我在尝试使用PHP脚本更新mySQL中的某些值时遇到了一些麻烦。当我尝试用下面的代码更新下列表格时(用户“Bob”已经输入了值来计算他们获得的总分数和百分比,但他的test3等级必须更新为100而不是先前的值90):
<html>
<head></head>
<body>
<form class="form" action="" method="post">
<?php
$mysqli = new mysqli('', '', '', '');
if(isset($_POST['calculate'])) {
$name = $_POST['name'];
$test1 = $_POST['test1'];
$test2 = $_POST['test2'];
$test3 = $_POST['test3'];
$obtained = ($test1 + $test2 + $test3);
$total = 300;
$percentage = round(($obtained/$total)*100);
$result = mysqli_query($mysqli, "INSERT INTO table1 (name, test1,
test2, test3, totalobtained, totalmarks, percent)
VALUES ('$name', '$test1', '$test2', '$test3',
'$obtained', '$total', '$percentage')");
}
$conn = mysqli_connect('', '', '', '');
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "UPDATE table1 SET test3='100', totalobtained='$obtained',
percent='$percentage' WHERE name='Bob'";
if (mysqli_query($conn, $sql)) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . mysqli_error($conn);
}
mysqli_close($conn);
?>
<table>
<tr>
<th>Name of Student*:</th>
<td><input type="text" name="name"></td>
</tr>
<tr>
<th>Test 1*:</th>
<td><input type="number" name="test1"></td>
</tr>
<tr>
<th>Test 2*:</th>
<td><input type="number" name="test2"></td>
</tr>
<tr>
<th>Test 3*:</th>
<td><input type="number" name="test3"></td>
</tr>
<tr>
<th>Total Marks Obtained:</th>
<td><?php if(isset($_POST['calculate'])) { echo "$obtained";}?>
</td>
</tr>
<tr>
<th>Total Marks:</th>
<td><?php if(isset($_POST['calculate'])) { echo "$total";}?>
</td>
</tr>
<tr>
<th>Percentage:</th>
<td><?php if(isset($_POST['calculate'])) { echo "$percentage",
'%';}?></td>
</tr>
<tr>
<th><input type="submit" name="calculate" value="Calculate"/>
</th>
</tr>
</table>
</form>
</body>
</html>
它更新测试3与测试总成绩为100从以前的得分为90,但是,它不拉以前的考试成绩来重新计算所获得的总计和百分比。因此,它将更新的总数和百分比更新为0.一些帮助将被赞赏,因为我对mySQL和PHP很新颖。谢谢!
上表:
+----+-------+-------+-------+-------+----------------+-------------+---------+
| id | name | test1 | test2 | test3 | totalobtained | totalmarks | percent |
+----+-------+-------+-------+-------+----------------+-------------+---------+
| 7 | Bob | 100 | 100 | 90 | 290 | 500 | 96 |
+----+-------+-------+-------+-------+----------------+-------------+---------+
更新表与UPDATE语句:
+----+-------+-------+-------+-------+----------------+-------------+---------+
| id | name | test1 | test2 | test3 | totalobtained | totalmarks | percent |
+----+-------+-------+-------+-------+----------------+-------------+---------+
| 7 | Bob | 100 | 100 | 100 | 0 | 500 | 0 |
+----+-------+-------+-------+-------+----------------+-------------+---------+
您的代码易受[** SQL注入**](https://en.wikipedia.org/wiki/SQL_injection)攻击。你应该使用[** mysqli **](https://secure.php.net/manual/en/mysqli.prepare.php)或[** PDO **](https://secure.php.net/ manual/en/pdo.prepared-statements.php)准备带有绑定参数的语句,如[**这篇文章**]所述(https://stackoverflow.com/questions/60174/how-can-i-prevent-sql步喷射功能于PHP)。 –
在GET请求的情况下,这个命令'$ sql =“更新table1 SET test3 ='100',totalobtained ='$获得', percent ='$ percentage'WHERE name ='Bob'”;'将把totalobtained &百分比为0.因为它们尚未初始化。你需要什么? –
@AgamBanga嗯。那是我坚持的地方。我如何获得总数以及将$ test1,$ test2和$ test3更新到其计算中的百分比。我是mySQL和PHP的新手,所以我不确定我会如何做到这一点? – AmateurCoder