST['employee_id_passport']) || $_POST['employee_id_passport']=='') 
    $error['employee_id_passport'] = 'No ID/Passport Set'; 
    elseif(!is_int($_POST['employee_id_passport'])) 
    $error['employee_id_passport'] = 'ID/Passport is not a Number'; 
    else 
    $field['employee_id_passport'] = mysql_real_escape_string($_POST['employee_id_passport']); 

    if(!isset($_POST['first_name']) || $_POST['first_name']=='') 
    $error['first_name'] = 'No First Name Set'; 
    else 
    $field['first_name'] = mysql_real_escape_string($_POST['first_name']); 

    if(!isset($_POST['surname']) || $_POST['surname']=='') 
    $error['surname'] = 'No First Name Set'; 
    else 
    $field['surname'] = mysql_real_escape_string($_POST['surname']); 

    if(!isset($_POST['mobile_number']) || $_POST['mobile_number']=='') 
    $error['mobile_number'] = 'No First Name Set'; 
    else 
    $field['mobile_number'] = mysql_real_escape_string($_POST['mobile_number']); 

    if(!count($error)){ 
    # Validation was Passed 
    $sql_query_update = "UPDATE employee_master 
          SET first_name = '{$field['first_name']}', 
          SET surname = '{$field['surname']}', 
          SET mobile_number = '{$field['mobile_number']}' 
         WHERE employee_id_passport = '{$field['$employee_id_passport']}'"; 
    if(!($result = mysql_query($sql_query_update, $connection))){ 
    # Update Query Failed 
    }else{ 
    # Update Query OK 
    } 
    } 

?> 

Answer 2

密鑰idno未在您的$ _GET超全局中設置。檢查您的查詢字符串&indo=。