douhao9203 2015-12-16 00:05
浏览 44

试图让另一个用户'admin'更新所选用户PHP的字段

I am learning from a tutorial on how to make a register and login system using PDO OOP in php. I have finished the tutorial and finally got everything working. My question is how do I let someone who is already logged on update another user. Is there a different way to know the error than what I have done. Please look at the code below. (This is not the entire code just relevant parts. If you need or want more please tell me and I will edit the post.)

Also the error I'm outputting is 'There was a problem updating.' from the user class.

Thanks in advance for all the help.

This is the Form

  try {
            $user->update(array(
              'group' => Input::get('group')
            ),'username',Input::get('username'));

            Session::flash('home','Your grup has been updated');
            Redirect::to('index.php');

          } catch(Exception $e) {
            die($e->getMessage());
          }

    <h3>1: Standard User</h3>
    <h3>2: Administrator</h3>
    <h3>3: Moderator</h3>
    <h3>4: Admin/Mod</h3>
      <form action="" method="post" autocomplete="off">
        <label for="group">Change Group to</label>
          <input type="number" name="group" id="group">
        <label for="username">for this username</label>
          <input type="text" name="username" id="username">
          <input type="submit" value="Change Group">
          <input type="hidden" name="token" value="<?php echo Token::generate(); ?>">
      </form>

Here is the method within the user class

public function update($fields = array(), $chosenfield = 'id', $id= null) {

    if(!$id && $this->isLoggedIn()) {
      $id = $this->data()->id;
    }

    if(!$this->_db->update('users', $chosenfield, $id, $fields)) {
      throw new Exception('There was a problem updating.');
    }
  }

Here are the two methods that will show whats going on from the DB class.

  public function query($sql, $params = array()) {
    $this->_error = false;
    if($this->_query = $this->_pdo->prepare($sql)){
      $x = 1;
      if(count($params)){
        foreach($params as $param){
          $this->_query->bindValue($x, $param);
          $x++;
        }
      }
      if($this->_query->execute()){
        $this->_results = $this->_query->fetchAll(PDO::FETCH_OBJ);
        $this->_count = $this->_query->rowCount();
      } else {
        $this->_error = true;
      }
    }
    return $this;
  }

public function update($table, $chosenfield, $id, $fields){
    $set = '';
    $x = 1;

    foreach($fields as $name => $value){
      $set .="{$name} = ?";
      if($x < count($fields)){
        $set .= ', ';
      }
      $x++;
    }

    $sql = "UPDATE {$table} SET {$set} WHERE {$chosenfield} = {$id}";

    if(!$this->query($sql, $fields)->error()){
      return true;
    }
    return false;
  }
  • 写回答

0条回答 默认 最新

    报告相同问题?

    悬赏问题

    • ¥20 关于URL获取的参数,无法执行二选一查询
    • ¥15 液位控制,当液位超过高限时常开触点59闭合,直到液位低于低限时,断开
    • ¥15 marlin编译错误,如何解决?
    • ¥15 有偿四位数,节约算法和扫描算法
    • ¥15 VUE项目怎么运行,系统打不开
    • ¥50 pointpillars等目标检测算法怎么融合注意力机制
    • ¥20 Vs code Mac系统 PHP Debug调试环境配置
    • ¥60 大一项目课,微信小程序
    • ¥15 求视频摘要youtube和ovp数据集
    • ¥15 在启动roslaunch时出现如下问题