1
У меня есть окно поиска, чтобы найти информацию о студенте. Все данные хорошо отображены, и администратор может обновить статус от него, но когда администратор хочет обновить приложение, запрос просто не выполняется. Я не думаю, что команда sql неверна. я что-то упускаю? heres кодзапрос не выполняется
public function searchApplicant()
{
echo '<table><form method="post">
<tr><td>
<input type=search name="studID" placeholder="ID Pelajar..."> <button name="searchStud" type="submit">Cari</button>
</td></tr></form>
<tr><td>';
if(isset($_POST['searchStud']))
{
if(isset($_POST['studID']))
{
$studID=$_POST['studID'];
$query = mysql_query("SELECT * FROM `application` WHERE `studID` = '$studID'");
if(!$query)
{
echo mysql_error();
}
else
{
while($row = mysql_fetch_array($query))
{
$appID = $row['appID'];
$ic = $row['ic'];
$faculty = $row['faculty'];
$programme = $row['programme'];
$campus = $row['campus'];
$statusS = $row['statusS'];
$gender = $row['gender'];
$part = $row['part'];
$session = $row['session'];
$cgpa = $row['cgpa'];
$gpa = $row['gpa'];
$state = $row['state'];
$accountNo = $row['accountNo'];
$addressStud = $row['addressStud'];
$postcodeStud = $row['postcodeStud'];
$phoneS = $row['phoneS'];
$nameG = $row['nameG'];
$job = $row['job'];
$relationship = $row['relationship'];
$marriageStatus = $row['marriageStatus'];
$addressG = $row['addressG'];
$postcodeG = $row['postcodeG'];
$phoneG = $row['phoneG'];
$incomeG = $row['incomeG'];
$incomeM = $row['incomeM'];
$incomeO = $row['incomeO'];
$statusApplication = $row['statusApplication'];
echo '<form method="post">
<table border="0" cellspacing="2" cellpadding="2" width="705" style=" #fff;-webkit-box-shadow: 0 0 10px #660066; background:#ffffff;padding:0px;color:#848484; margin-top:50px;">
<tr>
<td><div align="left"><strong>No. Pelajar </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$studID.'</td>
</tr>
<tr>
<td><div align="left"><strong>No. K/P </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$ic.' </td>
</tr>
<tr>
<td><div align="left"><strong>Fakulti</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$faculty.'</td>
</tr>
<tr>
<td><div align="left"><strong>Kod Kursus </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$programme.'</td>
</tr>
<tr>
<td><div align="left"><strong>Kampus</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>UiTM Melaka Kampus Jasin</td>
</tr>
<tr>
<td><div align="left"><strong>Taraf Perkahwinan </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$statusS.'</td>
</tr>
<tr>
<td><div align="left"><strong>Semester/Bahagian</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$part.'</td>
</tr>
<tr>
<td><div align="left"><strong>Sesi</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$session.'</td>
</tr>
<tr>
<td><div align="left"><strong>CGPA Terkini </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$cgpa.'</td>
</tr>
<tr>
<td><div align="left"><strong>GPA Terkini </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$gpa.'</td>
</tr>
<tr>
<td><div align="left"><strong>Negeri Asal </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$state.'</td>
</tr>
<tr>
<td><div align="left"><strong>No. Akaun Bank Islam </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$accountNo.'</td>
</tr>
<tr>
<td>
<p align="left"><strong>Alamat Surat Menyurat</strong></p> <p align="left"><strong>(</strong><strong>Kolej/Rumah Sewa) </strong></p></td><td><div align="center"><strong>:</strong></div></td>
<td>'.$addressStud.'</td>
</tr>
<tr>
<td><div align="left"><strong>Poskod</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$postcodeStud.'</td>
</tr>
<tr>
<td><div align="left"><strong>No. Telefon </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$phoneS.'</td>
</tr>
<tr>
<td width="23%"><div align="left"><strong>Nama Ketua Keluarga </strong></div></td>
<td width="7%"><div align="center"><strong>:</strong></div></td>
<td width="70%">'.$nameG.'</td>
</tr>
<tr>
<td><div align="left"><strong>Pekerjaan</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$job.'</td>
</tr>
<tr>
<td><div align="left"><strong>Hubungan</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$relationship.' </td>
</tr>
<tr>
<td><div align="left"><strong>Status Perkahwinan </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$marriageStatus.'</td>
</tr>
<tr>
<td><div align="left"><strong>Alamat Surat Menyurat </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$addressG.'</td>
</tr>
<tr>
<td><div align="left"><strong>Poskod</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$postcodeG.'</td>
</tr>
<tr>
<td><div align="left"><strong>No. Telefon </strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$phoneG.'</td>
</tr>
<tr>
<td><div align="left"><strong>Pendapatan Bulanan </strong></div></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><div align="left"><strong>Bapa/Penjaga</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$incomeG.'</td>
</tr>
<tr>
<td><div align="left"><strong>Ibu</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$incomeM.'</td>
</tr>
<tr>
<td><div align="left"><strong>Lain-lain</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>'.$incomeO.'</td>
</tr>
<tr>
<td><div align="left"><strong>Status Permohononan</strong></div></td>
<td><div align="center"><strong>:</strong></div></td>
<td>
<select name="statusApplication">
<option disabled="disabled" value="Dalam Proses" '.(($statusApplication=='Dalam Proses')?'selected="selected"':"").'>Dalam Proses</option>
<option value="Tidak Berjaya" '.(($statusApplication=='Tidak Berjaya')?'selected="selected"':"").'>Tidak Berjaya</option>
<option value="Berjaya" '.(($statusApplication=='Berjaya')?'selected="selected"':"").'>Berjaya</option>
</td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="updateStatus" value="Kemaskini Status Permohonan"></td>
</tr>
</table>
</form>';
if(isset($_POST['updateStatus']))
{
if(isset($_POST['statusApplication'])){
$statusApplication = $_POST['statusApplication'];
$sql2 = "UPDATE `application`
SET `statusApplication`='$statusApplication'
WHERE `studID` = '$studID'";
$query2 = mysql_query($sql2);
if(!$query2)
echo mysql_error();
else
{
echo "<script type='text/javascript'>
alert('Status permohonan telah berjaya dikemaskini.');
window.location.href= 'searchApplicant.php';
</script>";
}
}
}
}
}}}}
Если вы можете, вы должны [прекратить использование '' mysql_ * функции] (http://stackoverflow.com/questions/12859942/ почему-не должно-и-использование-MySQL-функции-в-PHP). Они больше не поддерживаются и [официально устарели] (https://wiki.php.net/rfc/mysql_deprecation). Узнайте о [подготовленном] (http://en.wikipedia.org/wiki/Prepared_statement) [заявлениях] (http://php.net/manual/en/pdo.prepared-statements.php) и рассмотрите возможность использования PDO , [это действительно не сложно] (http://jayblanchard.net/demystifying_php_pdo.html). –
[Ваш скрипт находится под угрозой для SQL Injection.] (Http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) –
ваш код обновления запускается только в том случае, если 'searchStud 'установлено, и что НЕ будет установлено при отправке формы обновления. –