所以我试图有一个页面,通过从数据库填充的下拉菜单(工作)它调用要修改的所需数据集。我已经实现了 SQL 注入(inject)保护,填充下拉菜单并显示所需的数据集。我怎么也不知道如何提交已更改的数据。没有出现任何错误,似乎什么也没有发生。我已经检查了数据库,以确保数据值实际上没有被更改,而且也没有被更改。任何帮助将不胜感激!
table8.php
<html>
<head>
<script>
function showUser(str) {
if (str=="") {
document.getElementById("txtDisp").innerHTML="";
return;
}
if (window.XMLHttpRequest) {
// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
} else { // code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function() {
if (xmlhttp.readyState==4 && xmlhttp.status==200) {
document.getElementById("txtDisp").innerHTML=xmlhttp.responseText;
}
}
xmlhttp.open("GET","getuser3.php?q="+str,true);
xmlhttp.send();
}
</script>
</head>
<body>
<form method="post" action="localhost/table8.php">
<select name="users" onchange="showUser(this.value)">
<option value="">Select a person:</option>
<?php
$con=mysqli_connect("localhost","user","password","database");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,"SELECT * FROM users");
while($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['id'] . "'>" . $row['uname'] . "</option>";
mysqli_close($con);
}
?>
</select>
</form>
<br>
<div id="txtDisp"><b>Person info will be listed here.</b></div>
</body>
</html>
getuser3.php
<?php
$q = intval($_GET['q']);
$con=mysqli_connect("localhost","user","password","database");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql = "SELECT * FROM users WHERE id = " . $q . "";
$result1 = mysqli_query($con,$sql);
echo "<table border='1'><tr><th>Username</th><th>E-Mail</th><th>Info 1</th></tr>";
echo "<form action=\"localhost/insertgetuser.php\" method=\"post\">";
while($row1 = mysqli_fetch_array($result1, MYSQLI_ASSOC)) {
echo "<tr>";
echo "<td><input type=\"text\" name=\"uname\" value=" . $row1['uname'] . "></td>";
echo "<td>" . $row1['email'] . "</td>";
echo "<td>" . $row1['info1'] . "</td>";
echo "</tr>";
}
echo "<input type=\"submit\">";
echo "</form>";
echo "</table>";
mysqli_close($con);
?>
插入getuser.php
<?php
$con=mysqli_connect("localhost","user","password","database");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$uname = mysqli_real_escape_string($con, $_POST['uname']);
$email = mysqli_real_escape_string($con, $_POST['email']);
$info1 = mysqli_real_escape_string($con, $_POST['info1']);
$sql="UPDATE INTO users (uname, email, info1)
VALUES ('$uname', '$email', '$info1')";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
echo "1 record added";
mysqli_close($con);
?>
最佳答案
<form method="post" action="localhost/insertgetuser.php">
看起来不对,可能您想发布到 instertgetuser.php (我怀疑是否需要 localhost 部分):
<form method="post" action="insertgetuser.php">
关于php - 通过 mysql 更新 ajax 嵌入 php 页面中的调用数据(没有出现错误),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25353600/