2017-08-29 11 views


enter image description here

お知らせ:未定義のインデックス:Cでcur_id1:\プログラムファイル (x86の)\ Apache2.2 \ htdocsに\ hr \ setup \ manage_position_sub.php on line 87

警告:mssql_query(function.mssql-query):メッセージ:キーワード 'and'の近くにある 構文が正しくありません。 (重大度15)C:\ Programファイル (x86)\ Apache2.2 \ htdocs \ hr \ 15行目の\ connecto.phpを含む

警告:mssql_query()[function.mssql-query]:クエリに失敗しました Cで:未定義のインデックス:Cでcur_id1:\プログラムファイル (x86の)\ Apache2の\プログラムファイル(x86の)\ Apache2.2 \ htdocsに\時間の\は ライン15

お知らせの\ connecto.phpを含み.2 \ htdocs \ hr \ setup \ manage_position_sub.php on line 89

警告:mssql_query(function.mssql-query):メッセージ:キーワード 'and'の近くにある 構文が正しくありません。 (重大度15)C:\ Programファイル (x86)\ Apache2.2 \ htdocs \ hr \ 15行目の\ connecto.phpを含む

警告:mssql_query()[function.mssql-query]:クエリに失敗しました Cで:未定義のインデックス:Cでcur_id1:\プログラムファイル (x86の)\ Apache2の\プログラムファイル(x86の)\ Apache2.2 \ htdocsに\時間の\は ライン15

お知らせの\ connecto.phpを含み.2 \ htdocs \ hr \ setup \ manage_position_sub.php on line 92

警告:mssql_query(function.mssql-query):メッセージ:キーワード 'and'に近い 構文が正しくありません。 (重大度15)C:\ Programファイル (x86)\ Apache2.2 \ htdocs \ hr \ 15行目の\ connecto.phpを含む

警告:mssql_query()[function.mssql-query]:クエリに失敗しました Cで:未定義のインデックス:Cでcur_id1:\プログラムファイル (x86の)\ Apache2の\プログラムファイル(x86の)\ Apache2.2 \ htdocsに\時間の\は ライン15

お知らせの\ connecto.phpを含み.2 \ htdocs \ hr \ setup \ manage_position_sub.php on line 94

警告:mssql_query(function.mssql-query):メッセージ:キーワード 'and'に近い 構文が正しくありません。 (重大度15)C:\ Programファイル (x86)\ Apache2.2 \ htdocs \ hr \ 15行目の\ connecto.phpを含む

警告:mssql_query()[function.mssql-query]:クエリに失敗しました Cで:未定義のインデックス:Cでcur_id1:\プログラムファイル (x86の)\ Apache2の\プログラムファイル(x86の)\ Apache2.2 \ htdocsに\時間の\は ライン15

お知らせの\ connecto.phpを含みライン上で0.2 \ htdocsに\時間の\セットアップ\のmanage_position_sub.php 96

私はそのはちょうど最後を複製、更新クエリの保存ボタンをクリックすると、今問題があります行。挿入時に問題ありません。 phpコードを以下に示します。必要ならば私はphpmysqlに精通した誰もが完全なコードを投稿します。あなたが質問を理解してくれることを願っています。それを確認してください。

    <meta http-equiv="Content-Type" content="text/html; charset=windows-1256"> 

    header("Content-Type: text/html;charset=windows-1256"); 
    $sorting=' order by depe asc'; 
    if (isset($_POST['field'])) 
    if ($_POST['field'] != '') 
    $sorting=' order by '.$_POST['field']; 
    $sorting=' '; 

    if(isset($_POST['action']) && ($_POST['action']==3)) { 
    $sql="delete from hr_position where code=".$_POST['delid']; 
    $qry = DB_query($sql,$db); 
    $sql="delete from listsvalues where listid=40 and id=".$_POST['delid']; 
    $qry = DB_query($sql,$db); 
    $sql = "delete from hrnodes where contactid = '".$_POST['delid']."' and userid=15"; 
    $result2= DB_query($sql,$db); 


