顯示SQL列數據到目前爲止我的代碼如何輸入值
if (isset($_GET["job_pos_sort"])) {
$sn = (int)($_GET["job_pos_sort"]);
$job_posname = "SELECT job_pos FROM careers WHERE job_pos_sort = $sn";
和
<td><input name="job_pos_sort" type="text" id="job_pos_sort" value="<?php echo $sn;?>"></td>
<td><input name="job_pos" type="text" id="job_pos" value="<?php echo $job_posname;?>"></td>
和代碼正確顯示job_pos_sort輸入值。我正在嘗試使job_pos值在第二個輸入中正確顯示。第二個輸入值在我的網頁上顯示爲空白。
我的網頁的URL看起來像這樣:mywebpage.ca/phptester/updatecareers.php?job_pos_sort=4
這裏是我的全部代碼:
<?php
$dbhost = 'ddsehdscom';
$dbuser = 'kedsagbm';
$dbpass = 'Kisazer';
$dbname = 'kedsgbm';
$conn = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
if(! $conn)
{
die('Could not connect: ' . mysqli_error());
}
?>
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if (isset($_GET["job_pos_sort"])) {
$sn = (int)($_GET["job_pos_sort"]);
if(isset($_POST['update']))
{
$job_pos_sort = $_POST['job_pos_sort'];
$job_pos = $_POST['job_pos'];
$sql = "UPDATE careers ".
"SET job_pos = '$job_pos' ".
"WHERE job_pos_sort = $job_pos_sort" ;
$retval = mysqli_query($conn, $sql);
if(! $retval)
{
die('Could not update data: ' . mysqli_error());
}
echo "Updated data successfully\n";
echo "Click <a href='displaydb.php'>here</a> to return to the table";
}
else
{
$job_posname = "SELECT job_pos FROM careers WHERE job_pos_sort = $sn";
$query=mysqli_query($conn, $job_posname);
$array=mysqli_fetch_assoc($query);
$job_posname=stripslashes($array['job_pos']);
?>
<form method="post" action="">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Employee ID</td>
<td><input name="job_pos_sort" type="text" id="job_pos_sort" value="<?php echo $sn;?>"></td>
</tr>
<tr>
<td width="100">Employee Salary</td>
<td><input name="job_pos" type="text" id="job_pos" value="<?php echo $job_posname;?>"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
}
else {
echo ("No employee id given.");
}
?>
</body>
</html>
謝謝,任何幫助。看到
凱爾西
你可以更清楚一點,你將兩個輸入的值設置爲相同。在一個輸入中,值顯示在第二個不是?你的查詢應該是固定的,它是廣泛開放的SQL注入。你應該清理$ sn = $ _ GET ['job_pos_sort']; – CodeBird
對不起,第二個輸入的值是<?php echo $ job_posname;?>。那麼,這是一個小公司,所以我不認爲他們會通過更新表格來做任何有害的事情。 – Kelsey
你確定'$ job_posname'返回給你什麼嗎? – Grish