按钮以在表问题中执行PHP脚本。

内容来源于 Stack Overflow,并遵循CC BY-SA 3.0许可协议进行翻译与使用

  • 回答 (2)
  • 关注 (0)
  • 查看 (77)

我已经设置了一个脚本,将我的数据库的所有成员显示在一个表中,该表被称为“未决点”。在该表中有一个按钮,管理员可以单击该按钮将那些挂起的点发送到表的该行中的用户,并将“待定点”重置为0。我已经制作了发送这些要点的脚本,但是它似乎没有改变任何东西,尽管它确实给出了成功的信息。

以下是一幅清晰的图片:

发送点的代码(sendpoints.php):

<?  
include ("connect.php");

$result = mysqli_query($conn,"SELECT * FROM members WHERE pendingpoints > 0 ");
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);

$send = $_POST['send'];

 if ($send) {

 mysqli_query($conn,"UPDATE members SET points='$newpoints' WHERE    
     username='$username'");
 mysqli_query($conn,"UPDATE members SET pendingpoints='0' WHERE   
     username='$username'");

         $username = $row['username'];
         $pendingpoints = $row['pendingpoints'];
         $points = $row['points'];
         $newpoints = $points + $pendingpoints;

 echo "Succesfully changed points for that user";

 }

 ?>

显示表的代码:

<?
include ("connect.php");
$submit = $_POST['submit'];
if ($submit) {

 $result = mysqli_query($conn,"SELECT * FROM members WHERE pendingpoints > 0 ");
 $row = mysqli_fetch_array($result,         MYSQLI_ASSOC);

 while ($row = mysqli_fetch_assoc($result))
 {
 $username = $row['username'];
 $pendingpoints = $row['pendingpoints'];
 $points = $row['points'];
 $newpoints = $points + $pendingpoints;
 $ip = $row['ip'];

 echo "<table border='1'> 

 <tr>
     <td><b>Username:</b></td>   
     <td><b>Pendingpoints:</b></td>     
     <td><b>IP:</b></td>     
     <td><b>Confirm Points:</b></td>


 </tr> 
 <tr>
     <form id='1' action='sendpoints.php' method='post'>
     <td> $username </td>  
     <td> $pendingpoints </td>       
     <td> $ip </td>      
     <td><input type='submit' class='classname' name='send' value='Send'></form></td> 
 </tr>   

 <br> </table>"; 
}
}


?>
提问于
用户回答回答于

根据我的理解,希望在按钮上发送点,只单击特定的人,但是在代码中,要做其他的事情。

注:我在表单中添加了隐藏变量,以便只向特定用户发送点。

<?  
include ("connect.php");


 if (isset($_POST['send'])) {

$username=$_POST'username'];
$result = mysqli_query($conn,"SELECT * FROM members WHERE username='$username' ");
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);

$pendingpoints = $row['pendingpoints'];
$points = $row['points'];
$newpoints = $points + $pendingpoints;


 $q=mysqli_query($conn,"UPDATE members SET points='$newpoints',pendingpoints=0 WHERE    
     username='$username'");

     if($q){
 echo "Succesfully changed points for that user";
 }
 }

 ?>

显示表的代码:

<?
include ("connect.php");
$submit = $_POST['submit'];
if ($submit) {

 $result = mysqli_query($conn,"SELECT * FROM members WHERE pendingpoints > 0 ");
 $row = mysqli_fetch_array($result,         MYSQLI_ASSOC);

 while ($row = mysqli_fetch_assoc($result))
 {
 $username = $row['username'];
 $pendingpoints = $row['pendingpoints'];
 $points = $row['points'];
 $newpoints = $points + $pendingpoints;
 $ip = $row['ip'];

 echo "<table border='1'> 

 <tr>
     <td><b>Username:</b></td>   
     <td><b>Pendingpoints:</b></td>     
     <td><b>IP:</b></td>     
     <td><b>Confirm Points:</b></td>


 </tr> 
 <tr>
     <td> $username </td>  
     <td> $pendingpoints </td>       
     <td> $ip </td>      
     <td><form id='1' action='sendpoints.php' method='post'><input type='submit' class='classname' name='send' value='Send'><input type='hidden' name='username' value='$username'></form></td> 
 </tr>   

 <br> </table>"; 
}
}


?>
用户回答回答于

在第一个脚本中$row没有定义。

编辑:由于代码已经更新,逻辑似乎不正确。并在更新中使用。

但是,有两个大问题:没有处理像‘这样的特殊字符的转义。这会破坏表单,并打开MySQL注入安全漏洞。

扫码关注云+社区

领取腾讯云代金券