    if(isset($_POST['action']) && ($_POST['action']==2)) { 
    if ($_POST['invoicebreakdown']=='' || $_POST['invoicebreakdown']==0) $invoice_breakdown = 1; else $invoice_breakdown = $_POST['invoicebreakdown']; 
    for ($i = 1; $i <= $invoice_breakdown; $i++){ 
    if (isset($_POST['field1'.$i])) { 
    if(isset($_POST['cur_id_'.$i]) && $_POST['cur_id_'.$i]!='') $cur_id = $_POST['cur_id_'.$i]; else $cur_id =''; 
    if($cur_id=='') { 
      $sql="select max(code) as mx from hr_position"; 
      $qry = DB_query($sql,$db); 
      if ($res = DB_fetch_array($qry)) 
       if ($res['mx']==NULL) 

        $newid= 1; 
        $i =(int) $res['mx']; 
        $newid= $i; 

    echo $sql = "insert into hr_position (code,descr,lang) values (".$newid.",'".$_POST['field1'.$i]."',0)"; 
    $result= DB_query($sql,$db); 
    echo $sql = "insert into listsvalues (id,listid,userid,descr,lang,seq) values (".$newid.",40,-1,'".$_POST['field1'.$i]."',0,".$newid.")"; 
    $result= DB_query($sql,$db); 
    echo $sql = "insert into hr_position (code,descr,lang) values (".$newid.",'".$_POST['field2'.$i]."',1)"; 
    $result= DB_query($sql,$db); 
    echo $sql = "insert into listsvalues (id,listid,userid,descr,lang,seq) values (".$newid.",40,-1,'".$_POST['field2'.$i]."',2,".$newid.")"; 
    $result= DB_query($sql,$db); 
    echo $sql = "insert into hr_position (code,descr,lang) values (".$newid.",'".$_POST['field3'.$i]."',2)"; 
    $result= DB_query($sql,$db); 
    echo $sql = "insert into listsvalues (id,listid,userid,descr,lang,seq) values (".$newid.",40,-1,'".$_POST['field3'.$i]."',1,".$newid.")"; 
    $result= DB_query($sql,$db); 

    $sql = "select max(id) as mx from hrnodes "; 
    $result1= DB_query($sql,$db); 
    $newid1 = DB_fetch_array($result1); 
    $nwd = $newid1['mx']+1; 
    if ($_SESSION['lang']==0) {$name = $_POST['field1'.$i];} else if ($_SESSION['lang']==1) {$name = $_POST['field2'.$i];} else {$name = $_POST['field3'.$i];} 
    $sql = "insert into hrnodes (id,userid,title,position,parentid,contactid,acyear) VALUES 
    $result2= DB_query($sql,$db); 

    $sql = "update hr_position set descr='".$_POST['field1'.$i]."' where code =".$_POST['cur_id'.$i]." and lang = 0"; 
$result= DB_query($sql,$db); 
$sql = "update listsvalues set descr='".$_POST['field1'.$i]."' where listid=40 and id =".$_POST['cur_id'.$i]." and lang = 0"; 
$result= DB_query($sql,$db); 

$sql = "update hr_position set descr='".$_POST['field2'.$i]."' where code =".$_POST['cur_id'.$i]." and lang = 2"; 
$result= DB_query($sql,$db); 
$sql = "update listsvalues set descr='".$_POST['field2'.$i]."' where listid=40 and id =".$_POST['cur_id'.$i]." and lang = 2"; 
$result= DB_query($sql,$db); 
$sql = "update hr_position set descr='".$_POST['field3'.$i]."' where code =".$_POST['cur_id'.$i]." and lang = 1"; 
$result= DB_query($sql,$db); 
$sql = "update listsvalues set descr='".$_POST['field3'.$i]."' where listid=40 and id =".$_POST['cur_id'.$i]." and lang = 1"; 
$result= DB_query($sql,$db); 

if ($_SESSION['lang']==0) {$name = $_POST['field1'.$i];} else if ($_SESSION['lang']==1) {$name = $_POST['field2'.$i];} else {$name = $_POST['field3'.$i];} 

