- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我有一个脚本似乎不起作用,它意味着更新 SQL 数据库。代码看起来不错,但在我看来,当我在要输入数据的位置提交 ID 时,它不起作用。
我似乎找不到原因。这里有人可以帮助我吗?
脚本如下。
当我使用错误检查代码时,我唯一得到的是:
Query is : UPDATE ncmr SET ab = 'Matt Ridge', date = '2012-01-09', part = 'K17212191', rev = '01' , partdesc = '' , ncmrqty = '2' , comp = 'Nexx Systems Inc.' , ncmrid = '1243' , rma = 'Empty' , jno = 'Empty' , fdt = 'none' , cof = 'none' , fab1 = 'Andy Kahl' , fab2 = '--None--' , fab3 = '--None--' , non = '' , dis = '' , comm = '' , caad = '' , po = 'Empty' , pod = '1969-12-31' , dri = '1969-12-31' WHERE id = ''
没有错误,但我注意到在发布时没有显示 ID。发生这种情况是否有原因?
如果需要,我会发布一个链接。
<?php
require_once('connectvars.php');
echo '<div id="postwrap">'
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PDI NCMR - Edit</title>
<link rel="stylesheet" type="text/css" href="CSS/postie.css" />
</head>
<body>
<div id="logo">
<img src="../images/PDI_Logo_2.1.gif" alt="PDI Logo" />
</div>
<?php
if (isset($_POST['submit'])) {
// Connect to the database
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
// Enter data into the database
$ab = mysqli_real_escape_string($dbc, trim($_POST['ab']));
$date = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime ($_POST['date']))));
$part = mysqli_real_escape_string($dbc, trim($_POST['part']));
$rev = mysqli_real_escape_string($dbc, trim($_POST['rev']));
$partdesc = mysqli_real_escape_string($dbc, trim($_POST['partdesc']));
$ncmrqty = mysqli_real_escape_string($dbc, trim($_POST['ncmrqty']));
$comp = mysqli_real_escape_string($dbc, trim($_POST['comp']));
$ncmrid = mysqli_real_escape_string($dbc, trim($_POST['ncmrid']));
$rma = mysqli_real_escape_string($dbc, trim($_POST['rma']));
$jno = mysqli_real_escape_string($dbc, trim($_POST['jno']));
$fdt = mysqli_real_escape_string($dbc, trim($_POST['fdt']));
$cof = mysqli_real_escape_string($dbc, trim($_POST['cof']));
$fab1= mysqli_real_escape_string($dbc, trim($_POST['fab1']));
$fab2= mysqli_real_escape_string($dbc, trim($_POST['fab2']));
$fab3= mysqli_real_escape_string($dbc, trim($_POST['fab3']));
$non= mysqli_real_escape_string($dbc, trim($_POST['non']));
$dis= mysqli_real_escape_string($dbc, trim($_POST['dis']));
$comm= mysqli_real_escape_string($dbc, trim($_POST['comm']));
$caad= mysqli_real_escape_string($dbc, trim($_POST['caad']));
$po= mysqli_real_escape_string($dbc, trim($_POST['po']));
$pod = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime($_POST['pod']))));
$dri = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime($_POST['dri']))));
$query = "UPDATE ncmr SET ab = '$ab', date = '$date', part = '$part', rev = '$rev' , partdesc = '$partdesc' , ncmrqty = '$ncmrqty' , comp = '$comp' , ncmrid = '$ncmrid' , rma = '$rma' , jno = '$jno' , fdt = '$fdt' , cof = '$cof' , fab1 = '$fab1' , fab2 = '$fab2' , fab3 = '$fab3' , non = '$non' , dis = '$dis' , comm = '$comm' , caad = '$caad' , po = '$po' , pod = '$pod' , dri = '$dri' WHERE id = '" . $_GET['id'] . "'";
// echo your raw query and look for obvious errors
