<?php
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("dentalclinic") or die(mysql_error());
if (isset($_POST['update'])){
$UpdateQuery = "UPDATE appointment SET appointmentstatusid='$_POST[appointmentstatusid]'";
mysql_query($UpdateQuery);
};
$sql = "SELECT * from appointment a join appointmentstatus s on (a.appointmentstatusid=s.appointmentstatusid) join patient p on (a.patientid=p.patientid)";
$query = mysql_query($sql) or die(mysql_error());
echo "<table border=1>
<tr>
<th>FIRST NAME</th>
<th>LAST NAME</th>
<th>APPOINTMENT STATUS</th>
<th>UPDATE</th>
</tr>";
while($record = mysql_fetch_array($query)){
echo "<form action=editstatus.php method=post>";
echo "<tr>";
echo "<td>"."<input type=text name=firstname value=".$record['firstname']."></td>";
echo "<td>"."<input type=text name=lastname value=".$record['lastname']."></td>";
echo "<td>";
$query2 = "SELECT * from appointmentstatus";
$result = mysql_query($query2);
echo "<select name=appointmentstatusid>";
while ($line = mysql_fetch_array($result)) {
echo "<option value=".$line['appointmentstatusid'].">";
echo $line['appointmentstatus'];
echo "</option>";
}
echo "</select>";
echo "</td>";
echo "<td>"."<input type=submit name=update value=update"."></td>";
echo "</tr>";
echo "</form>";
}
echo "</table>"
?>
每次更新patient1的appointmentstatus,都会影响其他患者(patient2,patient3…)的appointmentstatus。我尝试在更新上添加代码WHERE appointmentstatusid='$_POST[appointmentstatusid]'
,但当我这样做时,它不会更新了。
您必须有一个有效且匹配的 id,用于您试图影响的行。如何决定取决于你自己。然后,执行如下操作:
UPDATE table_name
SET column1=value1,column2=value2,...
WHERE some_column=some_value;
要更新特定的记录,您的查询应该有一个WHERE子句指定要更新的内容
$UpdateQuery = "UPDATE appointment SET appointmentstatusid='$_POST[appointmentstatusid]' WHERE `appointmentid` = 1";
请注意:直接从$_POST传递$_POST[任命mentstatusid]变量会使你的代码容易受到sql注入的攻击。试着
$appointmentstatusid = (int) mysql_real_escape_string($_POST[appointmentstatusid]);
$UpdateQuery = "UPDATE appointment SET appointmentstatusid='".appointmentstatusid ."' WHERE `appointmentid` = $id";
或者练习使用数据库抽象库
在第6行试试
$UpdateQuery = "UPDATE appointment SET willChangeColumn = 'newValueForThatColumn' WHERE appointmentstatusid=".$_POST['appointmentstatusid'];