The script itself for adding, deleting, editing a specific table works. The question is how to do this for the table we have chosen or entered? I tried using the form $ _POST ['name_table'] to transfer the name of the table, it transfers, but when I click on the edit link, the fields are empty, and the delete and add functions also do not work.

$GLOBALS['link'] = mysqli_connect("localhost", "user", "passwd", "infoip"); if ( !isset( $_GET["action"] ) ) $_GET["action"] = "showlist"; switch ( $_GET["action"] ) { case "showlist": // Список всех записей в таблице БД show_list(); break; case "addform": // Форма для добавления новой записи get_add_item_form(); break; case "add": // Добавить новую запись в таблицу БД add_item(); break; case "editform": // Форма для редактирования записи get_edit_item_form(); break; case "update": // Обновить запись в таблице БД update_item(); break; case "delete": // Удалить запись в таблице БД delete_item(); break; default: show_list(); } // Функция выводит список всех записей в таблице БД function show_list() { $query = "SELECT `id`, `IP`, `Hostname`, `Ports`, `Mac_address`, `Mac_vendor`, `date` FROM `".$_POST['name_table']."`"; $res = mysqli_query($GLOBALS['link'],$query ); // echo $_POST['name_table']; echo '<h2>Список IP & Mask</h2>'; echo '<table border="1" cellpadding="2" cellspacing="0">'; echo '<tr><th>ID</th><th>IP & Mask</th><th>Hostname</th><th>Ports</th><th>Mac_address</th><th>Mac_vendor</th><th>Date</th><th>Редактировать</th><th>Удалить</th></tr>'; while ( $item = mysqli_fetch_array( $res ) ) { echo '<tr>'; echo '<td>'.$item['id'].'</td>'; echo '<td>'.$item['IP'].'</td>'; echo '<td>'.$item['Hostname'].'</td>'; echo '<td>'.$item['Ports'].'</td>'; echo '<td>'.$item['Mac_address'].'</td>'; echo '<td>'.$item['Mac_vendor'].'</td>'; echo '<td>'.$item['date'].'</td>'; echo '<td><a href="'.$_SERVER['PHP_SELF'].'?action=editform&id='.$item['id'].'">Ред.</a></td>'; echo '<td><a href="'.$_SERVER['PHP_SELF'].'?action=delete&id='.$item['id'].'">Удл.</a></td>'; echo '</tr>'; } echo '</table>'; echo '<p><a href="'.$_SERVER['PHP_SELF'].'?action=addform">Добавить</a></p>'; } // Функция формирует форму для добавления записи в таблице БД function get_add_item_form() { echo '<h2>Добавить</h2>'; echo '<form name="addform" action="'.$_SERVER['PHP_SELF'].'?action=add" method="POST">'; echo '<table>'; echo '<tr>'; echo '<td>IP</td>'; echo '<td><input type="text" name="IP" value="" /></td>'; echo '</tr>'; echo '<tr>'; echo '<td>Hostname</td>'; echo '<td><input type="text" name="Hostname" value="" /></td>'; echo '</tr>'; echo '<tr>'; echo '<td>Ports</td>'; echo '<td><input type="text" name="Ports" value="" /></td>'; echo '</tr>'; echo '<tr>'; echo '<td>Mac_address</td>'; echo '<td><input type="text" name="Ports" value="" /></td>'; echo '</tr>'; echo '<tr>'; echo '<td>Mac_vendor</td>'; echo '<td><input type="text" name="Ports" value="" /></td>'; echo '</tr>'; echo '<tr>'; echo '<td>date</td>'; echo '<td><input type="text" name="Ports" value="" /></td>'; echo '</tr>'; echo '<tr>'; echo '<td><input type="submit" value="Сохранить"></td>'; echo '<td><button type="button" onClick="history.back();">Отменить</button></td>'; echo '</tr>'; echo '</table>'; echo '</form>'; } // Функция добавляет новую запись в таблицу БД function add_item() { $IP = mysqli_escape_string($GLOBALS['link'], $_POST['IP'] ); $Hostname = mysqli_escape_string($GLOBALS['link'], $_POST['Hostname'] ); $Ports = mysqli_escape_string($GLOBALS['link'], $_POST['Ports'] ); $Mac_address = mysqli_escape_string($GLOBALS['link'], $_POST['Mac_address'] ); $Mac_vendor = mysqli_escape_string($GLOBALS['link'], $_POST['Mac_vendor'] ); $date = mysqli_escape_string($GLOBALS['link'], $_POST['date'] ); $query = "INSERT INTO `".