第七色在线视频,2021少妇久久久久久久久久,亚洲欧洲精品成人久久av18,亚洲国产精品特色大片观看完整版,孙宇晨将参加特朗普的晚宴

為了賬號安全,請及時綁定郵箱和手機立即綁定
已解決430363個問題,去搜搜看,總會有你想問的

僅執(zhí)行插入時無法更新城市

僅執(zhí)行插入時無法更新城市

PHP
MMMHUHU 2024-01-19 17:17:08
<?phpsession_start();include_once 'DBconfig.php';extract($_GET);$CityName = $_POST['CityName'];if (isset($CityID)){    $sql = "UPDATE city SET CityName = '$CityName', Modified = NOW() WHERE city.CityID = $CityID;";}else{    $sql = "INSERT INTO city (CityID, CityName, Created, Modified) VALUES (NULL, '$CityName', NOW(), NOW());";}$result = mysqli_query($con, $sql);if ($result){    header('location: ListCity.php');}else{    header('location: AddEditCity.php');}?>僅執(zhí)行插入塊更新不起作用 $CityID 變量來自提取函數(shù),因此沒有命名約定問題無法解決它請幫助
查看完整描述

1 回答

?
哈士奇WWW

TA貢獻1799條經(jīng)驗 獲得超6個贊

您正在從 中提取$_GET(這始終是要避免的),然后$CityName從 中獲取$_POST。這是不一致的,因為請求不能同時是 GET 和 POST。它肯定必須是 POST 請求,否則插入根本無法工作。正如所評論的,您應(yīng)該使用準(zhǔn)備好的語句來避免 SQL 注入攻擊:


<?php

session_start();

include_once 'DBconfig.php';


$CityName = $_REQUEST['CityName'];    

if (isset($_REQUEST['CityID']))

{

    $CityID = $_REQUEST['CityID'];

    $sql = "UPDATE city SET CityName = ?, Modified = NOW() WHERE city.CityID = ?";

    $stmt = mysqli_prepare($con, $sql);

    mysqli_stmt_bind_param($stmt, "si", $CityName, $CityID);

}

else

{

    $sql = "INSERT INTO city (CityID, CityName, Created, Modified) VALUES (NULL, ?, NOW(), NOW())";

    $stmt = mysqli_prepare($con, $sql);

    mysqli_stmt_bind_param($stmt, "s", $CityName);

}


$result = mysqli_stmt_execute($stmt);

if ($result)

{

    header('location: ListCity.php');

}

else

{

    header('location: AddEditCity.php');

}


查看完整回答
反對 回復(fù) 2024-01-19
  • 1 回答
  • 0 關(guān)注
  • 147 瀏覽

添加回答

舉報

0/150
提交
取消
微信客服

購課補貼
聯(lián)系客服咨詢優(yōu)惠詳情

 幫助反饋 APP下載

慕課網(wǎng)APP
您的移動學(xué)習(xí)伙伴

 公眾號

掃描二維碼
關(guān)注慕課網(wǎng)微信公眾號