$sql = "update hrnodes set title='".$name."' where contactid = '".$_POST['cur_id'.$i]."' and userid=15"; 
$result2= DB_query($sql,$db); 

    if(!isset($_POST['breakdown'])) $_POST['breakdown']=0; 
    $sql = "SELECT distinct hr_position.code, hr_position.descr AS depe, hr_position_1.descr AS depf, hr_position_2.descr AS depa 
    FROM   hr_position INNER JOIN 
          hr_position hr_position_1 ON hr_position.code = hr_position_1.code INNER JOIN 
          hr_position hr_position_2 ON hr_position_1.code = hr_position_2.code 
    WHERE hr_position.code<>-1 and (hr_position.lang = 0) AND (hr_position_2.lang = 2) AND (hr_position_1.lang = 1)".$sorting; 

    $result= DB_query($sql,$db); 
    $num_rows = DB_num_rows($result); 
    $tot = $_POST['breakdown']+$num_rows; 

    <input type="hidden" name="amttype" value="" id="amttype"> 
    <input type="hidden" name="invoicebreakdown" value="<?php echo $tot;?>" id="invoicebreakdown"> 
    <input type="hidden" name="subbreakdown" value="" id="subbreakdown"> 

    <table width="95%" border="0" cellpadding="5" cellspacing="0" class="table_fullwidth"> 
    <tr><th width="30%">Position</th><th width="33%">Position</th> 
    <th width="32%">ÇÇáãÑßÒ</th> 

    <?php $i=1; 
    while ($myrow1 = DB_fetch_array($result)) { 
    if ($i % 2==0) $bkg='td1'; else $bkg='td2'; 
    <tr id="trow_<?php echo $i;?>" class="<?php echo $bkg;?> "> 
    <td align="center"><input type="hidden" name="cur_id_<?php echo $i;?>" id="cur_id_<?php echo $i;?>" value="<?php echo $myrow1['code'];?>"> <input type="text" name="field1<?php echo $i;?>" id="field1<?php echo $i;?>" class="sel_long1 required" value="<?php echo $myrow1['depe'];?>" tabindex="<?php echo $i;?>_1" > </td> 

    <td align="center"><input tabindex="<?php echo $i;?>_2" class="sel_long1 required" type="text" name="field2<?php echo $i;?>" id="field2<?php echo $i;?>" value="<?php echo $myrow1['depf'] ;?>"> </td> 

    <td align="center"><input tabindex="<?php echo $i;?>_4" class="sel_long1" type="text" name="field3<?php echo $i;?>" id="field3_<?php echo $i;?>" value="<?php echo $myrow1['depa'] ;?>"> </td> 
    <td align="center"> <img src="<?php echo $site_path;?>images/del.png" width="20" class="cur" title="Delete" onclick="deleteitem('<?php echo $myrow1['code'];?>');"></td> 


    $breakdown = $_POST['breakdown']+$num_rows; 
    while($j<=$breakdown) { 
    if ($j % 2==0) $bkg='td1'; else $bkg='td2'; 

    <tr id="trow_<?php echo $j;?>" class="<?php echo $bkg;?> "><td align="center"><input type="hidden" name="cur_id_<?php echo $j;?>" id="cur_id_<?php echo $j;?>" value=""> 
    <input type="text" name="field1<?php echo $j;?>" id="field1<?php echo $j;?>" class="sel_long1 required" value="" tabindex="<?php echo $j;?>_1" > </td> 

    <td align="center" ><input class="sel_long1 required" type="text" name="field2<?php echo $j;?>" id="field2<?php echo $j;?>" value="" tabindex="<?php echo $j;?>_2"></td> 

