我的变量sqlConditions只能在用户输入该字段的文本时追加。我把“if(isset($ _ POST ['example']))”来检查这个,但是这似乎并没有阻止每个变量追加。如果语句在mysql/php脚本中被忽略了?
例如:如果用户只在 “姓” 字段中插入文本中,$ query变量应该返回:
UPDATE students SET lastname = whateveruserputin
但是,它看起来像这样:
UPDATE students SET lastname = test , firstname = , major = , gpa =
哪有我解决这个问题!?我真的很想让这个代码工作。提前致谢。
代码:
//connect to server
if(isset($_POST['submit']))
{
$id=$_POST['id'];
$lastname=$_POST['lastname'];
$firstname=$_POST['firstname'];
$color=$_POST['color'];
$number=$_POST['number'];
//need id to be filled and need at least one other content type to change
if(empty($id) || empty($lastname) and empty($firstname) and empty($color) and empty($number))
{
echo "<font color='red'>Invalid Submission. You did not enter an ID or did not input an additional form element. </font><br/>";
}
else // if all the fields are filled (not empty)
{
$sqlConditions = array();
if(isset($_POST['lastname'])){
$lastName = filter_var($_POST['lastname'], FILTER_SANITIZE_STRING);
$sqlConditions[] = 'lastname = ' . $lastName;
} else {
$lastName = '';
}
if(isset($_POST['firstname'])){
$firstName = filter_var($_POST['firstname'], FILTER_SANITIZE_STRING);
$sqlConditions[] = 'firstname = ' . $firstName;
} else {
$firstName = '';
}
if(isset($_POST['color'])){
$color = filter_var($_POST['color'], FILTER_SANITIZE_STRING);
$sqlConditions[] = 'color = ' . $color;
} else {
$color = '';
}
if(isset($_POST['number'])){
$number = filter_var($_POST['number'], FILTER_SANITIZE_STRING);
$sqlConditions[] = 'number = ' . $number;
} else {
$number= '';
}
print $sqlConditions;
$query = 'UPDATE students SET ' . join (' , ', $sqlConditions);
print $query;
insert data to database
//$query = mysql_query("UPDATE students SET lastname = '$lastname', firstname = '$firstname', color = '$color', number = '$number'
//WHERE id = '$id'");
//if (!query)
//{
//die('Error: ' . mysql_error());
//}
// Close connection to the database
mysql_close($con);
}
}
...让我回来...... – djdy
变量可以* set *但包含一个空字符串。 – webbiedave