douyun1546 2014-01-22 18:56
浏览 21
已采纳

通过表单批准行 - 获取空白页面

I want to show a list of all entries where the column "approved" is "no" and then place a button next to it that when clicked will change the "approved" to a "yes". I ran this through code checker and fixed a few issues with brackets and such. It now tells me there are no errors so something else is just not working with this. It is probably something small that I am missing (I hope). Can anyone help me find/understand what part of this is incorrect... and/or if there is a better way to achieve what I'm wanting?

<?php
  //select the database to write to
  $unapprovedsires = mysql_query("SELECT * FROM nominatedsires WHERE approved = 'no'");
    //While loop to cycle through the rows
    while($row = mysql_fetch_assoc($unapprovedsires)){
        $sirename = $row['sirename'];
        echo $sirename;}
?>
<ul class="admin-fields">
<?php
    foreach($row as $field){
        if(empty($field)){
            echo "....";
        }
        print '<li>' .$field.' </li>';
    }//End For Each Loop
    //print $sirename;
?>
        </ul>
<p>
 <?php
    if(isset($_POST['approve'])){
    mysql_query("UPDATE nominatedsires SET approved = 'yes' WHERE sirename = '.$sirename.'") or die ("Something went wrong");
}
  ?>
    <ul>
        <li>

<form method="post">
    <input type="hidden" name="sirename" value="$sirename" />
    <button name="approve" id="approve" type="submit">Approve Sire</button>
</form>
           </li>
   </ul>
  • 写回答

1条回答 默认 最新

  • dtxzwdl08169 2014-01-22 19:21
    关注

    As I mentioned as a comment, you need to wrap $sirename in PHP tags with an echo statement. You are also not passing $_POST['sirename'] into your script. It otherwise defaults to the original $sirename from your mysql_fetch_assoc().

    Warning: the way you have your script set up, you're vulnerable to injection attacks. This is just an example to show you how to pass in variables. See: How can I prevent SQL injection in PHP?

    <?php
  //select the database to write to
  $unapprovedsires = mysql_query("SELECT * FROM nominatedsires WHERE approved = 'no'");
    //While loop to cycle through the rows
    while($row = mysql_fetch_assoc($unapprovedsires)){
        $sirename = $row['sirename'];
        echo $sirename;}
?>
<ul class="admin-fields">
<?php
    while($row = mysql_fetch_assoc($unapprovedsires)){
        if(empty($row['sirename']))
            echo "....";
        else
            print '<li>' .$row['sirename'].' </li>';
    }
    //print $sirename;
?>
        </ul>
<p>
<?php
    if(isset($_POST['approve'])){
        $sirename = mysql_real_escape_string($_POST['sirename']);
        mysql_query("UPDATE nominatedsires SET approved = 'yes' WHERE sirename = '$sirename'") or die ("Something went wrong");
    }
?>
    <ul>
        <li>
            <form method="post" method="<?php echo $_SERVER[PHP_SELF]; ?>">
                <input type="hidden" name="sirename" value="<?php echo $sirename; ?>" />
                <input type="submit" name="approve" id="approve" value="Approve Sire" />
            </form>
       </li>
</ul>
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 用hfss做微带贴片阵列天线的时候分析设置有问题
  • ¥50 我撰写的python爬虫爬不了 要爬的网址有反爬机制
  • ¥15 Centos / PETSc / PETGEM
  • ¥15 centos7.9 IPv6端口telnet和端口监控问题
  • ¥120 计算机网络的新校区组网设计
  • ¥20 完全没有学习过GAN,看了CSDN的一篇文章,里面有代码但是完全不知道如何操作
  • ¥15 使用ue5插件narrative时如何切换关卡也保存叙事任务记录
  • ¥20 海浪数据 南海地区海况数据,波浪数据
  • ¥20 软件测试决策法疑问求解答
  • ¥15 win11 23H2删除推荐的项目,支持注册表等