    <td align="center"><input class="sel_long1 required" type="text" name="field3<?php echo $j;?>" id="field3<?php echo $j;?>" value="" tabindex="<?php echo $j;?>_4"> </td> 
    <td align="center"><img src="<?php echo $site_path;?>images/del.png" title="Delete" onclick="delete_row_details(<?php echo $j;?>)" width="20" class="cur"></td> 
    <?php $j++; }?> 
    <div class="save_bt"><input name="save" id="savebt" class="no_marright submit-green save_right" value="Save" type="button" onclick="validate_save()" tabindex="<?php echo $j;?>"> </div> 

    <div id="did1"></div> 

    var $targets = $('#erp_from_sub').find('input, button , select'), 
     steps = $targets.map(function() { 
      return $(this).attr('tabindex'); 

    $('#erp_from_sub').on('keypress', 'input, button, select', function(e) { 
     if (e.keyCode == 13) { 
      var current = $.inArray($(this).attr('tabindex'), steps), 
       next = steps[++current % steps.length]; 
      $targets.filter('[tabindex="' + next + '"]').focus(); 

    function deleteitem(a) { 
     if(confirm('Are you sure you want delete?')) { document.erp_from_sub.delid.value=a; document.getElementById('action').value='3';load_subpage('erp_from_sub');} 

     function delete_row_details(id) 
    var el = document.getElementById('trow_'+id); 
    if(confirm("Are you sure you want to delete this row")==true) 

大文字の単語を使用しないでください! ..これはウェブで叫ぶようなものです。 – scaisEdge


は、挿入するか更新するかは、$ cur_idの値によって決まります。したがって、その値のためにサーバーに送信されているものをデバッグする必要があります。たぶん、それはそうであってはいけないときはいつも空です。見つけられない場合は、値を送信しようとしている場所にHTMLフォームを投稿してください。 BTWは、このコードはSQLインジェクション攻撃に対して恐ろしいほど脆弱です。パラメータ化されたクエリとプリペアドステートメントを使用する方法を学ぶ必要があります。 – ADyson


OK ..コードが更新されました@ADyson –



問題はidとif else文にもあります。修正されたコードはこれです。

header("Content-Type: text/html;charset=windows-1256"); 
$sorting=' order by depe asc'; 
if (isset($_POST['field'])) 
if ($_POST['field'] != '') 
$sorting=' order by '.$_POST['field']; 
$sorting=' '; 

if(isset($_POST['action']) && ($_POST['action']==3)) { 
$sql="delete from hr_position where code=".$_POST['delid']; 
$qry = DB_query($sql,$db); 
$sql="delete from listsvalues where listid=40 and id=".$_POST['delid']; 
$qry = DB_query($sql,$db); 
$sql = "delete from hrnodes where contactid = '".$_POST['delid']."' and userid=15"; 
$result2= DB_query($sql,$db); 


if(isset($_POST['action']) && ($_POST['action']==2)) { 
if ($_POST['invoicebreakdown']=='' || $_POST['invoicebreakdown']==0) $invoice_breakdown = 1; else $invoice_breakdown = $_POST['invoicebreakdown']; 
for ($i = 1; $i <= $invoice_breakdown; $i++){ 

if(isset($_POST['cur_id_'.$i]) && $_POST['cur_id_'.$i]!='') $cur_id = $_POST['cur_id_'.$i]; else $cur_id =''; 
// Insert the value if the cur_id is null 
     if($cur_id=='') { 
     $sql="select max(code) as mx from hr_position"; 
     $qry = DB_query($sql,$db); 
     if ($res = DB_fetch_array($qry)) 
      if ($res[0] != NULL and $res[0] > 0){ 
      $newid = $res[0] + 1; 
      $newid =1; 

$sql = "insert into hr_position (code,descr,lang) values (".$newid.",'".$_POST['field1'.$i]."',0)"; 
$result= DB_query($sql,$db); 

