1. 首页
  2. 问答
  3. 从用户输入更新数据库php

从用户输入更新数据库php

2016-02-29 74 views
0

我有一个名为users的表的数据库,这个表的一列被称为depot_location。如果用户想要更改位置,则会显示此用户。从用户输入更新数据库php

<?php include("includes/header.php") ?> 

    <div class="col-lg-6 col-lg-offset-3 col-md-6 col-md-offset-3"> 
     <div class="alert-placeholder"> 

      <?php display_message(); ?> 

      <?php update_depot(); ?> 

     </div> 
    </div> 
    <div class="row"> 
     <div class="col-md-6 col-md-offset-3"> 
      <div class="panel panel-login"> 
       <div class="panel-heading"> 
        <div class="row"> 

         <div class="col-xs-12"> 
          <h3>Update Depot Location</h3> 
         </div> 
        </div> 
        <hr> 
       </div> 
       <div class="panel-body"> 
        <div class="row"> 
         <div class="col-lg-12"> 
          <form id="register-form" method="post" role="form" > 
           <div class="form-group"> 
            <select name="depot_location" id="depot_location" tabindex="1" class="form-control" value="" required> 
             <option value="" disabled="disabled" selected="selected">Please select a drop-off location</option> 
             <option value="Cork">Cork</option> 
             <option value="Waterford">Waterford</option> 
             <option value="Limerick">Limerick</option> 
             <option value="Dublin">Dublin</option> 
             <option value="Galway">Galway</option> 
            </select> 
           </div> 
            <div class="row"> 
             <div class="col-sm-6 col-sm-offset-3"> 
              <input type="submit" name="reset-password-submit" id="reset-password-submit" tabindex="4" class="form-control btn btn-register" value="Reset Password"> 
             </div> 
            </div> 
           </div> 
          </form> 
         </div> 
        </div> 
       </div> 
      </div> 
     </div> 
    </div>

于是,他们从下拉菜单中选择新的位置和想法是它更新数据库。这是我的PHP代码,但它不起作用。

/****************************Update Depot Location Function********************************/ 

function update_depot() { 

if(isset($_GET['email'])) { 

    if($_POST['depot_location']) { 

      $updated_depot_location = ($_POST['depot_location']); 
      $sql = "UPDATE users SET depot_location = '".escape($updated_depot_location)."', WHERE email = '".escape($_GET['email'])."'"; 
      query($sql); 

      set_message("<p class='bg-success text-center'>Your depot location has been updated.</p>"); 

      redirect("change.php"); 

     } else { 

      echo validation_errors("Could not change depot location please try again."); 

     } 

} 

}

当提交按钮被点击时,没有任何反应,似乎刷新页面。我不知道为什么它不工作。

来源

2016-02-29 Lewk

+0

你检查,如果你在查询中获取值。 “逃避”是做什么的? –

+0

它逃脱了字符串,所以它更安全的使用,防止mysql注入 – Lewk

+0

'if(isset($ _ GET ['email']))' – miken32

回答

0

我看到了一个逗号在您的更新SQL

$sql = "UPDATE users SET depot_location = '".escape($updated_depot_location)."', WHERE email = '".escape($_GET['email'])."'";

删除逗号,然后再试一次

$sql = "UPDATE users SET depot_location = '".escape($updated_depot_location)."' WHERE email = '".escape($_GET['email'])."'";

来源

2016-02-29 20:31:29 Orion

相关问题

 相关问题