发布于2022-01-25 13:55 阅读(474) 评论(0) 点赞(24) 收藏(4)
我正在制作订购单,所有产品的数据都存储在 MySQL 数据库中。有一个包含 10 个项目的菜单页面,每个项目都有自己的数量(数量)下拉列表。
我正在使用 PHP 生成 HTML 表单元素(例如输入文本字段)并显示项目。
数据库已重新设计:Table1= User_Orders,Table2= Product_Data
显示产品信息和连接 MySQL 的所有代码都正常工作
我的显示代码:
form action="process.php" method="POST" name="menu"
//PHP
$system = 'SELECT * FROM products ORDER BY id ASC';
if(!$result2=mysql_query($system)){
die('Error encountered. MySQL said: '.mysql_error());
}
while ($rows2 = mysql_fetch_array($result2))
{
$id=$rows2['id'];
$gitem=$rows2['item'];
$gdesc=$rows2['description'];
$menu='<input name="qty1" type="text" class="textfield" id="qty1" value="'. $gitem .'" size="25"/>
<textarea name="desc1" cols="10" rows="3" class="textfield" id="desc1" style="width: 222px; height: 51px;">'.$gdesc .'</textarea>';
echo $menu; }
//END PHP, restart HTML
</form >
我的提交代码
//PHP
$submit=$_POST['submit'];
$sitem=$_POST['qty1'];
$sdesc=$_POST['desc1'];
$sql = "UPDATE products SET item='$sitem' ,description='$sdesc' , WHERE `id`='".mysql_escape_string($id)."'";
if($submit) //submit button is pressed
{
mysql_query($sql);
}
问题: 当我提交表单时,仅更新最新/最新行(具有最高 ID 的行)。其他字段不受影响。
我对为什么会发生的想法: 我注意到文本字段都共享相同的名称。这是因为 PHP 生成了 HTML。
问题: 如何使用生成的 PHP 使每个文本字段都有自己的唯一名称?(例如,数量 1、数量 2)。
我的研究 我考虑过使用数组:qty[]
http://www.shotdev.com/php/php-form/php-input-multiple-textbox/comment-page-1/#comment-42091
请帮帮我,我卡住了。
李
好的,首先,您没有将项目 ID 传递到表单中,因此它知道要实际更新的项目。
让我看看我能在这里做什么:
while ($rows2 = mysql_fetch_array($result2))
{
$id=$rows2['id'];
$gitem=$rows2['item'];
$gdesc=$rows2['description'];
$menu='<input name="qty[' . $id . ']" type="text" class="textfield" id="qty1" value="'. $gitem .'" size="25"/>
<textarea name="desc[' . $id . ']" cols="10" rows="3" class="textfield" id="desc1" style="width: 222px; height: 51px;">'.$gdesc .'</textarea>';
echo $menu;
}
这应该在提交时返回 2 个数组,qty
并且desc
,每个条目的键等于数据库中的 id。
然后在检查提交时:
if($_POST['submit']) //Wanna check this first off, checks whether or not form has been submitted, don't want to do anything at all concerning processing the submission if the form hasn't been sumbitted, probably better to do if(isset($_POST['submit'])) rather than checking directly.
{
$qty = $_POST['qty']; //These two variable declarations assign the two form field arrays into easier to type/identify variable names, might want a little additional error checking to at least make sure that these are arrays with is_array() before going into the foreach loop.
$desc = $_POST['desc'];
//Loop through each entry from the form, UPDATE entries in database that correspond to array keys
foreach($qty as $key => $value) //Set up a loop on the $qty array from the form as array $key and $value and iterate through each entry in the array, the array keys should be the same item id from the DB that corresponds to both qty and desc value entries
{
$sitem = mysql_real_escape_string($value); //Escape $qty[$key] ($value) textfield input from form, put it in an easy to type variable. Note also, mysql_real_escape_string requires an active mysql connection to have been previously established elsewhere. mysql_escape_string() which you were using is depreciated, mysql_real_escape_string() is better.
$sdesc = mysql_real_escape_string($desc[$key]); //Escape $desc[$key] textarea input from form, put it in an easy to type variable. Since the keys should match, you can reach outside the foreach into $desc for it.
$id = mysql_real_escape_string($key); //Escape $key (id) from form, in case of malicious live html editing, might be best to cast to (int) instead like $id = (int)$key since id should always be an int.
$sql = "UPDATE `products` SET `item` = '$sitem', `description` = '$sdesc' WHERE `id` = $id LIMIT 1"; //Construct SQL query from escaped variables. Backticks around field and table names are pretty standard formal syntax. LIMIT 1 speeds up the query and reduces db server load because it will stop when it finds a matching WHERE condition rather than continuing to look for more, and there should only be a single matching id field, so no reason to continue to look for more.
mysql_query($sql); //Execute Query
}
}
哦,这是使用 PDO 执行此操作以提高安全性的代码:
if($_POST['submit']) //Wanna check this first off
{
$qty = $_POST['qty'];
$desc = $_POST['desc'];
$dsn="mysql:dbname=whateveryourdbisnamed;host=localhost"; //Of course change values to appropriate ones
$dbh = new PDO($dsn,"mysqlusername","mysqlpassword"); //Connect to DB. Might want some error checking to make sure it connected.
foreach($qty as $key => $value)
{
$sql = "UPDATE `products` SET `item` = :item, `description` = :desc WHERE `id` = :id LIMIT 1";
$stmt = $dbh->prepare($sql);
$stmt->bindParam(":item",$value,PDO::PARAM_INT); //Note: Not sure if item is a number of not. If a string of any length, change it to next line
//$stmt->bindParam(":item",$value,PDO::PARAM_STR,128); //Note, change last parameter to set max length of string
$stmt->bindParam(":desc",$desc[$key],PDO::PARAM_STR,256); //Change last parameter to set max length of desc, or remove if no max length
$stmt->bindParam(":id",$key,PDO::PARAM_INT);
$stmt->execute(); //Execute query
}
}
作者:黑洞官方问答小能手
链接:http://www.qianduanheidong.com/blog/article/295554/43cd5ce4d3b980427469/
来源:前端黑洞网
任何形式的转载都请注明出处,如有侵权 一经发现 必将追究其法律责任
昵称:
评论内容:(最多支持255个字符)
---无人问津也好,技不如人也罢,你都要试着安静下来,去做自己该做的事,而不是让内心的烦躁、焦虑,坏掉你本来就不多的热情和定力
Copyright © 2018-2021 前端黑洞网 All Rights Reserved 版权所有,并保留所有权利。 京ICP备18063182号-3
投诉与举报,广告合作请联系vgs_info@163.com或QQ3083709327
免责声明:网站文章均由用户上传,仅供读者学习交流使用,禁止用做商业用途。若文章涉及色情,反动,侵权等违法信息,请向我们举报,一经核实我们会立即删除!