1. 首頁
  2. 問答
  3. 從用戶輸入更新數據庫php

從用戶輸入更新數據庫php

2016-02-29 75 views
0

我有一個名爲users的表的數據庫,這個表的一列被稱爲depot_location。如果用戶想要更改位置,則會顯示此用戶。從用戶輸入更新數據庫php

<?php include("includes/header.php") ?> 

    <div class="col-lg-6 col-lg-offset-3 col-md-6 col-md-offset-3"> 
     <div class="alert-placeholder"> 

      <?php display_message(); ?> 

      <?php update_depot(); ?> 

     </div> 
    </div> 
    <div class="row"> 
     <div class="col-md-6 col-md-offset-3"> 
      <div class="panel panel-login"> 
       <div class="panel-heading"> 
        <div class="row"> 

         <div class="col-xs-12"> 
          <h3>Update Depot Location</h3> 
         </div> 
        </div> 
        <hr> 
       </div> 
       <div class="panel-body"> 
        <div class="row"> 
         <div class="col-lg-12"> 
          <form id="register-form" method="post" role="form" > 
           <div class="form-group"> 
            <select name="depot_location" id="depot_location" tabindex="1" class="form-control" value="" required> 
             <option value="" disabled="disabled" selected="selected">Please select a drop-off location</option> 
             <option value="Cork">Cork</option> 
             <option value="Waterford">Waterford</option> 
             <option value="Limerick">Limerick</option> 
             <option value="Dublin">Dublin</option> 
             <option value="Galway">Galway</option> 
            </select> 
           </div> 
            <div class="row"> 
             <div class="col-sm-6 col-sm-offset-3"> 
              <input type="submit" name="reset-password-submit" id="reset-password-submit" tabindex="4" class="form-control btn btn-register" value="Reset Password"> 
             </div> 
            </div> 
           </div> 
          </form> 
         </div> 
        </div> 
       </div> 
      </div> 
     </div> 
    </div>

於是,他們從下拉菜單中選擇新的位置和想法是它更新數據庫。這是我的PHP代碼,但它不起作用。

/****************************Update Depot Location Function********************************/ 

function update_depot() { 

if(isset($_GET['email'])) { 

    if($_POST['depot_location']) { 

      $updated_depot_location = ($_POST['depot_location']); 
      $sql = "UPDATE users SET depot_location = '".escape($updated_depot_location)."', WHERE email = '".escape($_GET['email'])."'"; 
      query($sql); 

      set_message("<p class='bg-success text-center'>Your depot location has been updated.</p>"); 

      redirect("change.php"); 

     } else { 

      echo validation_errors("Could not change depot location please try again."); 

     } 

} 

}

當提交按鈕被點擊時,沒有任何反應,似乎刷新頁面。我不知道爲什麼它不工作。

來源

2016-02-29 Lewk

+0

你檢查,如果你在查詢中獲取值。 「逃避」是做什麼的? –

+0

它逃脫了字符串,所以它更安全的使用,防止mysql注入 – Lewk

+0

'if(isset($ _ GET ['email']))' – miken32

回答

0

我看到了一個逗號在您的更新SQL

$sql = "UPDATE users SET depot_location = '".escape($updated_depot_location)."', WHERE email = '".escape($_GET['email'])."'";

刪除逗號,然後再試一次

$sql = "UPDATE users SET depot_location = '".escape($updated_depot_location)."' WHERE email = '".escape($_GET['email'])."'";

來源

2016-02-29 20:31:29 Orion

相關問題

 相關問題