J'ai le code ci-dessous qui met à jour les informations de l'utilisateur. Je dois exécuter la requête SEULEMENT pour les champs qui sont remplis, ainsi vous ne devez pas ajouter toutes les informations chaque fois que vous voulez faire un peu d'édition à un utilisateur. Je veux IGNORE les champs de formulaire videsPHP empêcher la publication en double
Je ne peux pas comprendre quelle méthode pour aller avec pour atteindre cet objectif:
if(isset($_POST['do_edit'])) {
$id = mysql_real_escape_string($_POST['user_id']);
$company_name = mysql_real_escape_string($_POST['company_name']);
$contact = mysql_real_escape_string($_POST['contact']);
$username = mysql_real_escape_string($_POST['username']);
$phone = mysql_real_escape_string($_POST['phone']);
$address = mysql_real_escape_string($_POST['address']);
$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);
$password2 = mysql_real_escape_string($_POST['confirm']);
$level = mysql_real_escape_string($_POST['user_level']);
$restrict = mysql_real_escape_string($_POST['restrict']);
$delete = mysql_real_escape_string($_POST['delete']);
// Ticked the 'delete user' box? If so, delete and echo message.
if($delete == 'delete_uid' && $error == '') {
$sql = "DELETE FROM login_users WHERE user_id='$id'";
$query = mysql_query($sql) or die("Fatal error: ".mysql_error());
echo "<h3>Deleted</h3>";
echo "<div class='success_message'>User <b>$company_name $contact</b> has been removed from the database.</div>";
echo "<h2>What to do now?</h2><br />";
echo "<a href=''>« Back to Admin Panel</a> | Go to the <a href='user_edit.php'>edit users</a> page.</li>";
} else {
// Validate the submitted information
if(trim($id) == '1') {
$error = '<div class="error_message">Attention! You cannot edit the main Administrator, use database.</div>';
} else if(trim($company_name) == '') {
$error = '<div class="error_message">Attention! You must enter a company name.</div>';
} else if(trim($contact) == '') {
$error = '<div class="error_message">Attention! You must enter a contact name.</div>';
} else if(!isEmail($email)) {
$error = '<div class="error_message">Attention! You have entered an invalid e-mail address, try again.</div>';
} else if(trim($level) == '') {
$error = '<div class="error_message">Attention! No user level has been selected.</div>';
}
// Password been entered? If so, validate and update information.
if($password != '') {
if($password != $password2) {
$error = '<div class="error_message">Attention! Your passwords did not match.</div>';
}
if(strlen($password) < 5) {
$error = '<div class="error_message">Attention! Your password must be at least 5 characters.</div>';
}
if($error == '') {
$sql = "UPDATE login_users SET restricted='$restrict', company_name='$company_name', contact='$contact', email='$email', user_level='$level', password = MD5('$password') WHERE user_id = '$id'";
$query = mysql_query($sql) or die("Fatal error: ".mysql_error());
echo "<h2>Updated</h2>";
echo "<div class='success_message'>User information (and password) updated for User ID <b>$id ($company_name)</b>.</div>";
echo "<h2>What to do now?</h2><br />";
echo "<a href=''>« Back to Admin Panel</a> | Go to the <a href='user_edit.php'>edit users</a> page.</li>";
}
// Password has not been entered don't update password fields.
} else {
if($error == '') {
$sql = "UPDATE login_users SET restricted='$restrict', company_name='$company_name', contact='$contact', username='$username', email='$email', user_level='$level' WHERE user_id = '$id'";
$query = mysql_query($sql) or die("Fatal error: ".mysql_error());
echo "<h2>Updated</h2>";
echo "<div class='success_message'>User information updated for <b>$company_name</b>.</div>";
echo "<h2>What to do now?</h2><br />";
echo "<a href=''>« Back to Admin Panel</a> | Go to the <a href='user_edit.php'>edit users</a> page.</li>";
}
}
}
}
vous pouvez faire une boucle sur la variable $ _POST et voir ce qui est défini, selon ce jeu pour construire votre requête. –
si vous ne voulez pas empêcher PHP de mettre à jour la base de données, mettez 'return' après' $ error = 'dans la validation – k102