1. 首頁
  2. 問答
  3. 加入兩個表與where條款

加入兩個表與where條款

2014-04-16 59 views
0

我有兩個表用戶和news_table.I想禁止用戶類型1編輯和刪除用戶發佈類型爲9的新聞。現在,因爲它與我的代碼用戶類型1是有能力編輯和刪除用戶類型發佈的新聞9.我需要一個新的查詢來修復它。加入兩個表與where條款

user: 
id int primary key auto_increment, 
username varchar(255), 
password varchar(255), 
type int 

news_table: 
id int primary key auto_incremnet, 
title varchar(255), 
news text, 
author varchar(50), 
time date, 
authorid int, 
image varchar(255) NULL 


if(isset($_POST['editsubmit'])){ 
$oldtitle=htmlentities($_POST['oldtitle']); 
$newtitle=htmlentities($_POST['newtitle']); 
$newtext=htmlentities($_POST['newtext']); 
$oldtitle=mysqli_real_escape_string($conn,$oldtitle); 
$newtitle=mysqli_real_escape_string($conn,$newtitle); 
$newtext=mysqli_real_escape_string($conn,$newtext); 
if($oldtitle){ 
    if($newtitle){ 
     if($newtext){ 
     $query=mysqli_query($conn,"SELECT*FROM news_table JOIN user ON news_table.authorid=user.id WHERE title='$oldtitle' AND user.type!=9 OR news_table.image IS null"); 
     $numrows=mysqli_num_rows($query); 
      if($numrows==1){ 
      mysqli_query($conn,"UPDATE news_table set title='$newtitle',news='$newtext' WHERE title='$oldtitle'"); 
      $query=mysqli_query($conn,"SELECT*FROM news_table WHERE title='$newtitle'"); 
      $numrows=mysqli_num_rows($query); 
       if($numrows==1){ 
        $errormsg2="News edited"; 
       }else 
       $errormsg2="An error occurred.News not edited"; 
      }else 
      $errormsg2="That news do not exist"; 
     }else 
     $errormsg2="Please enter new text"; 
    }else 
    $errormsg2="Please enter new title"; 
}else 
$errormsg2="Please enter old news title"; 
}

來源

2014-04-16 admir

回答

0

我評論了你的代碼,看來你會允許誰的user.type不等於9進行編輯的任何用戶,也許你應該改變,要= 9所以只有user.type 9將能夠進行修改。

if(isset($_POST['editsubmit'])){ 

// Post Variables 
$oldtitle=htmlentities($_POST['oldtitle']); 
$newtitle=htmlentities($_POST['newtitle']); 
$newtext=htmlentities($_POST['newtext']); 
$oldtitle=mysqli_real_escape_string($conn,$oldtitle); 
$newtitle=mysqli_real_escape_string($conn,$newtitle); 
$newtext=mysqli_real_escape_string($conn,$newtext); 

// If there is an oldtitle 
if($oldtitle){ 
    // If there is a newtitle 
    if($newtitle){ 
     // If there is newtext 
     if($newtext){ 

     // Perform this query, JOIN and WHERE has user.type EQUALS 9 
     $query=mysqli_query($conn,"SELECT*FROM news_table JOIN user ON news_table.authorid=user.id WHERE title='$oldtitle' AND user.type = 9 OR news_table.image IS null"); 
     // Get the Data 
     $numrows=mysqli_num_rows($query); 
      // If we actually received a row with the matching criteria 
      if($numrows==1){ 
      // Perform the update 
      mysqli_query($conn,"UPDATE news_table set title='$newtitle',news='$newtext' WHERE title='$oldtitle'"); 
      // New query to refresh the data from the edit 
      $query=mysqli_query($conn,"SELECT*FROM news_table WHERE title='$newtitle'"); 
      $numrows=mysqli_num_rows($query); 
      // Verify the edit was completed 
       if($numrows==1){ 
        $errormsg2="News edited"; 
       }else 
       $errormsg2="An error occurred.News not edited"; 
      }else 
      $errormsg2="That news do not exist"; 
     }else 
     $errormsg2="Please enter new text"; 
    }else 
    $errormsg2="Please enter new title"; 
}else 
$errormsg2="Please enter old news title"; 
}

來源

2014-04-16 21:49:19 Skewled

相關問題

 相關問題