dsgsdg206050 2014-05-28 13:54
浏览 37
已采纳

PHP无法更新SQL

I'm using a php part in my site, where I have a textarea that get a text from a database. The user can edit this text and after he finish press the save button, and using UPDATE I will change the text in the database. Here is my code:

<?php 
    $con=mysqli_connect("localhost","userdb","codedb","projectdb");
    mysqli_set_charset($con, 'utf8');  
    // Check connection
    if (mysqli_connect_errno()) {
        echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }


    $myQueryfac="SELECT text FROM main WHERE id=1";
    $result = mysqli_query($con,$myQueryfac);

    while($row = mysqli_fetch_array($result)) { 
        $t1=$row['text'];
    }

    $form="<form action='adminindex.php' method='post'>
        <textarea name='area1' maxlength='1500' cols='50' rows='10'>$t1</textarea>
        <input type='submit' name='enter' value='Save'>
        </form>";


    if($_POST['enter']) {
        $t1=$_POST['area1'];
        mysqli_query($con,"UPDATE main SET text='$t1' WHERE id='1'");
    }

    echo $form;
    mysqli_close($con);
?>

My problem is in the UPDATE query it seems like it ignores $t1 and nothing change in database. But if I put something random in there, "RANDOM TEXT", change it successful.

  • 写回答

3条回答 默认 最新

  • dongwujie7477 2014-05-28 14:10
    关注

    This is how you do it:

    test.php 

    // DB Connect
$con=mysqli_connect("localhost","userdb","codedb","projectdb");
mysqli_set_charset($con, 'utf8');  
if (mysqli_connect_errno()) {
    echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

// Handle POST
if (count($_POST))
{
    // Save In DB
    mysqli_query($con, sprintf("UPDATE main SET `text`='%s' WHERE id=%d",
        mysqli_real_escape_string($con, $_POST['area1']),
        1)); // id

    // Success
    echo "<p>Data updated.</p>";
}

// Load Existing Data
$myQueryfac="SELECT `text` FROM main WHERE id=1";
$result = mysqli_query($con, $myQueryfac);
$row = mysqli_fetch_array($result);

// Display Form
echo "<form action='test.php' method='post'>
    <textarea name='area1' maxlength='1500' cols='50' rows='10'>". $row['text'] ."</textarea>
    <input type='submit' name='enter' value='Save'>
    </form>";

// DB Close
mysqli_close($con);

?>

    What I've changed

    • Moved the post hander up (above the select statement), so that if an update occurs, the form will show the latest updated data
    • Your update query was treating the id as string, I formatted it to be a digit (%d)
    • Removed the while loop, you don't need it as it is a single row being returned
    • added sql-injection prevention (using sprintf and mysqli_real_escape_string)
    • added backticks `` around the db field name text (wasn't sure if this is a reserved word, because it's one of the sql data types)
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 c语言怎么用printf(“\b \b”)与getch()实现黑框里写入与删除?
  • ¥20 怎么用dlib库的算法识别小麦病虫害
  • ¥15 华为ensp模拟器中S5700交换机在配置过程中老是反复重启
  • ¥15 java写代码遇到问题,求帮助
  • ¥15 uniapp uview http 如何实现统一的请求异常信息提示?
  • ¥15 有了解d3和topogram.js库的吗?有偿请教
  • ¥100 任意维数的K均值聚类
  • ¥15 stamps做sbas-insar,时序沉降图怎么画
  • ¥15 买了个传感器,根据商家发的代码和步骤使用但是代码报错了不会改,有没有人可以看看
  • ¥15 关于#Java#的问题,如何解决?