拜託,我試圖在那裏進行了更改,以數量數據庫的更新,但我需要一個嚮導,其中的變化更新僅到換做是做。試圖以更新的形式PHP數量變化
這是那裏的變化會做
<?
$pplresult = mysql_query("SELECT * FROM repplac");
echo "<table border='1'><tr><th> SHOP NAME</th><th> PRODUCT NAME</th><th>
PRODUCT SIZE</th><th> PRODUCT COLOUR</th><th> PRODUCT QUANTITY</th><th>
PRICE</th><th> </th></tr>";
while($row = mysql_fetch_assoc($pplresult)){?>
<form action='updatepplac.php' method='Post' class='slistbar'>
<?echo "<tr><td>" .$row['Sname'] ."</td><td>" .$row['Pname'] ."</td><td>" .$row['Psize'] ."</td><td>" .$row['Pcolour'] ."</td><td>" ."<input type='text' name='Pquantity' id='Pquantity' value='{$row['Pquantity']}' >" ."</td><td>" .$row['Price'] ."</td><td>" ?>
<a href="deleteproduct.php?del=<?php echo $row['Pidno'];?>">delete</a></td></tr><?php }
// table closing tag
?>
代碼和更新腳本
$submit = $_POST['submit'];
$pid = $_GET['del'];
$nPquantity = $_POST['Pquantity'];
//echo "$nPquantity";
//die();
if('POST' === $_SERVER['REQUEST_METHOD'])
{
$queryreg = mysql_query("
UPDATE repplac SET Pquantity='$nPquantity' ")or die(mysql_error());
}
你的腳本容易受到sql注入和XSS也mysql_error()會給當前表的攻擊者信息... – 2012-01-30 12:20:35