$sql = "insert into listsvalues (id,listid,userid,descr,lang,seq) values (".$newid.",40,-1,'".$_POST['field1'.$i]."',0,".$newid.")"; 
$result= DB_query($sql,$db); 

$sql = "insert into hr_position (code,descr,lang) values (".$newid.",'".$_POST['field2'.$i]."',2)"; 
$result= DB_query($sql,$db); 

$sql = "insert into listsvalues (id,listid,userid,descr,lang,seq) values (".$newid.",40,-1,'".$_POST['field2'.$i]."',2,".$newid.")"; 
$result= DB_query($sql,$db); 

$sql = "insert into hr_position (code,descr,lang) values (".$newid.",'".$_POST['field3'.$i]."',1)"; 
$result= DB_query($sql,$db); 

$sql = "insert into listsvalues (id,listid,userid,descr,lang,seq) values (".$newid.",40,-1,'".$_POST['field3'.$i]."',1,".$newid.")"; 
$result= DB_query($sql,$db); 

$sql = "select max(id) as mx from hrnodes "; 
$result1= DB_query($sql,$db); 
$newid1 = DB_fetch_array($result1); 
$nwd = $newid1['mx']+1; 
if ($_SESSION['lang']==0) {$name = $_POST['field1'.$i];} else if ($_SESSION['lang']==1) {$name = $_POST['field2'.$i];} else {$name = $_POST['field3'.$i];} 
$sql = "insert into hrnodes (id,userid,title,position,parentid,contactid,acyear) VALUES 
$result2= DB_query($sql,$db); 

$sql = "update hr_position set descr='".$_POST['field1'.$i]."' where code =".$_POST['cur_id_'.$i]." and lang = 0"; 
$result= DB_query($sql,$db); 
$sql = "update listsvalues set descr='".$_POST['field1'.$i]."' where listid=40 and id =".$_POST['cur_id_'.$i]." and lang = 0"; 
$result= DB_query($sql,$db); 

$sql = "update hr_position set descr='".$_POST['field2'.$i]."' where code =".$_POST['cur_id_'.$i]." and lang = 1"; 
$result= DB_query($sql,$db); 
$sql = "update listsvalues set descr='".$_POST['field2'.$i]."' where listid=40 and id =".$_POST['cur_id_'.$i]." and lang = 1"; 
$result= DB_query($sql,$db); 
$sql = "update hr_position set descr='".$_POST['field3'.$i]."' where code =".$_POST['cur_id_'.$i]." and lang = 2"; 
$result= DB_query($sql,$db); 
$sql = "update listsvalues set descr='".$_POST['field3'.$i]."' where listid=40 and id =".$_POST['cur_id_'.$i]." and lang = 2"; 
$result= DB_query($sql,$db); 

if ($_SESSION['lang']==0) {$name = $_POST['field1'.$i];} else if ($_SESSION['lang']==1) {$name = $_POST['field2'.$i];} else {$name = $_POST['field3'.$i];} 

$sql = "update hrnodes set title='".$name."' where contactid = '".$_POST['cur_id_'.$i]."' and userid=15"; 
$result2= DB_query($sql,$db); 

if(!isset($_POST['breakdown'])) $_POST['breakdown']=0; 
$sql = "SELECT distinct hr_position.code, hr_position.descr AS depe, hr_position_1.descr AS depf, hr_position_2.descr AS depa 
FROM   hr_position INNER JOIN 
         hr_position hr_position_1 ON hr_position.code = hr_position_1.code INNER JOIN 
         hr_position hr_position_2 ON hr_position_1.code = hr_position_2.code 
WHERE hr_position.code<>-1 and (hr_position.lang = 0) AND (hr_position_2.lang = 2) AND (hr_position_1.lang = 1)".$sorting; 

$result= DB_query($sql,$db); 
$num_rows = DB_num_rows($result); 
$tot = $_POST['breakdown']+$num_rows; 

