使用$ _POST值更新查询

I am trying to show user information using a small PHP script, called myinfo.php. The relevant part of which is shown below:

    while($return = mysql_fetch_assoc($result)) {
    echo "<form action=UpdateInfo.php method=post>";
    echo "<p id=greeting> Hi ".$return['FirstName'].", below is all of your personal information: </p>";
    echo '<p> First Name: <input type="text" name="firstname" value= "'.$return['FirstName'].'"/></p>';
    echo '<p> Surname: <input type="text" name="surname" value= "'.$return['Surname'].'" /></p>';
    echo '<p> House Number: <input type="number" name="housenumber" value= "'.$return['HouseNumber'].'"/></p>';
    echo '<p> Address Line One: <input type=text name="addressone" value= "'.$return['AddressLineOne'].'" /></p>';
    echo '<p> Address Line Two: <input type=text name="addresstwo" value= "'.$return['AddressLineTwo'].'" /></p>';
    echo '<p> County: <input type=text name="county" value= "'.$return['County'].'" /></p>';
    echo '<p> Phone Number: <input type=number name="phonenumber" value= "' .$return['PhoneNumber'].'" /></p>';
    echo '<p> Email: <input type=email name="email" value= "'.$return['Email'].'" /></p>';
    echo '<p> Username: <input type=text name="username" value= "'.$return['Username'].'" /></p>';
    echo '<p> Password: <input type=password name="password" value= "'.$return['Password'].'" /></p>';
    echo '<p> User Type: <input type="text" name="usertype" value= "'.$return['UserType'].'" /></p>';
    echo '<input id="submit" type="submit" value="Update Info" />';
    echo "</form>";
}

The input values are all pre filled with the users own information so the user can edit the input values and then click on the "update info" submit button in order to update his/her info. Once this button is clicked the user is sent to the "updateinfo.php" page where they have to confirm the change in information and are shown the changes they are about to make, as shown below:

    echo '<p id="confirmation">Are you sure you wish to make the following changes to your personal information?</p>';
    echo '<form action="CompleteUpdate.php" method="post">';   
    echo "<p>First Name: " . $_POST["firstname"] . "</p>";
    echo "<p>Surname: " . $_POST["surname"] . "</p>";
    echo "<p>House Number: " . $_POST["housenumber"] . "</p>";
    echo "<p>Address Line One: " . $_POST["addressone"] . "</p>";
    echo "<p>Address Line Two: " . $_POST["addresstwo"] . "</p>";
    echo "<p>County: " . $_POST["county"] . "</p>";
    echo "<p>Phone Number: " . $_POST["phonenumber"] . "</p>";
    echo "<p>Email: " . $_POST["email"] . "</p>";
    echo "<p>Username: " . $_POST["username"] . "</p>";
    echo "<p>Password: " . $_POST["password"] . "</p>";
    echo "<p>Usertype: " . $_POST["usertype"] . "</p>";
    echo '<input id="submit" type="submit" value="Update Info" /></form>';
    echo '<form action="CancelUpdate.php"><input id="submit" type="submit" value="Cancel" /></form>';

Here the user now clicks the "update info" button or decides to cancel the update. If the update info button is clicked the following PHP script is invoked:

    $sql=("UPDATE completeinfo SET FirstName='$_POST[firstname]', Surname='$_POST[surname]', AddressLineOne='$_POST[addresslineone]', AddressLineTwo='$_POST[addresslinetwo]', County='$_POST[county]', Email='$_POST[email]', Username='$_POST[username]', Password=SHA1('$_POST[password]'), UserType='$_POST[usertype]' WHERE Username='".$_SESSION['username']."'");

The problem I am having is that the update query instead of replacing the old values with the new ones, represented by the $_POST values, it now leaves them completely blank. The query knows exactly where to edit in my database so I must presume the "where" clause is working but for some reason $_POST is not fetching the correct values in the query, even though it works perfectly well in the previous PHP scripts. Any ideas how to solve this problem would be greatly appreciated. Thanks

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douqiao1983 2014-02-18 19:14
关注
First of all, you should avoid using mysql_ functions (instead, see PDO or mysqli)
This way, you will be able to secure your queries.

Anyway, your query here should look like this:

$sql = "UPDATE completeinfo SET FirstName='".$_POST['firstname']."', Surname='".$_POST['surname']."', AddressLineOne='".$_POST['addresslineone']."', AddressLineTwo='".$_POST['addresslinetwo']."', County='".$_POST['county']."', Email='".$_POST['email']."', Username='".$_POST['username']."', Password=SHA1('".$_POST['password']."'), UserType='".$_POST['usertype']."' WHERE Username='".$_SESSION['username']."'";

Don't go crazy with single/double quotes. It's only a good way to concatenate

Also, on updateinfo.php, don't display POST data like you do. Instead, store them in input fields (type hidden). This way, data will be send to the page where you're executing sql query
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(1条)

