duanlu9557 2016-01-09 22:38
浏览 48
已采纳

为什么我的更新声明和表单不起作用?

I am relatively new to php. In the following code, I am trying to UPDATE the users 'dietID' (their current diet, of which they selected when they registered) so that it changes their dietID stored in the users database. However upon pressing the 'Change' submit button, nothing happens and nothing gets updated. Can anybody understand why?

Form processing code:

<?php 
if(trim($_POST['submit']) == "Change") {
        require_once("connect.php");
        if (!$db_server) {
            die("Unable to connect to MySQL: " . mysqli_connect_error($db_server));
        } else {
            mysqli_select_db($db_server, $db_database) or die("<h1>Couldn't find db</h1>");
            //UPDATE records of users table
            $query="UPDATE users SET dietID=".$dietopt." WHERE ID= $sess_userID";
            mysqli_query($db_server, $query) or die("Update failed" . mysqli_error($db_server));   
        }
        require_once("db_close.php");
    } else {
        $message= "Your diet has been updated";
}

?>

Form:

Would you like to change what your current diet is? Please select one
<br>
<form action="account.php" method="post">
<td><input type="radio" name="dietopt" value="Meat-eater"/>Meat-eater</td>
<tr>
<td><input type="radio" name="dietopt" value="Vegetarian"/>Vegetarian</td></tr>
<tr>
<td><input type="radio" name="dietopt" value="Vegan"/>Vegan</td></tr>
<br>
<input type="submit" name="Change" value="Change">
<br>
    </form>

and the session variable created on the register page (not in any format, copy and pasted from snippets of the entire code of the register page):

$dietopt = $row['dietID'];

$_SESSION['diet'] = $dietopt;

$dietopt= trim($_POST['dietopt']);
  • 写回答

1条回答 默认 最新

  • dongyou7292 2016-01-10 00:28
    关注

    Some things to correct:

    First the name of the submit button is "Change", so you should change:

    if(trim($_POST['submit']) == "Change") {
    

    by:

    if(trim($_POST['Change']) == "Change") {
    

    Secondly, the value of $dietopt will be a string, like "Vegan" and thus needs to be quoted. If this is indeed what you expect, then replace this line:

     $query="UPDATE users SET dietID=".$dietopt." WHERE ID= $sess_userID";
    

    By:

     $query="UPDATE users 
             SET dietID='"
                .mysqli_real_escape_string($db_server,$_POST['dietopt']). "'
             WHERE ID= $sess_userID";
    

    I used $_POST['dietopt'] here, but if you are sure the value of $dietopt is correctly set, you can use that instead.

    The call to mysqli_real_escape_string protects against SQL injection via that value. I would advise to use prepared statements instead.

    Finally, there is also something wrong with where you set the $message variable: it currently sets it when the user gets to this page without having submitted anything. Instead it should be set right after the successful update. So remove this:

    } else {
        $message= "Your diet has been updated";
    

    And add the message assignment after the query, like this:

        mysqli_query($db_server, $query) or die("Update failed" . mysqli_error($db_server));   
        $message= "Your diet has been updated";
    

    Then, you should actually display that message somewhere. This depends on what else you want to display, but you could simply add to the end of your PHP block (before the closing ?>) the following:

     if (isset($message)) {
          echo "<h4 style='color:green'>$message</h4>";
     }
    

    ...or use whatever HTML and style you want.

    To close, one final remark:

    Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 乌班图ip地址配置及远程SSH
  • ¥15 怎么让点阵屏显示静态爱心,用keiluVision5写出让点阵屏显示静态爱心的代码,越快越好
  • ¥15 PSPICE制作一个加法器
  • ¥15 javaweb项目无法正常跳转
  • ¥15 VMBox虚拟机无法访问
  • ¥15 skd显示找不到头文件
  • ¥15 机器视觉中图片中长度与真实长度的关系
  • ¥15 fastreport table 怎么只让每页的最下面和最顶部有横线
  • ¥15 R语言卸载之后无法重装,显示电脑存在下载某些较大二进制文件行为,怎么办
  • ¥15 java 的protected权限 ,问题在注释里