1. 首頁
  2. 問答
  3. PHP和MySQL:插入選擇錯誤的$行

PHP和MySQL:插入選擇錯誤的$行

2014-01-16 30 views
0

我需要幫助我的小腳本。 你看,當我按$_POST['accept_req']它不會選擇我想要的$req_user$row['username'])。它要麼選擇上面的行或下面的行,我不知道該怎麼做。

$requests = mysql_query("SELECT * FROM `party_requests` WHERE party_id = '$get_party_id'"); 

while ($row = mysql_fetch_array($requests, MYSQL_ASSOC)){ 

    $req_user = mysql_real_escape_string($row['username']); 

    if(isset($_POST['accept_req'])){ 
     $query = mysql_query("INSERT INTO party_members (`party_id`, `username`) VALUES ('".$get_party_id."', '".$req_user."')") or die("Could not be completed."); 
     $result = mysql_query($query); 
     mysql_query("DELETE FROM party_requests WHERE party_id = '$get_party_id' AND username = '$req_user' "); 
     header("Location: ". $_SERVER['REQUEST_URI']); 
     exit; 
    } 

    echo "<p>", $req_user, "<form action='' method='post'>", "<input type='submit' name='accept_req' value='Accept'/>", "</form>" ,"</p>"; 

}

我知道mysql_*已被棄用,請忽略它。

來源

2014-01-16 user3204337

+0

什麼'$ req_username'?它不在你的代碼中。 –

+0

對於從數據庫中檢索的值,您不需要使用'mysql_real_escape_string'。這應該已經是安全的了。 – MueR

+0

你的'$ result'基本上是'mysql_query(mysql_query(....));' – Jompper

回答

0

你可以這樣做。

$requests = mysql_query("SELECT * FROM `party_requests` WHERE party_id = '$get_party_id'"); 

while ($row = mysql_fetch_array($requests, MYSQL_ASSOC)) 
{ 
    $req_user =$row['username']; 
} 

if(isset($_POST['accept_req']) and isset($req_user)) 
{ 
    $query = mysql_query("INSERT INTO party_members (`party_id`, `username`) VALUES ('".$get_party_id."', '".$req_user."')") or die("Could not be completed."); 
    $result = mysql_query($query); 
    mysql_query("DELETE FROM party_requests WHERE party_id = '$get_party_id' AND username = '$req_user' "); 
    header("Location: ". $_SERVER['REQUEST_URI']); 
    exit; 
    } 

echo "<p>", $req_user, "<form action='' method='post'>", "<input type='submit' name='accept_req' value='Accept'/>", "</form>" ,"</p>";

或這樣:

if(isset($_POST['accept_req'])) 
{ 
    $requests = mysql_query("SELECT * FROM `party_requests` WHERE party_id = '$get_party_id'"); 
    while ($row = mysql_fetch_array($requests, MYSQL_ASSOC)) 
    { 
     $req_user =$row['username']; 
    } 

    $query = mysql_query("INSERT INTO party_members (`party_id`, `username`) VALUES ('".$get_party_id."', '".$req_user."')") or die("Could not be completed."); 
    $result = mysql_query($query); 
    mysql_query("DELETE FROM party_requests WHERE party_id = '$get_party_id' AND username = '$req_user' "); 
    header("Location: ". $_SERVER['REQUEST_URI']); 
    exit; 
} 

    if(mysql_num_rows($requests)){ //If there isn't any results it outputs "No requests" 
echo "<p>", $req_user, "<form action='' method='post'>", "<input type='submit' name='accept_req' value='Accept'/>", "</form>" ,"</p>"; 
}else{ 
    echo "No requests"; 
}

來源

2014-01-16 21:35:43 Aljie

+0

謝謝,作品不錯:-) – user3204337

0

的SELECT語句外

if(isset($_POST['accept_req'])){...}

因此代碼檢索錯誤的ID。你需要把它放在if語句中,如果我理解你正在嘗試做什麼

來源

2014-01-16 21:31:32 tnash

相關問題

 相關問題