我有一個表單,允許用戶從整個集合中選擇4個記錄以按特定順序(1到4)出現。這些字段被動態地命名爲blah1,blah2等。但是,更新查詢不起作用,並且當我輸出結果時,它們都默認值爲1。通過動態表單變量更新記錄
<cfquery name="allRecipes" datasource="#request.db#">
SELECT id, name, homepage_order
FROM tblrecipes
ORDER BY name
</cfquery>
<cfquery name="getOnlySelected" dbtype="query">
SELECT *
FROM allRecipes
WHERE homepage_order > 0
ORDER BY homepage_order
</cfquery>
<cfloop from="1" to="4" index="i">
<li>
Position <cfoutput>#i#</cfoutput>: Current recipe published: <strong><cfoutput>#getOnlySelected['name']["#i#"]#</cfoutput></strong><br />
Choose New:
<cfselect name="position#i#" query="allRecipes" value="id" display="name" queryPosition="below" selected="#getOnlySelected['id']['#i#']#">
<option value="">-Select-</option>
</cfselect>
</li>
</cfloop>
而表單提交查詢:
<cfquery datasource="#request.db#">
UPDATE tblrecipes
SET homepage_order = 0
WHERE 1=1
</cfquery> //This query resets all the order values
<cfif IsNumeric(form.position1)>
<cfquery name="updateOrder1" datasource="#request.db#">
UPDATE tblrecipes
SET homepage_order = 1
WHERE id = #form.position1#
</cfquery>
</cfif>
<cfif IsNumeric(form.position2)>
<cfquery name="updateOrder2" datasource="#request.db#">
UPDATE tblrecipes
SET homepage_order = 2
WHERE id = #form.position2#
</cfquery>
</cfif>
<cfif IsNumeric(form.position3)>
<cfquery name="updateOrder3" datasource="#request.db#">
UPDATE tblrecipes
SET homepage_order = 3
WHERE id = #form.position3#
</cfquery>
</cfif>
<cfif IsNumeric(form.position4)>
<cfquery name="updateOrder4" datasource="#request.db#">
UPDATE tblrecipes
SET homepage_order = 4
WHERE id = #form.position4#
</cfquery>
</cfif>
這裏是表單數據的例子轉儲。每個位置的值都是正確的。
FIELDNAMES POSITION1,POSITION2,POSITION3,POSITION4,SUBMIT
POSITION1 81
POSITION2 82
POSITION3 80
POSITION4 78
SUBMIT Update Order
查詢結果看起來是一樣的,前後表單提交後
HOMEPAGE_ORDER ID NAME
1 81 Okonomiyaki
1 82 Apple Chutney Cubes
1 80 Asparagus for the Family
1 78 Coconut Curry Sauce Cubes
CACHED false
EXECUTIONTIME 0
SQL SELECT * FROM allRecipes WHERE homepage_order > 0 ORDER BY homepage_order
**在查詢中使用[cfqueryparam](http://cfdocs.org/cfqueryparam)!** –
+100 for cfqueryparam!切勿將用戶提交的數據直接放入查詢中,而無需以某種方式清除它(這是cfqueryparam的一部分)。這只是要求一個SQL注入攻擊。 – Sharondio
你是對的,我通常會這樣做。 –