<input type="hidden" name="amttype" value="" id="amttype"> 
<input type="hidden" name="invoicebreakdown" value="<?php echo $tot;?>" id="invoicebreakdown"> 
<input type="hidden" name="subbreakdown" value="" id="subbreakdown"> 

<table width="95%" border="0" cellpadding="5" cellspacing="0" class="table_fullwidth"> 
<tr><th width="30%">Position</th><th width="33%">Position</th> 
<th width="32%">ÇÇáãÑßÒ</th> 

<?php $i=1; 
while ($myrow1 = DB_fetch_array($result)) { 
if ($i % 2==0) $bkg='td1'; else $bkg='td2'; 

<tr id="trow_<?php echo $i;?>" class="<?php echo $bkg;?> "> 
<td align="center"><input type="hidden" name="cur_id_<?php echo $i;?>" id="cur_id_<?php echo $i;?>" value="<?php echo $myrow1['code'];?>"> <input type="text" name="field1<?php echo $i;?>" id="field1<?php echo $i;?>" class="sel_long1 required" value="<?php echo $myrow1['depe'];?>" tabindex="<?php echo $i;?>_1" > </td> 

<td align="center"><input tabindex="<?php echo $i;?>_2" class="sel_long1 required" type="text" name="field2<?php echo $i;?>" id="field2<?php echo $i;?>" value="<?php echo $myrow1['depf'] ;?>"> </td> 

<td align="center"><input tabindex="<?php echo $i;?>_4" class="sel_long1" type="text" name="field3<?php echo $i;?>" id="field3_<?php echo $i;?>" value="<?php echo $myrow1['depa'] ;?>"> </td> 
<td align="center"> <img src="<?php echo $site_path;?>images/del.png" width="20" class="cur" title="Delete" onclick="deleteitem('<?php echo $myrow1['code'];?>');"></td> 


$breakdown = $_POST['breakdown']+$num_rows; 
while($j<=$breakdown) { 
if ($j % 2==0) $bkg='td1'; else $bkg='td2'; 

<tr id="trow_<?php echo $j;?>" class="<?php echo $bkg;?> "><td align="center"> 
<input type="hidden" name="cur_id_<?php echo $j;?>" id="cur_id_<?php echo $j;?>" value=""> 
<input type="text" name="field1<?php echo $j;?>" id="field1<?php echo $j;?>" class="sel_long1 required" value="" tabindex="<?php echo $j;?>_1" > </td> 

<td align="center" ><input class="sel_long1 required" type="text" name="field2<?php echo $j;?>" id="field2<?php echo $j;?>" value="" tabindex="<?php echo $j;?>_2"></td> 

<td align="center"><input class="sel_long1 required" type="text" name="field3<?php echo $j;?>" id="field3<?php echo $j;?>" value="" tabindex="<?php echo $j;?>_4"> </td> 
<td align="center"><img src="<?php echo $site_path;?>images/del.png" title="Delete" onclick="delete_row_details(<?php echo $j;?>)" width="20" class="cur"></td> 
<?php $j++; }?> 
<div class="save_bt"><input name="save" id="savebt" class="no_marright submit-green save_right" value="Save" type="button" onclick="validate_save()" tabindex="<?php echo $j;?>"> </div> 

<div id="did1"></div> 

var $targets = $('#erp_from_sub').find('input, button , select'), 
    steps = $targets.map(function() { 
     return $(this).attr('tabindex'); 

$('#erp_from_sub').on('keypress', 'input, button, select', function(e) { 
    if (e.keyCode == 13) { 
     var current = $.inArray($(this).attr('tabindex'), steps), 
      next = steps[++current % steps.length]; 
     $targets.filter('[tabindex="' + next + '"]').focus(); 

function deleteitem(a) { 
    if(confirm('Are you sure you want delete?')) { document.erp_from_sub.delid.value=a; document.getElementById('action').value='3';load_subpage('erp_from_sub');} 

    function delete_row_details(id) 
var el = document.getElementById('trow_'+id); 
if(confirm("Are you sure you want to delete this row")==true) 