echo "Query is : " . $query . "<br />";
// and at least use a basic mechanism to trap possibles errors
mysqli_query($dbc, $query) or die('Query Error : ' . mysqli_error($dbc));
// Clear the form data
$ab = "";
$date = "";
$part = "";
$rev = "";
$partdesc = "";
$ncmrqty = "";
$comp = "";
$ncmrid = "";
$rma = "";
$jno = "";
$fdt = "";
$cof = "";
$fab1= "";
$fab2= "";
$fab3= "";
$non= "";
$dis= "";
$comm= "";
$caad= "";
$po= "";
$pod = "";
$dri = "";
// Confirm success with the user
echo '<p>If you wish to edit more NCMRs, please <a href="list.php">go to the admin page!</a></p>';
mysqli_close($dbc);
}
else {
// Connect to the database
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
// Grab the profile data from the database
if (!isset($_GET['id'])) {
$query = "SELECT * FROM ncmr WHERE id = '$id'";
}
else {
$query = "SELECT * FROM ncmr WHERE id = '" . $_GET['id'] . "'";
}
$data = mysqli_query($dbc, $query);
if (mysqli_num_rows($data) == 1) {
// The user row was found so display the user data
$row = mysqli_fetch_array($data);
echo'<div id="title"><h3 id="NCMR2">Non-Conforming Materials Report (NCMR: ' . $row['rma'] . ')</h3></div>';
echo "<form action='".$_SERVER['PHP_SELF']."' method='post'>";
echo '<fieldset>';
echo '<div id="box1">';
if (empty($row['ab'])) $row['ab'] = "Empty";
if (empty($row['date'])) $row['date'] = "Empty";
if (empty($row['part'])) $row['part'] = "Empty";
if (empty($row['rev'])) $row['rev'] = "Empty";
if (empty($row['partdesc'])) $row['partdesc'] = "Empty";
if (empty($row['ncmrqty'])) $row['ncmrqty'] = "Empty";
echo '<div id="ab"><span class="b">Added By: </span><input type="text" name="ab" value="' . $row['ab'] . '" /></div>';
echo '<div id="date"><span class="b">Date Filed: </span><input type="text" name="date" value="' . $row['date'] . '" /></div>';
echo '<div id="part"><span class="b">Part Number: </span><input type="text" name="part" value="' . $row['part'] . '" /></div>';
echo '<div id="rev"><span class="b">Part Revision: </span><input type="text" name="rev" value="' . $row['rev'] . '" /></div>';
echo '<div id="partdesc"><span class="b">Part Description: </span><textarea rows="4" cols="22">' . $row['partdesc'] . '</textarea></div>';
echo '<div id="ncmrqty"><span class="b">NCMR Qty: </span><input type="text" name="ncmrqty" value="' . $row['ncmrqty'] . '" /></div>';
echo '</div>';
//Company, Customer NCMR, Internal RMA, and Job Number
echo '<div id="box2">';
if (empty($row['comp'])) $row['comp'] = "Empty";
if (empty($row['ncmrid'])) $row['ncmrid'] = "Empty";
if (empty($row['rma'])) $row['rma'] = "Empty";
if (empty($row['jno'])) $row['jno'] = "Empty";
echo '<div id="comp"><span class="b">Company: </span><input type="text" name="comp" value="' . $row['comp'] . '" /></div>';
echo '<div id="ncmrid"><span class="b">Customer NCMR ID: </span><input type="text" name="ncmrid" value="' . $row['ncmrid'] . '" /></div>';
echo '<div id="rma"><span class="b">Internal RMA #: </span><input type="text" name="rma" value="' . $row['rma'] . '" /></div>';
