使用准备状态更新时不能列出项目 [英] Cant list items when updating with prepare statments
问题描述
我正在尝试使用准备状态创建更新页面,
发布item_id和user_id以正确的值更新页面。
,但它没有列出输入项中的值。
没有错误,看起来像一切正常,除了上市问题。
当我创建只有item_id的链接它的作品,但当我改变链接到下面的链接它不起作用。 ;'href ='Esupdate.php?item_id =。$ row ['item_id']。& user_id =。htmlspecialchars($ _ SESSION ['id'])。''title ='更新记录'data-toggle ='tooltip'>< span class ='glyphicon glyphicon-pencil'>< / span>< / a>
这里是我的选择代码部分。
<$如果(isset($ _ GET ['item_id'])&&!empty(test_input($ _ GET ['item_id']))AND isset($ _ GET ['user_id']) )&&!empty(test_input($ _ GET ['user_id']))){
$ item_id = test_input($ _ GET ['item_id']);
$ user_id = test_input($ _ GET ['user_id']);
//准备一个select语句
$ sql =SELECT * FROM items where item_id =?AND user_id =?;
if($ stmt = $ conn-> prepare($ sql)){
//将变量绑定到准备语句作为参数
$ stmt-> bind_param(ii, $ param_item_id,$ param_user_id);
//设置参数
$ param_item_id = $ item_id;
$ param_user_id = $ user_id;
//尝试执行准备好的语句
if($ stmt-> execute()){
$ result = $ stmt-> get_result(); ($结果 - > num_rows == 1){
while($ row = $ result-> fetch_assoc());
if
//检索单个字段值
$ param_cat_id = htmlspecialchars($ cat_id);
$ param_item_name = htmlspecialchars($ item_name);
$ param_item_title = htmlspecialchars($ item_title);
$ param_item_image = htmlspecialchars($ item_image);
$ param_item_seo_url = htmlspecialchars($ item_seo_url);
$ param_item_detail = htmlspecialchars($ item_detail);
} else {
// URL不包含有效的ID。重定向到错误页面
header(location:error.php);
exit();
}
} else {
echo糟糕!出错了,请稍后再试。;
}
}
//关闭语句
$ stmt-> close();
//关闭连接
$ conn-> close();
} else {
// URL不包含id参数。重定向到错误页面
header(location:error.php);
exit();
}
下面是表单中应该列出项目的表单。
< form action =<?php echo htmlspecialchars(basename($ _ SERVER ['REQUEST_URI']));?> method =postenctype =multipart / form-data>
< div class =form-group<?php echo(!empty($ item_name_err))?'has-error':'';?>>
< label>名称< / label>
< input type =textname =item_nameclass =form-controlvalue =<?php echo $ item_name;?>>
< span class =help-block><?php echo $ item_name_err;?>< / span>
< / div>
< div class =form-group<?php echo(!empty($ item_title_err))?'has-error':'';?>>
< label>标题/标签>
< input type =textname =item_titleclass =form-controlvalue =<?php echo $ item_title;?>>
< span class =help-block><?php echo $ item_title_err;?>< / span>
< / div>
< div class =form-group<?php echo(!empty($ item_image_err))?'has-error':'';?>>
< label for =item_image>图片< / label>
< input type =filename =item_imageid =item_imagevalue =<?php echo $ item_image;?>>
< p>< strong>注意:< / strong>只允许.jpg,.jpeg,.gif,.png格式的最大大小为5 MB。< / p>
< span class =help-block><?php echo $ item_image_err;?>< / span>
< / div>
< div class =form-group<?php echo(!empty($ item_detail_err))?'has-error':'';?>>
< label>详情< / label>
< span class =help-block><?php echo $ item_detail_err;?>< / span>
< / div>
< div class =form-group<?php echo(!empty($ cat_id_err))?'has-error':'';?>>
< select class =form-controlname =cat_idvalue =<?php echo $ cat_id;?>>
< option value =>类别< / option>
<?php
categoryTree();
?>
< / select>
< span class =help-block><?php echo $ cat_id_err;?>< / span>
< / div>
< input type =submitclass =btn btn-primaryvalue =Submit>
< a href =index.phpclass =btn btn-default>取消< / a>
< / form>
这是test_input代码来自function.php
我删除了categoryTree函数列表类别)和代码中的test_input没有任何变化。
我怀疑是代码中的东西。
function test_input($ data){
$ data = trim( $的数据);
$ data = stripslashes($ data);
$ data = htmlspecialchars($ data);
返回$ data;
}
编辑:我必须申报这些变数吗?
$ param_cat_id = htmlspecialchars($ cat_id);
$ param_item_name = htmlspecialchars($ item_name);
$ param_item_title = htmlspecialchars($ item_title);
$ param_item_image = htmlspecialchars($ item_image);
$ param_item_seo_url = htmlspecialchars($ item_seo_url);
$ param_item_detail = htmlspecialchars($ item_detail);
这是什么?