报告相同问题？

关注问题

如何在php中修改$ _post数据？ html php
2015-04-27 11:56

回答 5 已采纳 $array1= array(); $array2= array(); foreach($_POST as $key => $value){ echo $ke
isset（$ _ POST）是否正确使用？ php
2012-12-26 09:51

回答 6 已采纳 Will it always return true? Yes, even if the page was opened using GET method or nothing was
使用$ _POST获取<option>的值会给出文本 html php
2013-06-28 16:40

回答 4 已采纳 here you need to correct php code, as it is not parsing the values properly. Put values under quot
PHP图片上传时$_FILES为空解决
2016-06-12 00:15

jetgoole的博客我们做图片上传时，...第一种情况下：$_FILES的值不为空，可能是因为$_FILES本身是数组的原因，无论你是否选择了文件，$_FILES['file']['error']的是有值的，正常下，他值是0，非正常下，他的值是相应错误的代码
为什么$__POST['width']前后要加两个点，还要加单引号? php
2017-07-14 01:22

回答 2 已采纳 ``` 点是php字符串连接的符号，和其他语言的字符串连接不一样，如C#，js是+号，vbs是& 这么基础的，楼主去找本基础的php书来看 ```
PHP $ _POST没有得到值 php
2010-09-12 19:26

回答 2 已采纳 Ok, that was something stupid: I wrote: <input name="Nume" class="form" type="style6" id="Nume
检查$ _POST是否存在和值 php
2013-02-14 15:52

回答 3 已采纳 if(isset($_POST['data']['header']) && $_POST['data']['header'] == 'h1') { // blah } Should d
上传文件时$_FILES为空，可能的原因及解决方法
2019-10-04 06:37

weixin_30596343的博客上传视频的时候打印$_FILES为空，小的文件就没问题，后来发现是因为传的文件太大，出现这个问题的原因主要有两个：表单原因或者php设置原因：1，表单类型：上传文件的表单编码类型必须设置成 enctype="multipart/...
表单提交后$ _post仍为空 intellij-idea php
2016-02-05 12:28

回答 1 已采纳 IntelliJ is not mapped to the MAMP server. That's why php is interpreted but POST does not work. I
变量中有多个$ _POST变量 php
2012-03-12 22:24

回答 2 已采纳 $message = 'Comment: ' . $_POST['comment'] . ' Tel: ' . $_POST['tel'];
PHP $_POST获取的数据显示 Undefined array key 是什么原因呢 javascript php
2021-10-17 13:25

回答 3 已采纳知不知道explode的用法explode，接收一个字符串，你这个里面是根据 @转换成数组你前端传的数据是数组类型，explode怎么执行？把前端第四行 new Array 去掉
使用PHP接收POST数据,解析json数据
2020-12-19 12:50

php $json_string = $_POST[“txt_json”]; if(ini_get(“magic_quotes_gpc”)==”1″) { $json_string=stripslashes($json_string); } $user = json_decode($json_string); echo var_dump($user);?>在这...
为什么PHP无法从Js FormData获取$ _POST数据？ php
2019-04-22 03:33

回答 2 已采纳 Can you try to run this code in your local machine? Make a file name 55788817.php and paste this
ElscticSearch基础操作_elticsearch9，阿里大数据开发岗面试百题
2024-04-21 20:30

阮康成的博客使用Get进行主键查询,在_doc后面添加主键ID,即可查询当前主键的内容,source中的内容就是doc的内容,在关系型数据库中就相当于查询了一行。q=category:小米。这里的字段排序是有问题的,排序对于字段类型有一定的要求,...
$GET $POST 和 $REQUEST
2012-05-29 11:41

林子木的博客首先先来区分下$_GET 和 $_POST 不是非常官方的定义，是自己在实践中总结出来的，仅供参考。 $_GET 很直观，可以理解为从服务器得到数据，一旦你使用了$_GET 那么你的数据就会添加到URL后面，如 ...
没有解决我的问题, 去提问

悬赏问题

¥15 改算法，照着压缩包里边，参考其他代码封装的格式写到main函数里
¥15 用windows做服务的同志有吗
¥60 求一个简单的网页(标签-安全|关键词-上传)
¥35 lstm时间序列共享单车预测，loss值优化，参数优化算法
¥15 Python中的request，如何使用ssr节点，通过代理requests网页。本人在泰国，需要用大陆ip才能玩网页游戏，合法合规。
¥100 为什么这个恒流源电路不能恒流？
¥15 有偿求跨组件数据流路径图
¥15 写一个方法checkPerson，入参实体类Person，出参布尔值
¥15 我想咨询一下路面纹理三维点云数据处理的一些问题，上传的坐标文件里是怎么对无序点进行编号的，以及xy坐标在处理的时候是进行整体模型分片处理的吗
¥15 一直显示正在等待HID—ISP

使用$ _POST值更新查询

2条回答 默认 最新

悬赏问题

2条回答默认最新