1. 首頁
  2. 問答
  3. PHP:使用腳本更新數據庫

PHP:使用腳本更新數據庫

2011-05-18 170 views
0

嗨我有一個小php腳本的問題。我試圖讓我的用戶更改「工作」的狀態,所以我不得不使用選項和帖子。PHP:使用腳本更新數據庫

我可以得到答案但不是id。那麼,如何將id傳遞給腳本,然後新的腳本就是腳本。

<?php 
$conx; //connection object to the server 
$comd;//instance of a command object 
$sql; //string variable to hold the SQL commands 
$itemsAdded; //numeric var to hold num records added to table (1 or 0) 
$dbpath; 

$db = realpath("../Database/iceserv.mdb"); 

$conn = new COM('ADODB.Connection') or exit('Cannot start ADO.'); 

$connStr = "PROVIDER=Microsoft.Jet.OLEDB.4.0;Data Source=$db"; 

$conn->Open($connStr); 

$sql = "SELECT callback.*, status.stat_disc AS Status 
FROM callback INNER JOIN status ON callback.callback_STATID = status.stat_ID"; 

$rs = $conn->Execute($sql); 
if (!$rs) {exit("Error in SQL");} 
echo "<form method='post' action='../scripts/update_stat.php' id='status' name='status'><table><tr>"; 
echo "<th> Cutomer ID</th>"; 
echo "<th>Customer First Name</th>"; 
echo "<th>Customer Surname</th>"; 
echo "<th>Customer Phone Number</th>"; 
echo "<th>Customer Reason For Callback</th>"; 
echo "<th>Callback Status</th>"; 
echo "<th>Change Status</th>"; 
echo "<th></th>"; 

while (!$rs->EOF) { 

    $callid=$rs->Fields['callback_ID']->Value; 
    //echo $callid; 
    $fname=$rs->Fields['callback_fname']->Value; 
    $sname=$rs->Fields['callback_sname']->Value; 
    $phone=$rs->Fields['callback_phnum']->Value; 
    $reason=$rs->Fields['callback_reason']->Value; 
    $status=$rs->Fields['Status']->Value; 
    echo "<tr><td align='center'>$callid</td>"; 
    echo "<td align='center'>$fname</td>"; 
    echo "<td align = 'center'>$sname</td>"; 
    echo "<td align = 'center'>$phone</td>"; 
    echo "<td align = 'center'>$reason</td>"; 
    echo "<td align = 'center'>$status</td>"; 
    //echo "<td align = 'center'><input type='text' name='calledid' value = '$callid'></td>"; 
    echo"<td align = 'center'><select name ='status' size='1'> 
    <option value =''>Choose status</option> 
    <option value ='1'>Open </option> 
    <option value ='2'>Waiting Qoute</option> 
    <option value ='3'>Closed </option></td> 
    </select>"; 
    echo "<td><input type='submit' name='submit_btn' id='submit_btn' value='Update' class='submit_btn1'</input></td></tr></table></form>"; 

    exit; 
    } 
?>

所以上面的腳本調用,並從數據庫

<?php 

    //variable listing and usage 
    $conx; //connection object to the server 
    $comd;//instance of a command object 
    $sql_comd; //string variable to hold the SQL commands 
    $itemsAdded; //numeric var to hold num records added to table (1 or 0) 
    $dbpath; 

     $db = realpath("../Database/iceserv.mdb"); 

     $conn = new COM('ADODB.Connection') or exit('Cannot start ADO.'); 

     $connStr = "PROVIDER=Microsoft.Jet.OLEDB.4.0;Data Source=$db"; 

     $conn->Open($connStr); 
       $id = $_POST['callid']; 
       echo "ID is " +$id; 
       $option= $_POST['status']; 

    $sql_comd="UPDATE callback 
    SET callback_STATID=$option 
    WHERE callback_ID=$id 
    "; 
    $conn->Execute($sql_comd); 

//$result = null; 
$conn = null; 

header('Location: ../admin/callback.php'); 

?>

上述腳本試圖更新表拉動信息,但ID不會通過這樣路過我如何獲得ID被傳遞給腳本?

請詢問如果我一直都不清楚

來源

2011-05-18 andy

+2

我不明白你在問什麼,但我想指出你已經開放給SQL注入了。請閱讀使用PDO準備好的查詢。另外,你不能在302重定向中使用相對路徑(這就是你對位置標題所做的)。 – Brad 2011-05-18 14:55:27

回答

0

您可以設置選擇喜歡的值:<option value ='{$callid}|1'>Open </option>,然後爆炸「|」拆分結果list($id,$option)=explode("|",$_REQUEST['status'])

來源

2011-05-18 14:52:27 Catalin

+0

謝謝你的快速反應,我會更新腳本,即第二個腳本嗎? – andy 2011-05-18 14:55:19

+0

@andy在html中的第一部分和動作腳本中的第二部分(不要忘記用$ option替換$ _REQUEST ['status']) – Catalin 2011-05-18 14:56:27

+0

@andy NOTE brads評論:) – Catalin 2011-05-18 14:58:14

0 

<input type="hidden" name="calledid" value="<?=$callid;?>" />

我的壞。

<button name="calledid" type="submit" value="<?=$callid;?>">Submit</button>

用它代替你的輸入。

來源

2011-05-18 14:54:46

+0

糟糕的ideea ...他只需要一個callid(對於一個特定的行) – Catalin 2011-05-18 14:59:23

相關問題

 相關問題