2015-09-06 8 views
0

我有以下變量列表,我試圖將這些傳遞給sql UPDATE語句。將變量傳遞給mysql語句

但更新語句不起作用,我意識到ID值沒有被sql語句檢測到。

我應該怎麼做呢?

形式:

<table class="table table-striped table-bordered table-hover" id="dataTables-example" data-pagination="true"> 
            <form name="form1" method="post" action="processUpdateAccount.php"> 
            <thead> 
             <tr> 
              <th>Name</th> 
              <th>Account</th> 
              <th>Email Address</th> 
              <th>Contact</th> 
              <th>Country</th> 
              <th>Town</th> 
              <th>Address</th> 
              <th>Postal Code</th> 
              <th>Action</th> 
             </tr> 
            </thead> 

            <tbody> 
             <tr class="gradeU"> 
              <td> 
               <input name="userName" type="text" id="userName" value="<? echo $rowsUsers['name']; ?>" required> 
              </td> 
              <td> 
               <input name="userAccount" type="text" id="userAccount" value="<? echo $rowsUsers['account']; ?>" required> 
              </td> 
              <td> 
               <input name="userEmail" type="text" id="userEmail" value="<? echo $rowsUsers['email']; ?>" required> 
              </td> 
              <td> 
               <input name="userPhone" type="text" id="userPhone" value="<? echo $rowsUsers['phone']; ?>" required> 
              </td> 
              <td> 
               <input name="userCountry" type="text" id="userCountry" value="<? echo $rowsUsers['country']; ?>" required> 
              </td> 
              <td> 
               <input name="userTown" type="text" id="userTown" value="<? echo $rowsUsers['town']; ?>" required> 
              </td> 
              <td> 
               <input name="userAddress" type="text" id="userAddress" value="<? echo $rowsUsers['address']; ?>" required> 
              </td> 
              <td> 
               <input name="userPostalCode" type="text" id="userPostalCode" value="<? echo $rowsUsers['postalCode']; ?>" required> 
              </td> 

              <!-- link to updateAccount.php and send value of ID --> 
              <td> 
               <input type="submit" name="Submit" value="Update"> 
              </td> 

              <input name="userId" type="hidden" id="userId" value="<? echo $rows['Id'];?>"> 
              <input name="userPassword" type="hidden" id="userPassword" value="<? echo $rows['password'];?>"> 
              </form> 
             </tr> 
            </tbody> 
           </table> 

processUpdateAccount.php

if (isset($_POST['userId']) > 0) 
     { 
      // query db 
      $Id = $_POST['userId']; 
      $name = $_POST['userName']; 
      $account = $_POST['userAccount']; 
      $email = $_POST['userEmail']; 
      $phone = $_POST['userPhone']; 
      $country = $_POST['userCountry']; 
      $town = $_POST['userTown']; 
      $address = $_POST['userAddress']; 
      $postalCode = $_POST['userPostalCode']; 
      $password = $_POST['userPassword']; 

      $sql="UPDATE users SET email='$email', password='$password', account='$account', phone='$phone', country='$country', town='$town', address='$address', postalCode='$postalCode', name='$name' WHERE id='$Id'"; 
      $result=mysql_query($sql); 
      $result = mysql_query("UPDATE users SET name='testing' WHERE Id='28'"); 

      if($result) 
      { 
       echo '<META HTTP-EQUIV="Refresh" Content="0; URL=manageAccounts.php?msg=1">'; 
      } 
      else 
      { 
       echo '<META HTTP-EQUIV="Refresh" Content="0; URL=updateAccount.php?Id=' . $Id .'&msg=2">'; 
      } 
     } 
+0

可以共享的HTML表單? – RamRaider

+0

分享表格 –

+0

隱藏的輸入'userid'有一個值'$ rows ['Id']'和一個隱藏的值'$ rows ['password']',但其他字段使用'$ rowsUsers'。順便說一句,爲什麼你將用戶的密碼添加爲隱藏值? – RamRaider

回答

2

你獲取一切從$rowsUsers else和ID從$rows因此這可能是非常錯字這使你的ID空。

echo $rows['Id']; 

最有可能是

echo $rowUsers['Id']; 
0

使用PDO - 它比你採用的方法更安全。 This page是一個很好的介紹。特別看看準備好的陳述部分。所以你的情況,在連接到數據庫後,你會碰到這樣的:

$data = array('name'=>$name,'account'=>$account, [...] , 'id' => $id); 
$sth = $db->("UPDATE users SET name = :name, account = :account WHERE id = :id"); 
$sth->execute($data);