duanlu9557 2016-01-09 22:38
浏览 48
已采纳

为什么我的更新声明和表单不起作用?

I am relatively new to php. In the following code, I am trying to UPDATE the users 'dietID' (their current diet, of which they selected when they registered) so that it changes their dietID stored in the users database. However upon pressing the 'Change' submit button, nothing happens and nothing gets updated. Can anybody understand why?

Form processing code:

<?php 
if(trim($_POST['submit']) == "Change") {
        require_once("connect.php");
        if (!$db_server) {
            die("Unable to connect to MySQL: " . mysqli_connect_error($db_server));
        } else {
            mysqli_select_db($db_server, $db_database) or die("<h1>Couldn't find db</h1>");
            //UPDATE records of users table
            $query="UPDATE users SET dietID=".$dietopt." WHERE ID= $sess_userID";
            mysqli_query($db_server, $query) or die("Update failed" . mysqli_error($db_server));   
        }
        require_once("db_close.php");
    } else {
        $message= "Your diet has been updated";
}

?>

Form:

Would you like to change what your current diet is? Please select one
<br>
<form action="account.php" method="post">
<td><input type="radio" name="dietopt" value="Meat-eater"/>Meat-eater</td>
<tr>
<td><input type="radio" name="dietopt" value="Vegetarian"/>Vegetarian</td></tr>
<tr>
<td><input type="radio" name="dietopt" value="Vegan"/>Vegan</td></tr>
<br>
<input type="submit" name="Change" value="Change">
<br>
    </form>

and the session variable created on the register page (not in any format, copy and pasted from snippets of the entire code of the register page):

$dietopt = $row['dietID'];

$_SESSION['diet'] = $dietopt;

$dietopt= trim($_POST['dietopt']);
  • 写回答

1条回答 默认 最新

  • dongyou7292 2016-01-10 00:28
    关注

    Some things to correct:

    First the name of the submit button is "Change", so you should change:

    if(trim($_POST['submit']) == "Change") {

    by:

    if(trim($_POST['Change']) == "Change") {

    Secondly, the value of $dietopt will be a string, like "Vegan" and thus needs to be quoted. If this is indeed what you expect, then replace this line:

     $query="UPDATE users SET dietID=".$dietopt." WHERE ID= $sess_userID";

    By:

     $query="UPDATE users 
         SET dietID='"
            .mysqli_real_escape_string($db_server,$_POST['dietopt']). "'
         WHERE ID= $sess_userID";

    I used $_POST['dietopt'] here, but if you are sure the value of $dietopt is correctly set, you can use that instead.

    The call to mysqli_real_escape_string protects against SQL injection via that value. I would advise to use prepared statements instead.

    Finally, there is also something wrong with where you set the $message variable: it currently sets it when the user gets to this page without having submitted anything. Instead it should be set right after the successful update. So remove this:

    } else {
    $message= "Your diet has been updated";

    And add the message assignment after the query, like this:

        mysqli_query($db_server, $query) or die("Update failed" . mysqli_error($db_server));   
    $message= "Your diet has been updated";

    Then, you should actually display that message somewhere. This depends on what else you want to display, but you could simply add to the end of your PHP block (before the closing ?>) the following:

     if (isset($message)) {
      echo "<h4 style='color:green'>$message</h4>";
 }

    ...or use whatever HTML and style you want.

    To close, one final remark:

    Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 iOS 自定义输入法-第三方输入法
  • ¥15 很想要一个很好的答案或提示
  • ¥15 扫描项目中发现AndroidOS.Agent、Android/SmsThief.LI!tr
  • ¥15 怀疑手机被监控,请问怎么解决和防止
  • ¥15 Qt下使用tcp获取数据的详细操作
  • ¥15 idea右下角设置编码是灰色的
  • ¥15 全志H618ROM新增分区
  • ¥15 在grasshopper里DrawViewportWires更改预览后,禁用电池仍然显示
  • ¥15 NAO机器人的录音程序保存问题
  • ¥15 C#读写EXCEL文件,不同编译