$_POST['name_table']."` (IP, Hostname, Ports, Mac_address, Mac_vendor, date) VALUES ('".$IP."', '".$Hostname."', '".$Ports."', '".$Mac_address."', '".$Mac_vendor."', '".$Date."' );"; mysqli_query ($GLOBALS['link'],$query ); //header( 'Location: '.$_SERVER['PHP_SELF'] ); die(); } // Функция формирует форму для редактирования записи в таблице БД function get_edit_item_form() { echo '<h2>Редактировать</h2>'; $query = "SELECT `id`, `IP`, `Hostname`, `Ports`, `Mac_address`, `Mac_vendor`, `date` FROM `".$_POST['name_table']."` WHERE id=".$_GET['id']; $res = mysqli_query($GLOBALS['link'], $query ); $item = mysqli_fetch_array( $res ); echo '<form name="editform" action="'.$_SERVER['PHP_SELF'].'?action=update&id='.$_GET['id'].'" method="POST">'; echo '<table>'; echo '<tr>'; echo '<td>IP</td>'; echo '<td><input type="text" name="IP" value="'.$item['IP'].'"></td>'; echo '</tr>'; echo '<tr>'; echo '<td>Hostname</td>'; echo '<td><input type="text" name="Hostname" value="'.$item['Hostname'].'"></td>'; echo '</tr>'; echo '<tr>'; echo '<td>Ports</td>'; echo '<td><input type="text" name="Ports" value="'.$item['Ports'].'"></td>'; echo '</tr>'; echo '<tr>'; echo '<td>Mac_address</td>'; echo '<td><input type="text" name="Mac_address" value="'.$item['Mac_address'].'"></td>'; echo '</tr>'; echo '<tr>'; echo '<td>Mac_vendor</td>'; echo '<td><input type="text" name="Mac_address" value="'.$item['Mac_vendor'].'"></td>'; echo '</tr>'; echo '<tr>'; echo '<td>date</td>'; echo '<td><input type="text" name="date" value="'.$item['date'].'"></td>'; echo '</tr>'; echo '<tr>'; echo '<td><input type="submit" value="Сохранить"></td>'; echo '<td><button type="button" onClick="history.back();">Отменить</button></td>'; echo '</tr>'; echo '</table>'; echo '</form>'; } // Функция обновляет запись в таблице БД function update_item() { $IP = mysqli_escape_string($GLOBALS['link'], $_POST['IP'] ); $Hostname = mysqli_escape_string($GLOBALS['link'], $_POST['Hostname'] ); $Ports = mysqli_escape_string($GLOBALS['link'], $_POST['Ports'] ); $Mac_address = mysqli_escape_string($GLOBALS['link'], $_POST['Mac_address'] ); $Mac_vendor = mysqli_escape_string($GLOBALS['link'], $_POST['Mac_vendor'] ); $date = mysqli_escape_string($GLOBALS['link'], $_POST['date'] ); $query = "UPDATE `".$_POST['name_table']."` SET IP ='".$IP."', Hostname='".$Hostname."', Ports = '".$Ports."', Mac_address = '".$Mac_address."', Mac_vendor = '".$Mac_vendor."', date = '".$date."' WHERE id=".$_GET['id']; mysqli_query ($GLOBALS['link'], $query ); header( 'Location: '.$_SERVER['PHP_SELF'] ); die(); } // Функция удаляет запись в таблице БД function delete_item() { $query = "DELETE FROM `".$_GET['name_table']."` WHERE id=".$_GET['id']; mysqli_query ($GLOBALS['link'], $query ); header( 'Location: '.$_SERVER['PHP_SELF'] ); die(); } ?>
  • 2
    Hmm, why should they be full, a field? Different tables - different fields. First you should get the name of the fields from the selected table, and then build the remaining actions based on the array of fields. - Visman
  • Never do this: "SELECT id , IP , Hostname , Ports , Mac_address , Mac_vendor , date FROM ".$_POST['name_table']." "; Here you have a sql injection in its pure form, and in general I strongly advise reading the documentation and books on web development and php - Connor Holt
  • one
    @Visman and can not be different tables with the same fields? - teran
  • 2
    @ConnorHolt yes here, in principle, one big example of how not to write to php. - teran
  • @Visman in this case, I have the same field names in the tables - shonny

0