如何让这个脚本在发现 fname 和 lname 不存在时会弹出一条消息说他们从未登录过。
<?php
session_start();
include_once("connect.php");
date_default_timezone_set("America/Winnipeg");
$date = ("m-d-Y");
$timeout = date("g:i:s a");
if ("SELECT EXISTS(
SELECT *
FROM signin_out
WHERE
lname='" . $_POST['lastname'] . "'
AND fname='" . $_POST['firstname'] . "'
AND date='" . $date . "')"
) {
mysql_query("
UPDATE signin_out
SET timeout='" . $timeout . "'
WHERE
lname='" . $_POST['lastname'] . "'
AND fname='" . $_POST['firstname'] . "'
AND timeout=''
");
header("Location: ../index.html");
} else {
echo "<script type='text/javascript>'";
echo "alert('<p>Oops! You never signed in!</p><br><p>Please contact a
Librarian</p>');'";
echo "</script>'";
header('Location: ../index.php?notsignedin');
}
?>
这是一所高中的 Intranet 站点。
最佳答案
$sql = "SELECT COUNT(*) signedin FROM signin_out
WHERE lname = '" . mysql_real_escape_string($_POST['lastname']) . "'
AND fname = '" . mysql_real_escape_string($_POST['lastname']) . "'
AND date = '$date'";
$result mysql_query($sql) or die(myqsl_error());
$row = mysql_fetch_assoc($result);
if ($row['signedin'])) {
// update table
} else {
// Report not signed in
}
但是,您确实应该切换到 mysqli 或 PDO,这样您就可以使用参数化查询而不是连接字符串,这样您就不必担心转义它们。
关于php - 如果变量存在则更新,否则会回显错误消息?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/18554544/