-1
我刚开始学习php,并决定使用简单的票务系统。我设法显示一张门票列表,然后当用户点击门票ID时,我可以显示将门票ID变量传递给网址的门票详细信息。使用隐藏输入传递变量
现在,更新票我已经创建了一个新的形式action="ctrl_client_edit_ticket.php" method="post"所以在这个文件中,我可以执行数据库查询,更新车票。
的问题是,我必须使用_POST售票ID分配到一个新的变量。所以我想也许我可以创建一个隐藏的领域形式<input type="hidden" name="ticketid" value="<?php echo $ticket_id ?>">
它正在工作,但我真的不知道这是否是最好和更安全的方法来做这个操作。
非常感谢
这是代码。
这是文件client_view_ticket.php在那里我展现给用户的所有车票。
<?php
$view_ticket_query = mysqli_prepare($conn, "SELECT ticket_id, ticket_subject, ticket_status, ticket_time_stamp FROM user_tickets WHERE ticket_user_id= ? ");
$view_ticket_query -> bind_param("i", $userid);
$view_ticket_query -> execute();
$view_ticket_query -> bind_result($ticket_id, $ticket_subject, $ticket_status, $ticket_time_stamp);
while($view_ticket_query -> fetch())
{
// set ticket's colors
if ($ticket_status == "Aperto"){
$tcolor = "<span class='label label-lg label-success'>";
}else if ($ticket_status == "Chiuso"){
$tcolor = "<span class='label label-lg label-danger'>";
}else if ($ticket_status == "In Lavorazione"){
$tcolor = "<span class='label label-lg label-info'>";
}
echo '
<tr>
<td><a href="client_edit_ticket.php?id='.$ticket_id.'"> '.$ticket_id.'</a></td>
<td><a href="client_edit_ticket.php?id='.$ticket_id.'"> '.$ticket_subject.'</a></td>
<td>'.$ticket_time_stamp.'</td>
<td>'.$tcolor.'' .$ticket_status. '</span></td>
</tr>
';
}
$view_ticket_query -> close();
?>
这是文件client_edit_ticket.php
<?php
// Prelevo l'id del ticket dall'url e lo passo ad una variabile
$ticket_id = $_GET['id'];
// Query al database per prendere i dati del ticket
$view_ticket = mysqli_prepare($conn, "SELECT ticket_subject, ticket_body, ticket_user_first, ticket_user_last, ticket_user_email, ticket_time_stamp, ticket_status, ticket_priority FROM user_tickets WHERE ticket_id= ? ");
$view_ticket -> bind_param("i", $ticket_id);
$view_ticket -> execute();
$view_ticket -> bind_result($ticket_subject, $ticket_message, $ticket_user_first, $ticket_user_last, $ticket_user_email, $ticket_created_time, $ticket_status, $ticket_priority);
$view_ticket -> fetch();
$view_ticket -> close();
// Coverto la data di creazione del ticket in un formato europeo
$new_ticket_date = date('d-m-Y', strtotime($ticket_created_time));
?>
<form class="form-group" action="controllers/ctrl_client_edit_ticket.php" method="post">
<!-- hidden input for ticket id -->
<input type="hidden" name="ticketid" value="<?php echo $ticket_id ?>">
<div class="row">
<div class="col-xs-12">
<h3>
<i class="icon-action-redo"></i> Messaggio di risposta</h3>
<textarea class="ticket-reply-msg" row="10"></textarea>
</div>
</div>
<div class="row">
<div class="col-md-4">
<h3 class="ticket-margin">
<i class="icon-info"></i> Aggiorna Priorità</h3>
<select class="ticket-status" name="ticketpriority">
<option value="Bassa" selected>Bassa</option>
<option value="Media">Media</option>
<option value="Alta">Alta</option>
<option value="Urgente">Urgente</option>
<option value="Critica">Critica</option>
</select>
</div>
</div>
<button class="btn btn-square uppercase bold green" type="submit">Aggiorna</button>
</form>
这是文件ctrl_client_edit_ticket.php
$ticket_id = $_POST['ticketid'];
$ticket_priority = check_input($_POST['ticketpriority']);
if ($ticket_update_query = mysqli_prepare($conn, "UPDATE user_tickets SET ticket_priority= ? WHERE ticket_id= ? ")) {
/* bind parameters for markers */
mysqli_stmt_bind_param($ticket_update_query, 'si', $ticket_priority, $ticket_id);
/* execute query */
mysqli_stmt_execute($ticket_update_query);
echo "ticket aggiornato";
} else{
echo "ticket non aggiornato";
}
?>
yeah分享一些更多的代码 – Blueblazer172
分享真实的代码,或者这个问题会很快关闭 – RiggsFolly
嗨,欢迎来到这个网站,欢迎来到网络编程的乐趣!我不确定这个问题,因为它现在非常适合这个网站,因为它要求对于处理特定任务的最佳方式提出相当广泛的意见。我建议通过[帮助]中的介绍页面了解本网站的目标是什么样的问题。 – IMSoP