1. 首页
  2. 问答
  3. MYSQL:如何“重新排序”与已停用的idno表?

MYSQL:如何“重新排序”与已停用的idno表?

2011-06-06 36 views
0

以下代码假定idno(主键)继续并从1开始。
但是,我将该ID设置为自动增量和可删除。
随着时间的推移,idno可能不会从1开始,可能会停止。
我该如何修改代码来应对这种情况?MYSQL:如何“重新排序”与已停用的idno表?

的jQuery:

$(document).ready(function(){ 
    function slideout(){ 
    setTimeout(function(){ 
     $("#response").slideUp("slow", function() { 
    }); 
    }, 2000); 
} 

$("#response").hide(); 
$(function() { 
    $("#list ul").sortable({ opacity: 0.8, cursor: 'move', update: function() { 

    var order = $(this).sortable("serialize") + '&update=update'; 
    $.post("updateList.php", order, function(theResponse){ 
     $("#response").html(theResponse); 
     $("#response").slideDown('slow'); 
     slideout(); 
    }); 
    }         
});});});

HTML

<body> 
<div id="container"> 
<div id="list"> 

<div id="response"> </div> 
<ul> 
<?php 
    include("connect.php"); 
    // $query = "SELECT id, text FROM dragdrop ORDER BY listorder ASC"; 
    $query = "SELECT id, name, type FROM project_list ORDER BY 'order' ASC"; 
    $result = mysql_query($query); 
    while($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
    { 
    $id = stripslashes($row['id']); 
    $name = stripslashes($row['name']); 
    $type = stripslashes($row['type']); 

?> 
<li id="arrayorder_<?php echo $id ?>"> <?php echo $name?> <?php echo $type; ?> 
<div class="clear"></div> 
</li> 
<?php 
    } 
?> 
</ul> 
</div> 
</div> 
</body>

updateList.php

<?php 
    include("connect.php"); 
    $array = $_POST['arrayorder']; 

    if ($_POST['update'] == "update") { 
    $count = 1; 
    foreach ($array as $idval) { 
     $query = "UPDATE project_list SET 'order' = " . $count . " WHERE id = " . $idval; 
     mysql_query($query) or die('Error, insert query failed'); 
     $count ++;  
    } 
    echo 'Updated!'; 
    } 
?>

来源

2011-06-06 Feng-Chun Ting

+0

此代码有一个错误:'“SELECT id,name,type FROM project_list ORDER BY'order'ASC”'。使用反引号'而不是正常的蜱虫。 – Johan 2011-06-06 17:56:13

回答

0

您有SQL注入孔(我听说SONY正在招聘)。

改变最后的代码块到:

<?php 
include("connect.php"); 
$array = mysql_real_escape_string($_POST['arrayorder']); 

if ($_POST['update'] == "update"){ 

    $count = 1; 
    foreach ($array as $idval) { 
    $query = "UPDATE project_list SET `order` = '$count' WHERE id = '$idval'"; 
    mysql_query($query) or die('Error, update query failed'); 
    $count ++; 
    } 
    echo 'Updated!'; 
} 
?>

这将解决SQL注入漏洞。请注意,将注入字段与'单引号或mysql_real_escape_string()不起作用是非常重要的!

order之类的保留字还需要反引号`,而不是单引号。

来源

2011-06-06 18:03:06 Johan

+0

SET @ newid = 0; update table_name set id =(SELECT @newid:= @ newid + 1); – 2011-06-07 16:05:34

+0

http://jsfiddle.net/tp9Rz/ – 2011-06-08 16:19:49

相关问题

 相关问题