我正在尝试允许管理员更新广告的照片。我已经设法使更新部分工作,但它不断更新错误的广告(数据库中的第一个)。我想当它提交到数据库时,它可能没有注册我想更新的ID,但我看不出我做错了什么。我以前用过这个代码来更新个人资料图片,但我猜是会话让它这么做的?
这是我的aduplad.php代码
<?php
$id=$_POST['id'];
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "<b><center>The file uploaded was not an image!<br><center><a
href='"update_ad.php?id=$id'">Go back here!</a>";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
echo "<b><center>Sorry, this image already exists! <br><center><a
href='"update_ad.php?id=$id'">Go back here!</a>";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 50000000) {
echo "<b><center>Sorry, your image is too large.<br><center><a
href='"update_ad.php?id=$id'">Go back here!</a>";
$uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType
!= "jpeg"
&& $imageFileType != "gif" ) {
echo "<b><center>Sorry, only JPG, JPEG, PNG & GIF files are allowed.<br>
<center><a href='"update_ad.php?id=$id'">Go back here!</a>";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "<b><center>Sorry your picture was not uploaded.<br><center><a
href='"update_ad.php?id=$id'">Go back here!</a>";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"],
$target_file)) {
echo "<center>Your profile picture ". basename(
$_FILES["fileToUpload"]["name"]). " has been uploaded! <br><center><a
href='"admin.php'">Go back to the admin area</a>";
$sql = "UPDATE advertisement SET imageName='$target_file' WHERE
id=$id";
mysqli_query($mysqli_conn, $sql);
} else {
print "<b><center>An error occurred when uploading your picture<br>
<center><a href='"update_ad.php?id=$id'">Go back here!</a>";
}
}
?>
以下是update_ad.php的一个片段
$id = $_GET['id'] ; //Get the primary key passed
$query = "SELECT * FROM advertisement WHERE id = '$id' ";
//if error in query, display
$result = mysqli_query($mysqli_conn, $query) or exit ("Error in query:
$query. ".mysqli_error());
//see if any rows were returned
if (mysqli_num_rows($result) > 0) { // yes then display Form
$row = mysqli_fetch_assoc($result); //then fetch the row
?>
<table border= "3" style="width:100%;margin:auto">
<form action = 'update_ad_action.php' method="POST">
<tr><td>ID:</td><td><input readonly="yes" name="id" type="text" value=<?
php echo $id; ?> size="3" ></td></tr>
<tr><td>Title:</td><td><input type="text" name="title" value=<?php echo
$row["title"] ?> ></td></tr>
<tr><td>Description:</td><td><input type="text" name="description" value=
<?php echo $row["description"] ?> ></td></tr>
<tr><td>From-date:</td><td><input type="text" name="from_date" value=<?
php echo $row["from_date"] ?> ></td></tr>
<tr><td>To-date:</td><td><input type="text" name="to_date" value=<?php
echo $row["to_date"] ?> ></td></tr>
<tr><td>Pets:</td><td><select name="pets" id="pets">
<option value="0">Yes</option>
<option value="1">No</option></td></tr>
<tr><td>Location:</td><td><input type="text" name="location" value=<?php
echo $row["location"] ?> ></td></tr>
<tr><td>Picture</td><td><img src=" <?php echo $row['imageName'] ?>"
alt="No picture uploaded" width="200" height ="200" ></td></tr>
<tr><th colspan="2"><center><input class="button button-primary"
type="Submit" value="Submit"/> <input class="button button-primary"
type="reset" value="Clear"/></center></th></tr>
</form>
</table>
<br>
<table border= "3" style="width:100%;margin:auto">
<form action="adupload.php" method="post" enctype="multipart/form-data">
<tr><td>Want to change your picture?</td><td>
<input type="hidden" name="id" value="<?php echo $_SESSION['id']; ?>">
<input type="file" name="fileToUpload" id="fileToUpload" required></td>
</tr>
<tr><th colspan="2"><center><input class="button button-primary"
type="submit" value="Upload Image" name="submit"></center></th></tr>
</form></table>
update_ad_action.php
<?php require 'config/init.php' ;
$id = $_POST['id']; //get id passed
$errorString = ""; //string to collect errors if found
$title = trim($_POST["title"]); //trim white spaces
if (empty($title)) {
$errorString = $errorString."<br><center>Please enter a title.
</center>"; //if empty, error added to error string
//remove any slashes that are automatically added, strip tags and
disable html tags from having any affect
$title = htmlentities(strip_tags($title));
}
$description = trim($_POST["description"]);
if (empty($description)) {
$errorString = $errorString."<br><center>Please enter a description.<
</center>"; //if empty, error added to error string
//remove any slashes that are automatically added, strip tags and
disable html tags from having any affect
$title = htmlentities(strip_tags($description));
}
$from_date = trim($_POST["from_date"]);
if (empty($from_date)) {
$errorString = $errorString."<br><center>Please enter a from date.
</center>"; //if empty, error added to error string
//remove any slashes that are automatically added, strip tags and disable
html tags from having any affect
$title = htmlentities(strip_tags($from_date));
}
$to_date = trim($_POST["to_date"]);
if (empty($to_date)) {
$errorString = $errorString."<br><center>Please enter a to date.
</center>"; //if empty, error added to error string
//remove any slashes that are automatically added, strip tags and disable
html tags from having any affect
$title = htmlentities(strip_tags($to_date));
}
$location = trim($_POST["location"]);
if (empty($location)) {
$errorString = $errorString."<br><center>Please enter a location</center>
"; //if empty, error added to error string
//remove any slashes that are automatically added, strip tags and disable
html tags from having any affect
$title = htmlentities(strip_tags($location));
}
// check if there were any errors
if (empty($errorString)) {//No errors, update the data
//query to update data
$query = "UPDATE user SET title = '$title', description = '$description',
from_date = '$from_date', to_date = '$to_date', location = '$location'
WHERE id = '$id'";
$result = mysqli_query($mysqli_conn, $query);
//if there was a problem - get the error message and go back
if (mysqli_affected_rows($mysqli_conn) < 0) {
echo "There were errors :<br>" . mysql_error();
echo $query;
exit ;
} else { //locate back to profile if updated
header("Location: admin.php");
}
} else {//There were errors
print '<b><center>There were errors<br>' . $errorString . "<center><a
href='"update_ad.php?id=$id'">Go back here!</a>";
}
?>
$_SESSION['id']
中的ID可能是错误的,因此您发送的始终是相同的ID。
如果要获取通过URL传递的ID(?ID=1337),请在表单中使用<?php echo $_GET['id']; ?>
而不是$_SESSION
。
您在哪里设置$_SESSION['id']=$id?-如果您没有设置,那么这个输入将没有值。
<input type="hidden" name="id" value="<?php echo $_SESSION['id']; ?>">
你可以把它改成:
<input type="hidden" name="id" value="<?php echo $id; ?>">
我也不喜欢你张贴名称中的空间
imageName='uploads/2015-10-04 19.59.41.jpg'
应该使用连字符或下划线。:
imageName='uploads/2015-10-04_19.59.41.jpg'
您需要围绕aduplad.php代码中更新查询中的变量使用' '
:
$sql = "UPDATE advertisement SET imageName='$target_file' WHERE
id=$id";
应该是
$sql = "UPDATE advertisement SET imageName='$target_file' WHERE
id='$id'";