使用单独的sql查询填充dropdownlist php

ct3nt3jp  于 2021-06-18  发布在  Mysql
关注(0)|答案(1)|浏览(338)

我有一个表单,允许用户更新他们客户的事务。此表单包含已为事务列出的信息。我想要一个客户名称的下拉列表,这样他们就必须选择一个现有的客户。
我的问题是,用现有信息填充答案的sql与在数据库中调出客户名称的sql冲突。
有办法吗?下面是我的代码,它显示了填充的答案:

<table> 

<?php
if (!isset ($p_submitval))
{
    $sql = "SELECT crid, c.custid, 
firstname, lastname, cramount, crdate
            FROM databau7_thomand.customer 
c inner join databau7_thomand.cashrec r on 
c.custid = r.custid WHERE crid= " . 
$p_crid;
    $result = mysqli_query($con, $sql);
    while($row = 
mysqli_fetch_array($result))

    echo "<h2>Update Customer 
Information</h2>\n";
echo "<p><i>Please update the customer information.</i><br>\n";
echo "<form action=\"web4_transactioninput.php\" method=post>\n";
echo "<input type=\"hidden\" name=\"crid\" value = \"$p_crid\">\n";
echo "<table border=\"3\"> \n";

echo "<td align=\"right\"><b>Customer Name: 
</td>";
    echo "<td><select name=\"custid\" 
class=\"dropdown\">";
    echo "<option value=\"0\" selected> 
".$row['firstname']." ".$row['lastname']."  
</option>\"";
    echo "<tr>\n<td align=\"right\">\n";
    echo "<b>Amount:</b>\n";
    echo "</td>\n<td>\n";
    echo "<input type=\"text\" 
name=\"cramount\"size=\"30\"  
value=\"".$row['cramount']."\">\n";
    echo "</td>\n</tr>\n";echo "<tr>\n<td 
align=\"right\">\n";
    echo "<b>Date:</b>\n";
    echo "</td>\n<td>\n";
    echo "<input type=\"date\" 
name=\"crdate\"size=\"30\"  
value=\"".$row['crdate']."\">\n";
    echo "</td>\n</tr>\n";echo "<tr>\n<td 
align=\"right\">\n";

}
    while($row = 
mysqli_fetch_array($result))

    echo "</select>\n</td>\n</tr>\n";
    echo "</table>\n";

谢谢你的帮助!

2skhul33

2skhul331#

删除所有回音“…”;因为你不需要它。只是个建议。视野更清晰,不必要
您还应该使用prepared语句来插入变量,因为参数是不安全的。
这是一个非常粗略的例子,但请这样看:

<table> 

<?php
if (!isset ($p_submitval)){

    $sql = "
SELECT crid
     , c.custid
     , firstname
     , lastname
     , cramount
     , crdate
  FROM databau7_thomand.customer c 
  JOIN databau7_thomand.cashrec r 
    on c.custid = r.custid 
 WHERE crid= ?;
";

    $stmt = $con->prepare($sql);
    $stmt->bind_param("s",$p_crid);
    $stmt->execute();
    $stmt->bind_result($crid,$custid,$fname,$lname,$cramount,$crdate);
    $stmt->store_result();

?>
<h2>Update Customer 
Information</h2>";
<p><i>Please update the customer information.</i><br>
<form action="web4_transactioninput.php" method=post>
<input type="hidden" name="crid" value = "<?php echo $p_crid;?>">
<table border="3"> 

<td align="right"><b>Customer Name: </td>
<td><select name="custid" class="dropdown">";
    <?php
       echo "<option value=\"0\" selected> $fname $lname</option>";
    ?>'
 <tr><td align="right">
    <b>Amount:</b>
    </td><td>
    <input type="text" name="cramount"size="30"  value="<?php echo $cramount;?>">;

<?php
    $stmt->close();
}

相关问题