$ item_id = test_input($ _ GET ['item_id']);
$ user_id = test_input($ _ GET ['user_id']);
我建议将bind_param改为
//将变量绑定到准备好的语句中作为参数
$ stmt-> bindParam(1,$ param_item_id);
$ stmt-> bindParam(2,$ param_user_id);
然后你可以设置变量(尽管我总是把它们放在绑定之前)
//设置参数
$ param_item_id = $ item_id;
$ param_user_id = $ user_id;
我还建议您将您的sql更改为
$ sql =SELECT * FROM items WHERE item_id =:itemId AND user_id =:userId;
然后按如下方式进行绑定:
$ stmt-> bindParam(':itemId',$ param_item_id);
$ stmt-> bindParam(':userId',$ param_user_id);
I am trying to create an update page with prepare statents, posting item_id and user_id going to update page with right vaules. but it doesnt list items values in inputs.
no errors, looks like everything fine except listing problem. when I create link with only item_id it works but when I change link to link below it doesnt work.
<a href='Esupdate.php?item_id=". $row['item_id'] ."&user_id=".htmlspecialchars($_SESSION['id']) ."' title='Update Record' data-toggle='tooltip'><span class='glyphicon glyphicon-pencil'></span></a>
here is my select code part.
if(isset($_GET['item_id']) && !empty(test_input($_GET['item_id'])) AND isset($_GET['user_id']) && !empty(test_input($_GET['user_id']))){
$item_id = test_input($_GET['item_id']);
$user_id = test_input($_GET['user_id']);
// Prepare a select statement
$sql = "SELECT * FROM items WHERE item_id = ? AND user_id = ?";
if($stmt = $conn->prepare($sql)){
// Bind variables to the prepared statement as parameters
$stmt->bind_param("ii", $param_item_id, $param_user_id);
// Set parameters
$param_item_id = $item_id;
$param_user_id = $user_id;
// Attempt to execute the prepared statement
if($stmt->execute()){
$result = $stmt->get_result();
if($result->num_rows == 1){
while($row = $result->fetch_assoc());
// Retrieve individual field value
$param_cat_id = htmlspecialchars($cat_id);
$param_item_name = htmlspecialchars($item_name);
$param_item_title = htmlspecialchars($item_title);
$param_item_image = htmlspecialchars($item_image);
$param_item_seo_url = htmlspecialchars($item_seo_url);
$param_item_detail = htmlspecialchars($item_detail);
} else{
// URL doesn't contain valid id. Redirect to error page
header("location: error.php");
exit();
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
}
// Close statement
$stmt->close();
// Close connection
$conn->close();
} else{
// URL doesn't contain id parameter. Redirect to error page
header("location: error.php");
exit();
}
Here is the form Should list items in.
<form action="<?php echo htmlspecialchars(basename($_SERVER['REQUEST_URI'])); ?>" method="post" enctype="multipart/form-data">
<div class="form-group <?php echo (!empty($item_name_err)) ? 'has-error' : ''; ?>">
<label>Name</label>
<input type="text" name="item_name" class="form-control" value="<?php echo $item_name; ?>">
<span class="help-block"><?php echo $item_name_err;?></span>
</div>
<div class="form-group <?php echo (!empty($item_title_err)) ? 'has-error' : ''; ?>">
<label>Title/label>
<input type="text" name="item_title" class="form-control" value="<?php echo $item_title; ?>">
<span class="help-block"><?php echo $item_title_err;?></span>
</div>
<div class="form-group <?php echo (!empty($item_image_err)) ? 'has-error' : ''; ?>">
<label for="item_image">Image</label>
<input type="file" name="item_image" id="item_image" value="<?php echo $item_image; ?>">
<p><strong>Note:</strong> Only .jpg, .jpeg, .gif, .png formats allowed to a max size of 5 MB.</p>
<span class="help-block"><?php echo $item_image_err;?></span>
</div>
<div class="form-group <?php echo (!empty($item_detail_err)) ? 'has-error' : ''; ?>">
<label>Detail</label>
<textarea name="item_detail" class="form-control"><?php echo $item_detail; ?></textarea>
<span class="help-block"><?php echo $item_detail_err;?></span>
</div>
<div class="form-group <?php echo (!empty($cat_id_err)) ? 'has-error' : ''; ?>">
<select class="form-control" name="cat_id" value="<?php echo $cat_id; ?>">
<option value="">Categories</option>
<?php
categoryTree();
?>
</select>
<span class="help-block"><?php echo $cat_id_err;?></span>
</div>
<input type="submit" class="btn btn-primary" value="Submit">
<a href="index.php" class="btn btn-default">Cancel</a>
</form>
this is the test_input code comes from function.php I removed categoryTree function(which is listing categories) and test_input in codes nothing changed. I suspect something in code.
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
EDIT : do I have to declare these variables ?
$param_cat_id = htmlspecialchars($cat_id);
$param_item_name = htmlspecialchars($item_name);
$param_item_title = htmlspecialchars($item_title);
$param_item_image = htmlspecialchars($item_image);
$param_item_seo_url = htmlspecialchars($item_seo_url);
$param_item_detail = htmlspecialchars($item_detail);
Like this ?
$item_id = test_input($_GET['item_id']);
$user_id = test_input($_GET['user_id']);
I would advise changing the bind_param to
// Bind variables to the prepared statement as parameters
$stmt->bindParam(1, $param_item_id);
$stmt->bindParam(2, $param_user_id);
and then you can set variables afterwards (although I always put them before the bind)
// Set parameters
$param_item_id = $item_id;
$param_user_id = $user_id;
I would also suggest you change your sql to
$sql = "SELECT * FROM items WHERE item_id = :itemId AND user_id = :userId";
and then make your binds as follows;
$stmt->bindParam(':itemId', $param_item_id);
$stmt->bindParam(':userId', $param_user_id);
这篇关于使用准备状态更新时不能列出项目的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!