时间戳

首页 > 解决方案 > 单击按钮时如何仅更新 1 行而不是所有行

php - 单击按钮时如何仅更新 1 行而不是所有行

问题描述

我有一个包含多行的表。每行后面都有一个按钮,您可以单击以将数据库中的列 (baatinn) 从 0 更新为 1。但是,当您单击该按钮时,它将所有行从 0 更新为 1,而不是您单击按钮的行. 我怎么做,所以它只会更新你点击的行

数据库图片:

数据库

HTML:

<tr>
    <th>Båt ut</th>
    <th>Båt inn</th>
    <th>Båtnr</th>
    <th>Fornavn</th>
    <th>Etternavn</th>
    <th>Tid</th>
    <th>Kr</th>
    <th>Edit</th>
  </tr>

PHP:

$sql = "SELECT utleid, inntid, baatnr, fornavn, etternavn, tid, kr, baatinn     FROM utleie WHERE baatnr LIKE '%$sok%' or fornavn LIKE '%$sok%' or etternavn     LIKE '%$sok%' or tid LIKE '%$sok%' ORDER BY id desc";
$result = $conn-> query($sql);

if ($result-> num_rows > 0) {
    while ($row = $result-> fetch_assoc()) {
        ?>
        <tr>
            <td><?php echo $row["utleid"]; ?></td>
            <td><?php echo $row["inntid"]; ?></td>
            <td><?php echo $row["baatnr"]; ?></td>
            <td><?php echo $row["fornavn"]; ?></td>
            <td><?php echo $row["etternavn"]; ?></td>
            <td><?php echo $row["tid"]; ?></td>
            <td><?php echo $row["kr"]; ?></td>
            <td><form method="post" action="innlevering.php">
        <button name="edit" value="1">Edit</button>
</form></td>
        </tr>
        <?php 
    }
    echo "</table>";
} else {
    echo "0 results";
}
$conn-> close();

innlevering.php:

<?php
include_once 'dbconnect.php';

if ($_POST['edit']) {
   $conn->query("UPDATE utleie SET baatinn=1");
}
?>

标签: phpmysql

解决方案

为了帮助您解决注射问题,请参数化。它会是这样的(我使用 PDO,所以你需要仔细检查):

/functions/getUtleie.php

function getUtleie($so, $conn)
{
    $query = $conn->prepare("SELECT utleid, inntid, baatnr, fornavn, etternavn, tid, kr, baatinn FROM utleie WHERE baatnr LIKE ? or fornavn LIKE ? or etternavn LIKE ? or tid LIKE ? ORDER BY id desc");
    $so = "%{$so}%";
    $query->bind_param('ssss',$so, $so, $so, $so);
    $result = $query->execute();
    if($result->num_rows == 0)
        return [];

    while($row = $result->fetch_assoc()) {
        $data[] = $row;
    }

    return $data;
}

现在,当您使用它时,包含该功能,然后表单上的关键是使 id 在隐藏字段中:

# Fetch the data
$result = getUtleie($so, $conn);
# If there are any results
if(!empty($result)): ?>
    <table>
    <?php foreach($result as $row): ?>

        <tr>
            <td><?php echo $row["utleid"] ?></td>
            <td><?php echo $row["inntid"] ?></td>
            <td><?php echo $row["baatnr"] ?></td>
            <td><?php echo $row["fornavn"] ?></td>
            <td><?php echo $row["etternavn"] ?></td>
            <td><?php echo $row["tid"]; ?></td>
            <td><?php echo $row["kr"]; ?></td>
            <td>
                <form method="post" action="innlevering.php">
                    <input type="hidden" name="action" value="update_utleie" />
                    <input type="hidden" name="utleid" value="<?php echo $row["utleid"] ?>" />
                    <input type="text" name="val" />
                    <input type="submit" value="Edit" />
                </form>
            </td>
        </tr>

        <?php endforeach ?>

    </table>

<?php else: ?>

0 results

<?php endif ?>

提交表单后,您需要使用一个WHERE子句进行更新:

<?php
include_once 'dbconnect.php';
# Check to make sure the form was submitted
if(!empty($_POST['action'] && $_POST['action'] == 'update_utleie') {
    # Trim these. You should also check they aren't empty (especially the id)
    $id    = trim($_POST['utleid']);
    $value = trim($_POST['val']);
    $query = $conn->prepare("UPDATE `utleie` SET `baatinn` = ? WHERE `utleid` = ?");
    $query->bind_param('si', $value, $id);
    $query->execute();
}

无论如何,我还没有检查这些脚本,但它应该非常接近。至少应该为您指明正确的方向。

推荐阅读