开发者

php MySql UPDATE not working?

问答 作者:

I have this form which contain dynamic table:

<form action="<?php echo $editFormAction;?>" method="post" name="form1">
<input type="hidden" value="<?php echo (int) $_GET['a'];?>" name="pat_id">
<table>
<tr>
<th>#</th>
<th>ORDER DESC</th>
<th>STATUS</th>
<th>SENDING DATE</th>
<th>DELIVERING NO</th>
<th>DELIVERING DATE</th>
<th>COMMENT</th>
</tr>
<?php do { ?>
<tr>
  <td><?php echo $row_medi['order_no']; ?></td>
  <td><?php echo $row_medi['ORDER_DESC']; ?></td>
  <td><select name="mydropdown[<?php echo $row_medi['order_no']; ?>]"><option value开发者_运维问答="Undelivered">Undelivered</option><option   value="Delivered">Delivered</option></select></td>
  <td><?php $sqldate=date('d-m-Y',strtotime($row_medi['SENDING_DATE']));
            echo $sqldate; ?></td>
  <td><?php echo $row_medi['DELIVERING_NO']; ?></td>
  <td><?php $sqldate=date('d-m-Y',strtotime($row_medi['DELIVERING_DATE']));
            echo $sqldate; ?></td>
  <td><?php echo $row_medi['COMMENT']; ?></td>
</tr>
<?php } while ($row_medi = mysql_fetch_assoc($medi)); ?>
</table>
<input type="submit" value="Save" />
<input type="hidden" name="MM_insert" value="form1">
</form>

as you see there is a dropdown menu with each row and I want to update the hole row with selected value from any of this dropdown menu. There is no error msg appear but after clicking save button the selected row doesn't updated ?? this is UPDATE code:

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$pat_id = (int) $_POST['pat_id'];
$updateSQL = sprintf("UPDATE orders SET STATUS=%s, pat_id=%s WHERE order_no=%s",
                   GetSQLValueString($_POST['mydropdown'], "text"),
                   GetSQLValueString($_POST['pat_id'], "int"),
                   GetSQLValueString($_POST['order_no'], "int"));

mysql_select_db($database_PPS, $PPS);
$Result1 = mysql_query($updateSQL, $PPS) or die(mysql_error());

$updateGoTo = "Pharmacy.php?a=$pat_id";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}

First you should check the whole code for security issues, but this could be done in a second step. Try to always use ints and cast the result as an expected int. For $pat_id, and on the view script instead of <?php echo $_GET['a'];?> do <?php echo (int) $_GET['a'];?>. But this is another problem.

$pat_id is not initialized on you server side code, but maybe you missed it in the copy/paste, else you'll need to do a:

$pat_id = (int) $_POST['pat_id'];

If I understand well you have several rows, each having a dropdown. You need to identify each dropdown with a distinct name for each row. So instead of :

<select name="mydropdown">

You should have

<select name="mydropdown[<?php echo $row_medi['order_no']; ?>]">

So that in each row you'll get something like:

<tr><td>42</td>(...)<select name="mydropdown[42]">(...)</tr>
<tr><td>43</td>(...)<select name="mydropdown[43]">(...)</tr>

And in the server side you'll get in $_POST['mydropdown'] an array of values, with the order_no as index. Else $_POST['mydropdown'] contains maybe the last select value only. After that I do not understand exactly what want to do, but you may need to do several updates, one for each order_no.

EDIT: This is your current lastest version of the code:

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) { 
    mysql_select_db($database_PPS, $PPS);
    $pat_id = (int) $_POST['pat_id'];
    foreach ($_POST['mydropdown'] as $order_no => $choice) {
        $updateSQL = sprintf("UPDATE orders SET STATUS=%s, pat_id=%s WHERE order_no=%s", 
            GetSQLValueString($_POST['mydropdown'],"text"),
            GetSQLValueString($_POST['pat_id'], "int"),
            GetSQLValueString($_POST['order_no'],"int"));
        $Result1 = mysql_query($updateSQL, $PPS) or die(mysql_error()); 
    }
}

This is what I would write, now this does maybe not deserve a Stck Overflow question, maybe just read your code in a quiet envirronment and think carefully about what you want and what you have (use print_r($_POST);die('aaarg'); to debug) :

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) { 
    mysql_select_db($database_PPS, $PPS);
    $pat_id = (int) $_POST['pat_id'];
    foreach ($_POST['mydropdown'] as $order_no => $choice) {
        $updateSQL = sprintf("UPDATE orders SET STATUS=%s, pat_id=%s WHERE order_no=%s", 
            GetSQLValueString($choice,"text"),
            GetSQLValueString($pat_id, "int"),
            GetSQLValueString($order_no,"int"));
        $Result1 = mysql_query($updateSQL, $PPS) or die(mysql_error()); 
    }
}

继续阅读:formsphp

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9