echo '<div id="jno"><span class="b">Job #: </span><input type="text" name="jno" value="' . $row['jno'] . '" /></div>';
echo '</div>';
//Type of Failure and Class of Failure
echo '<div id="box3">';
echo '<h2>Failure</h2>';
echo '<div id="cof"><span class="b">Class of Failure: </span><input type="text" name="cof" size="15" value="' . $row['cof'] . '" /></div>';
echo '<div id="fdt"><span class="b">Failure Due To: </span><input type="text" name="fdt" size="15" value="' . $row['fdt'] . '" /></div>';
echo '</div>';
//Fabricators
echo '<div id="box4">';
echo '<h2>Fabricators</h2>';
if ($row['fab1']="--None--")
{
echo'<div id="fab1">';
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$mysqli->select_db('user');
$result = $mysqli->query("SELECT * FROM user");
echo "<SELECT name='fab1'>\n";
while($row = $result->fetch_assoc())
{
echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
}
echo "</select>\n";
echo '</div>';
}
else
{
echo'<div id="fab1">';
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$mysqli->select_db('user');
$result = $mysqli->query("SELECT * FROM user");
echo "<SELECT name='fab1'>\n";
while($row = $result->fetch_assoc())
{
echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
}
echo "</select>\n";
echo '</div>';
}
if ($row['fab2']="--None--")
{
echo'<div id="fab2">';
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$mysqli->select_db('user');
$result = $mysqli->query("SELECT * FROM user");
echo "<SELECT name='fab2'>\n";
while($row = $result->fetch_assoc())
{
echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
}
echo "</select>\n";
echo '</div>';
}
else
{
echo '<div id="fab2"><span class="b"></span><input type="text" name="fab1" size="20" value="' . $row['fab1'] . '" /></div>';
echo '</div>';
}
if ($row['fab3']="--None--")
{
echo'<div id="fab3">';
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$mysqli->select_db('user');
$result = $mysqli->query("SELECT * FROM user");
echo "<SELECT name='fab3'>\n";
while($row = $result->fetch_assoc())
{
echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
}
echo "</select>\n";
echo '</div>';
}
else
{
echo '<div id="fab3"><span class="b"></span><input type="text" name="fab1" size="20" value="' . $row['fab1'] . '" /></div>';
echo '</div>';
} echo '</div>';
//Nonconformity, Disposition, Comments and Comments & Additional Details
echo '<div id="box5">';
if (empty($row['non'])) $row['non'] = "Empty";
if (empty($row['dis'])) $row['dis'] = "Empty";
if (empty($row['comm'])) $row['comm'] = "Empty";
if (empty($row['caad'])) $row['caad'] = "Empty";
echo '<div id="non"><span class="b">Nonconformity: </span><textarea rows="4" cols="105">' . $row['non'] . '</textarea></div>';
echo '<div id="dis"><span class="b">Disposition: </span><textarea rows="4" cols="105">' . $row['dis'] . '</textarea></div>';
echo '<div id="comm"><span class="b">Comments: </span><textarea rows="4" cols="105">' . $row['comm'] . '</textarea></div>';
echo '<div id="caad"><span class="b">Comments and/or Additional Details: </span><textarea rows="4" cols="105">' . $row['caad'] . '</textarea></div>';
