编辑mysql数据库表中的预先存在的数据
问题描述:
编辑数据并将其存储在数据库中时遇到问题。我有一个表单正在加载patient_details表中的数据并显示在页面上的html表格中。我已经做到了,因此数据库的每个字段都有文本框,因此用户可以选择更改数据,然后单击按钮将数据发送到数据库,然后重新显示页面。我的问题在于当我单击按钮时,记录不保存到数据库,因此不显示在表中。我花了几个小时看着这一点,似乎不明白为什么它不会工作。我设法将信息添加到单独的表格中,然后将数据显示在页面上,但编辑时会有所不同。我认为这可能是我的数据库的问题,但我不太确定。编辑mysql数据库表中的预先存在的数据
继承人我的代码:
****updateUsers.php*****
<html>
<head>
<title>Current Patients</title>
<head>
<meta charset='utf-8' />
<link href='../fullcalendar.css' rel='stylesheet' />
<link href='../fullcalendar.print.css' rel='stylesheet' media='print' />
<script src='../lib/moment.min.js'></script>
<script src='../lib/jquery.min.js'></script>
<script src='../lib/jquery-ui.custom.min.js'></script>
<script src='../fullcalendar.min.js'></script>
</head>
<body>
<?php
$con = mysql_connect('localhost', 'root', 'password');
if (!$con) {
die("Cannot connect" . mysql_error());
}
mysql_select_db('DoctorScheduler');
if (isset($_POST['submit']) && $_POST['submit'] == 'updatePatients') {
$updatePatientsDetailsQuery = "UPDATE patients_details SET patient_id='$_POST[patient_id]', patient_surname='$_POST[patient_surname]', patient_forename='$_POST[patient_forename]', patient_dob='$_POST[patient_dob]', patient_doctor='$_POST[patient_doctor]', phone_num='$_POST[patient_number]', patient_email='$_POST[patient_email]', patient_address='$_POST[patient_address]' WHERE patient_id='$_POST[hidden] ' ";
$patientRecords =mysql_query($updatePatientsDetailsQuery);
}
$sql = "SELECT * FROM patients_details";
$records=mysql_query($sql);
// <a href="form1.php"> Request an Appointment </a>
echo "<table border=1>";
echo "<tr>";
echo "<th>ID</th>";
echo "<th>Surname</th>";
echo "<th>Forename</th>";
echo "<th>Date of Birth</th>";
echo "<th>Doctor</th>";
echo "<th>Phone Number</th>";
echo "<th>Email</th>";
echo "<th>Address</th>";
echo "</tr>";
while($currentPatients = mysql_fetch_assoc($records)) {
echo "<form action=updateUsers.php method=post>";
echo "<tr>";
echo "<td>" . "<input type=hidden name=patient_id value=" . $currentPatients['patient_id'] . " </td>";
echo "<td>" . "<input type=text name=patient_surname value=" . $currentPatients['patient_surname']." </td>";
echo "<td>" . "<input type=text name=patient_forename value=" . $currentPatients['patient_forename'] . " </td>";
echo "<td>". "<input type=text name=patient_dob value=" . $currentPatients['patient_dob'] . " </td>";
echo "<td>". "<input type=text name=patient_doctor value=" . $currentPatients['patient_doctor'] . " </td>";
echo "<td>". "<input type=text name=patient_num value=" . $currentPatients['patient_num'] . " </td>";
echo "<td>". "<input type=text name=patient_email value=" . $currentPatients['patient_email'] . " </td>";
echo "<td>". "<input type=text name=patient_address value=" . $currentPatients['patient_address'] . " </td>";
echo "<td>" . "<input type='submit' name='updatePatients' value='Update Patients' onclick='updateDatabase()'" . " </td>";
echo "</tr>";
echo "</form>";
} // end of while
echo "</table>";
?>
<script>
function updateDatabase() {
var xmlhttp;
xmlhttp=new XMLHttpRequest();
xmlhttp.open("GET", "updateData.php?patient_surname=" + document.getElementById("patient_surname").value +
"&patient_forename="+document.getElementById("patient_forename").value + "&patient_dob="+document.getElementById("patient_dob").value +
"&patient_doctor="+document.getElementById("patient_doctor").value + "&patient_num="+document.getElementById("patient_num").value +
"&patient_email="+document.getElementById("patient_email").value + "&patient_address="+document.getElementById("patient_address").value,false);
xmlhttp.send(null);
}
</script>
</body>
****updataData.php******
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/html4/loose.dtd">
<html>
<head>
<title> updateData </title>
<meta http-equiv="Content Type" content="text/html"; charset="UTF-8">
</head>
<body>
<?php
$patient_surname=$_GET['patient_surname'];
$patient_forename=$_GET['patient_forename'];
$patient_dob=$_GET['patient_dob'];
$patient_doctor=$_GET['patient_doctor'];
$patient_num=$_GET['patient_num'];
[enter image description here][1]$patient_email=$_GET['patient_email'];
$patient_address=$_GET['patient_address'];
mysql_connect("localhost", "root", "password");
mysql_select_db("DoctorScheduler");
mysql_query("insert into patients_details values('$patient_surname', '$patient_forename', '$patient_dob', '$patient_doctor', '$patient_num', '$patient_email', '$patient_address')");
?>
</body>
</html>
答
所有这些表达式,如:
... "UPDATE patients_details SET patient_id='$_POST[patient_id]' ....
会导致N “未知变量patient_id” 和类似的错误。它应该是:
... "UPDATE patients_details SET patient_id='" . $_POST['patient_id'] . "' ....
的expresion $_POST[patient_id]是错误的,只要patient_id没有被定义为常量(这不是我假设)。
它必须是$_POST['patient_id'](请注意引号),并且因为您在转义引号中丢失了,否则请使用字符串连接器.代替;
编辑
如果发出像insert into patients_details values('?未给出字段名的SQL语句,就必须有在该表中的所有列的值,该值在定义顺序给出这些列。否则,请使用以下语法:
insert into patients_details (field1, field2) values ('one', 'two');
我的朋友,不要使用'mysql_'函数,它们已被弃用,并且在PHP 7上被删除。它们效率低下并且有很多漏洞。考虑将它们改为'mysqli_',或者更好的'PDO'对象。 –
您可能会避免的另一件事是在您的查询中插入直接的'$ _POST'变量。这很危险。恶意的SQL代码可以通过用户输入注入,破坏数据库模式。 –
只是粗略的一瞥,但你应该有更新不插入 – Mihai