douying4909 2017-03-12 22:27
浏览 38
已采纳

在php中编辑mysql并显示新结果

I have been expanding on this pre-built php login system. The first code block is a file called user.php and I believe its loaded when the user logs in. I've added to it, for example

For when I want to add extra columns to the database and echo it out.

'depot' and  $_SESSION['depot'] = $row['depot'];

My problem is when I am building the profile page editing this data doesn't update unless the user logs out and logs back in.

What is a good way to fix this. Do I need to remove the additions I make to the user.php and create a new SELECT statment and array in profile.php. or can I somehow refresh the variables in user.php?

user.php

<?php
include('password.php');
class User extends Password{

private $_db;

function __construct($db){
    parent::__construct();

    $this->_db = $db;
}

private function get_user_hash($username){

    try {
        $stmt = $this->_db->prepare('SELECT password, username, firstname, lastname, phone, memberID, user_level, credit, email, depot FROM members WHERE username = :username AND active="Yes" ');
        $stmt->execute(array('username' => $username));

        return $stmt->fetch();

    } catch(PDOException $e) {
        echo '<p class="bg-danger">'.$e->getMessage().'</p>';
    }
}

public function login($username,$password){

    $row = $this->get_user_hash($username);

    if($this->password_verify($password,$row['password']) == 1){

        $_SESSION['loggedin'] = true;
        $_SESSION['username'] = $row['username'];
        $_SESSION['firstname'] = $row['firstname'];
        $_SESSION['lastname'] = $row['lastname'];
        $_SESSION['phone'] = $row['phone'];
        $_SESSION['memberID'] = $row['memberID'];
        $_SESSION['user_level'] = $row['user_level'];
        $_SESSION['credit'] = $row['credit'];
        $_SESSION['email'] = $row['email'];
        $_SESSION['depot'] = $row['depot'];           

        return true;
    }
}

public function logout(){
    session_destroy();
}

public function is_logged_in(){
    if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
        return true;
    }
}

}


?>

Example of profile.php

profile.php
<?php require('includes/config.php'); 

//if not logged in redirect to login page
if(!$user->is_logged_in()){ header('Location: login.php'); } 

//define page title
$title = 'Profile Page';

//include header template
require('layout/header-active.php'); 

?>

<div id="Holder">
<div class="container">       
   <div class="row">
    <div class="col-lg-6 col-lg-offset-3">
        <h1> Account Information </h1>
        <p>Username: <?php echo $_SESSION['username']; ?></p>
        <p>First Name: <?php echo $_SESSION['firstname']; ?></p>
        <p>Last Name: <?php echo $_SESSION['lastname']; ?></p>
        <p>Phone: <?php echo $_SESSION['phone']; ?></p>
        <p>Email: <?php echo $_SESSION['email']; ?></p>
        <p>Member ID: <?php echo $_SESSION['memberID']; ?></p>            

        <hr>

        <h3>Global Settings</h3>

        <form class="" action="" method="post">
            <div class="form-group">
                <label>Depot:</label> <input type="text" name="depot" class="form-control" value="<?php echo $_SESSION['depot']; ?>" />
            </div>
            <input type="submit" name="submit" value="Submit" class="btn btn-primary">
        </form> 

        <?php
        include('connect-db.php');

        if (isset($_POST['submit']))
        { 
            $memberID = $_SESSION['memberID'];
            $depot = $_POST['depot'];

            mysqli_query($conn, "UPDATE members SET depot='$depot' WHERE     memberID='$memberID'")
            or die(mysqli_error());

            header("Location: profile.php"); 
        }

        ?>

        <?php 
//include header template
        require('layout/footer.php'); 
        ?>
  • 写回答

1条回答 默认 最新

  • dpa89292 2017-03-12 23:09
    关注

    Since your code uses $_SESSION variable to display values, updating the value in the database has no effect for the current session as $_SESSION is updated only when the user logs in.
    The changes are visible if the user login again because $_SESSION variable is overwritten in your login function with the updated information from the database.

    To make the changes visible without logging out, update $_SESSION variable immediately after updating the value in the database.

    mysqli_query($conn, "UPDATE members SET depot='$depot' WHERE     memberID='$memberID'");
$_SESSION['depot'] = $depot;

    Also, you should read this How can I prevent SQL injection in PHP?
    Never pass user submitted data directly to MySQL without properly escaping it.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度
  • ¥30 关于#r语言#的问题:如何对R语言中mfgarch包中构建的garch-midas模型进行样本内长期波动率预测和样本外长期波动率预测
  • ¥15 ETLCloud 处理json多层级问题
  • ¥15 matlab中使用gurobi时报错
  • ¥15 这个主板怎么能扩出一两个sata口
  • ¥15 不是,这到底错哪儿了😭
  • ¥15 2020长安杯与连接网探
  • ¥15 关于#matlab#的问题:在模糊控制器中选出线路信息,在simulink中根据线路信息生成速度时间目标曲线(初速度为20m/s,15秒后减为0的速度时间图像)我想问线路信息是什么