echo '<div id="podr">';
if (empty($row['po'])) $row['po'] ="Empty";
if (empty($row['pod'])) $row['pod'] ="Empty";
if (empty($row['dir'])) $row['dri'] ="Empty";
echo '<div id="po"><span class="b">PO: </span><input type="text" name="po" size="7" value="' . $row['po'] . '" /></div>';
echo '<div id="pod"><span class="b">PO Date: </span><input type="text" name="pod" size="7" value="' . $row['pod'] . '" /></div>';
echo '<div id="dri"><span class="b">Date Received: </span><input type="text" name="dri" size="7" value="' . $row['dri'] . '" /></div>';
echo '</div>';
echo '<div id="button2"><input type="submit" value="Submit Edits" name="submit" /></div>';
echo '</div>';
echo '</fieldset>';
echo '</form>';
}
}
echo '</div>';
?>
</body>
</html>
最佳答案
您正在使用 $_GET 检索 ID,但使用 $_POST 检索其他所有内容。尝试将其更改为 $_POST... 并且 SO 上的每个人都会发出大量警告,说明为什么这是危险的。在 google 上查找 SQL 注入(inject)。
关于PHP 更新脚本不工作,ID 没有在应该的时候推送。,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/8824105/
我正在尝试将多个值放入数组中。 当我使用时: csvData.push('data[0][index],data[1][index],data[2][index],data[3][index]');
我想在数组声明中直接使用函数 push(),但它不能正常工作。在我的示例中,我的数组返回值 2 : var j = ["b"].push("a"); document.write(j); // ret
我编写了以下Powershell,它为所选文件夹中的所有驱动程序创建了一个bat安装程序,然后应重新启动PC。 New-Item C:\Tools\Drivers\DellLatitude3450.b
例: $ git clone git@gitlab:carlos/test.git Cloning into 'asd'... ssh: connect to host gitlab port 22:
我正在构建一个具有数组类型属性的对象数组: 这里是一些简化的代码: var _data = []; for(var i=0;i<10;i++) { var element = {
我有一个简单的 PHP/MySql 应用程序,它通常会选择几个数据库之一(假设每个客户一个)进行操作。但是,经常调用访问公共(public)数据库的实用程序函数。 我不想在我的代码中散布 USE 子句
我在推送 View Controller 时遇到问题。这就是我所做的:单击一个按钮,我使用这段代码添加了一个模态视图,我工作正常: - (void)addAction:(id)sender {
我想为socket can写一个android系统服务器。我目前正在设计这个,想知道是否有任何方法可以在 Linux/POSIX 套接字上的数据是否可用而无需调用 read() 并随时轮询结果的情况下
我正在编写一个 Bootstrap 站点,我想知道这是否可以接受。该网站看起来像我想要的那样,但我想知道这是否是最佳做法? 我采用的方法是对每两个缺失的列使用 1 个偏
删除远程分支是通过: git push origin :master 如果本地在远程之后,则需要完成: git push --force origin :master 但是强制删除例如master 基
假设我有一个 git 服务器。在每次推送时,我都需要启动一个进程,我可以通过一个钩子(Hook)来完成。 需要将进程的标准输出写入执行推送的 git 客户端。这与 Heroku 或 Openshift
我刚刚开始学习 Git,有些事情我无法解决。在我的 Mac 上本地创建和使用 git 存储库后,我可以将副本推送到其他地方的另一台服务器吗?我在防火墙后面,所以不幸的是我无法从另一台机器运行 git
这个问题在这里已经有了答案: warning: remote HEAD refers to nonexistent ref, unable to checkout (13 个答案) 关闭 7 年前。
我已经安装了 SCM Sync 配置插件(0.0.10)来将我的 jenkins 设置保存在我的 git 存储库中。 我已经设置了 git url 存储库但插件没有提交/推送,请看截图 我试过: 私钥
这可能看起来很矛盾,我知道 secret 变更集是私有(private)的,但是如果我想备份这些 secret 变更集怎么办? 我与一些分支并行工作,有时我想插入一个,而不是其他的。为了实现这一点,我
我正在使用 TortoiseHg用于版本控制。提交到本地后,我推送到远程存储库。如何撤消到特定的提交点? 有三个不同的插入,我想恢复到第一个插入。我读到了 Mercurial 回滚和 hg 撤销 命令
我知道以前有人问过这个问题,但我似乎无法理解这件事...... git checkout master git pull git git checkout feature git rebase ori
下面的代码片段中 return { Push:function ..... 的含义是什么?当我用谷歌搜索时,我发现push()方法将新项目添加到数组的末尾,并返回新的长度。所以我不确定什么是push:
我正在使用 Mercurial 1.6。我有一个带有几个子存储库的存储库 (11)。我想将父存储库推送到默认远程存储库,而不推送子存储库。想要这样做的原因包括: 我使用的是 SSH 存储库,需要很长时
我分配了一个按钮来将 segue 推送到另一个 View Controller ,但是当我执行这部分代码时,我得到以下信息: 2014-02-20 10:44:29.357 nar[20244:70b
我是一名优秀的程序员,十分优秀!