-1
我剛開始學習php,並決定使用簡單的票務系統。我設法顯示一張門票列表,然後當用戶點擊門票ID時,我可以顯示將門票ID變量傳遞給網址的門票詳細信息。使用隱藏輸入傳遞變量
現在,更新票我已經創建了一個新的形式action="ctrl_client_edit_ticket.php" method="post"所以在這個文件中,我可以執行數據庫查詢,更新車票。
的問題是,我必須使用_POST售票ID分配到一個新的變量。所以我想也許我可以創建一個隱藏的領域形式<input type="hidden" name="ticketid" value="<?php echo $ticket_id ?>">
它正在工作,但我真的不知道這是否是最好和更安全的方法來做這個操作。
非常感謝
這是代碼。
這是文件client_view_ticket.php在那裏我展現給用戶的所有車票。
<?php
$view_ticket_query = mysqli_prepare($conn, "SELECT ticket_id, ticket_subject, ticket_status, ticket_time_stamp FROM user_tickets WHERE ticket_user_id= ? ");
$view_ticket_query -> bind_param("i", $userid);
$view_ticket_query -> execute();
$view_ticket_query -> bind_result($ticket_id, $ticket_subject, $ticket_status, $ticket_time_stamp);
while($view_ticket_query -> fetch())
{
// set ticket's colors
if ($ticket_status == "Aperto"){
$tcolor = "<span class='label label-lg label-success'>";
}else if ($ticket_status == "Chiuso"){
$tcolor = "<span class='label label-lg label-danger'>";
}else if ($ticket_status == "In Lavorazione"){
$tcolor = "<span class='label label-lg label-info'>";
}
echo '
<tr>
<td><a href="client_edit_ticket.php?id='.$ticket_id.'"> '.$ticket_id.'</a></td>
<td><a href="client_edit_ticket.php?id='.$ticket_id.'"> '.$ticket_subject.'</a></td>
<td>'.$ticket_time_stamp.'</td>
<td>'.$tcolor.'' .$ticket_status. '</span></td>
</tr>
';
}
$view_ticket_query -> close();
?>
這是文件client_edit_ticket.php
<?php
// Prelevo l'id del ticket dall'url e lo passo ad una variabile
$ticket_id = $_GET['id'];
// Query al database per prendere i dati del ticket
$view_ticket = mysqli_prepare($conn, "SELECT ticket_subject, ticket_body, ticket_user_first, ticket_user_last, ticket_user_email, ticket_time_stamp, ticket_status, ticket_priority FROM user_tickets WHERE ticket_id= ? ");
$view_ticket -> bind_param("i", $ticket_id);
$view_ticket -> execute();
$view_ticket -> bind_result($ticket_subject, $ticket_message, $ticket_user_first, $ticket_user_last, $ticket_user_email, $ticket_created_time, $ticket_status, $ticket_priority);
$view_ticket -> fetch();
$view_ticket -> close();
// Coverto la data di creazione del ticket in un formato europeo
$new_ticket_date = date('d-m-Y', strtotime($ticket_created_time));
?>
<form class="form-group" action="controllers/ctrl_client_edit_ticket.php" method="post">
<!-- hidden input for ticket id -->
<input type="hidden" name="ticketid" value="<?php echo $ticket_id ?>">
<div class="row">
<div class="col-xs-12">
<h3>
<i class="icon-action-redo"></i> Messaggio di risposta</h3>
<textarea class="ticket-reply-msg" row="10"></textarea>
</div>
</div>
<div class="row">
<div class="col-md-4">
<h3 class="ticket-margin">
<i class="icon-info"></i> Aggiorna Priorità</h3>
<select class="ticket-status" name="ticketpriority">
<option value="Bassa" selected>Bassa</option>
<option value="Media">Media</option>
<option value="Alta">Alta</option>
<option value="Urgente">Urgente</option>
<option value="Critica">Critica</option>
</select>
</div>
</div>
<button class="btn btn-square uppercase bold green" type="submit">Aggiorna</button>
</form>
這是文件ctrl_client_edit_ticket.php
$ticket_id = $_POST['ticketid'];
$ticket_priority = check_input($_POST['ticketpriority']);
if ($ticket_update_query = mysqli_prepare($conn, "UPDATE user_tickets SET ticket_priority= ? WHERE ticket_id= ? ")) {
/* bind parameters for markers */
mysqli_stmt_bind_param($ticket_update_query, 'si', $ticket_priority, $ticket_id);
/* execute query */
mysqli_stmt_execute($ticket_update_query);
echo "ticket aggiornato";
} else{
echo "ticket non aggiornato";
}
?>
yeah分享一些更多的代碼 – Blueblazer172
分享真實的代碼,或者這個問題會很快關閉 – RiggsFolly
嗨,歡迎來到這個網站,歡迎來到網絡編程的樂趣!我不確定這個問題,因爲它現在非常適合這個網站,因爲它要求對於處理特定任務的最佳方式提出相當廣泛的意見。我建議通過[幫助]中的介紹頁面瞭解本網站的目標是什麼樣的問題。 – IMSoP