在php我的sql数据表中用id更新特定字段

Scrrenshot Of Page

Above is the screen shot of my page. My problem is i'm getting the data from my sql table and creating a php data table like this:

<?php
$s="select * from events join event_time on (events.event_id=event_time.event_id)

where events.isapproved='N' ";
$res=mysql_query($s);
echo "<table border='1' cellspacing='2' >
<tr>
<th>title</th>
<th>email</th>
<th>address</th>
<th>link</th>
<th>start_date</th>
<th>start_time</th>
<th>end_date</th>
<th>isapproved</th> 
</tr>";
while($info = mysql_fetch_array( $res )) 
{
echo "<tr>";
echo " <td>".$info['title'] . "</td> ";
echo " <td>".$info['email'] . "</td> ";
echo " <td>".$info['address'] . "</td> ";
echo " <td>".$info['link'] . "</td> ";
echo " <td>".$info['start_date'] . "</td> ";
echo " <td>".$info['start_time'] . "</td> ";
echo " <td>".$info['end_date'] . "</td> ";
echo "<td><a href=yes.php?".$info['event_id'] .">".$info['isapproved'] ."</a></td>";
echo "<td><a href=del.php?".$info['event_id'].">".'Delete'."</a></td></tr>";

}
echo "</table>";

?>

The hyper link what i am trying to acces is yes.php

<?php
include("config/config.php");

$sq="select * from events";
$res=mysql_query($sq);
while($row=mysql_fetch_assoc($res))
{
if($row['isapproved']=='N')
{
$id=$row['event_id'];

}
}
$sql="UPDATE events SET isapproved= 'Y'
WHERE event_id='$id'";

$result = mysql_query($sql);


header("Location:admin.php");
?>

See, The function is when i click that hyper link "N" my table has to be updated(as you can see in the query) with value "Y".

The real problem is i am getting the id when i click on "N" but when the query gt updated the row at the bottom of the table is updating as "Y". What is the problem? Can anyone look into it.. I'm dying looking out of it...

If I'm not wrong you want the following thing. At first change your php data table with this :

while($info = mysql_fetch_array( $res )) 
{
echo "<tr>";
echo " <td>".$info['title'] . "</td> ";
echo " <td>".$info['email'] . "</td> ";
echo " <td>".$info['address'] . "</td> ";
echo " <td>".$info['link'] . "</td> ";
echo " <td>".$info['start_date'] . "</td> ";
echo " <td>".$info['start_time'] . "</td> ";
echo " <td>".$info['end_date'] . "</td> ";
echo "<td><a href=yes.php?id=".$info['event_id'] .">".$info['isapproved'] ."</a></td>";
echo "<td><a href=del.php?".$info['event_id'].">".'Delete'."</a></td></tr>";

}

Then change the yes.php file with the following code:

<?php
include("config/config.php");
$id=$_GET['id'];
$sql="UPDATE events SET isapproved= 'Y'
WHERE event_id='$id'";

$result = mysql_query($sql);


header("Location:admin.php");
?>

With this code:

$sq="select * from events";
$res=mysql_query($sq);
while($row=mysql_fetch_assoc($res))
{
if($row['isapproved']=='N')
{
$id=$row['event_id'];

}
}

You are grabbing the id of all unapproved events and storing them (overwriting) in $id. You probably want to change all of that to $id = intval($_GET['id']);, and in your other page change <a href=yes.php?".$info['event_id'] ."> to <a href=yes.php?id=".$info['event_id'] .">.

You may also want to add your own validation on that input. Keep in mind that anything sent through get is insecure. If someone sends in an attempt at an injection attack intval will just convert it to an integer (0 if it fails to convert), so you're safe from that but people could fake any id they wanted and have it's status changed. Also if you have an event with id 0 a failed intval will modify it instead of nothing if you don't test for that.