Php 更新mySQL查询不起作用
我一直在开发一些学生管理系统,学生登录并注册课程,登录后,登录机制运行良好,显示学生姓名、id等并要求注册课程,当学生选择课程时,所选课程应更新到数据库,提交页面需要从上一页获取学生id和课程,并相应地更新数据库 提交后,仅将课程更新为$fresh:S 下面是submit.php代码:Php 更新mySQL查询不起作用,php,mysql,sql,database,Php,Mysql,Sql,Database,我一直在开发一些学生管理系统,学生登录并注册课程,登录后,登录机制运行良好,显示学生姓名、id等并要求注册课程,当学生选择课程时,所选课程应更新到数据库,提交页面需要从上一页获取学生id和课程,并相应地更新数据库 提交后,仅将课程更新为$fresh:S 下面是submit.php代码: <?php $dbhost = 'localhost'; $dbuser = 'username'; $dbpass = '123'; $conn = mysql_connect($dbhost, $dbu
<?php
$dbhost = 'localhost';
$dbuser = 'username';
$dbpass = '123';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$fresh = $_REQUEST["fresh"];
$user_id= $_REQUEST["user_id"];
$sql = 'UPDATE courses
SET fresh="$fresh"
WHERE user_id=$user_id';
mysql_select_db('registrations');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
?>
$sql = 'UPDATE courses SET fresh="$fresh" WHERE user_id=$user_id';
^----- This one This one ---------^
$sql = "UPDATE `courses`
SET `fresh`='$fresh'
WHERE `user_id`=$user_id";
$sql = 'UPDATE courses SET fresh="$fresh" WHERE user_id=$user_id';
^----- This one This one ---------^
$sql = "UPDATE `courses`
SET `fresh`='$fresh'
WHERE `user_id`=$user_id";
您需要将php变量放在引号中 试试这个sql
$sql = "UPDATE courses
SET fresh='$fresh'
WHERE user_id='$user_id'";
您需要将php变量放在引号中 试试这个sql
$sql = "UPDATE courses
SET fresh='$fresh'
WHERE user_id='$user_id'";
删除$fresh的双引号,然后尝试使用它
$sql = "UPDATE courses
SET fresh='$fresh'
WHERE user_id=$user_id";
删除$fresh的双引号,然后尝试使用它
$sql = "UPDATE courses
SET fresh='$fresh'
WHERE user_id=$user_id";
"UPDATE `courses` SET `fresh`='$fresh' WHERE `user_id`='$user_id' ";
"UPDATE `courses` SET `fresh`='$fresh' WHERE `user_id`='$user_id' ";
<?php
$fresh = "test_string";
$user_id = 1;
$sql = 'UPDATE courses SET fresh="$fresh" WHERE user_id=$user_id';
$corrected_sql = "UPDATE courses SET fresh='$fresh' WHERE user_id=$user_id";
echo '<pre>';
echo "\$sql output: $sql" . "\n";
echo "\$corrected_sql output: $corrected_sql";
echo '</pre>';
?>
<?php
$dbhost = 'localhost';
$dbuser = 'username';
$dbpass = '123';
$database='registrations';
$conn = mysqli_connect($dbhost, $dbuser, $dbpass,$database);
if (!$conn || $conn==null) die('Could not connect: ' . mysqli_error($conn));
$fresh = $_REQUEST["fresh"];
$user_id= $_REQUEST["user_id"];
$sql = "UPDATE courses
SET fresh='$fresh'
WHERE user_id=$user_id";
$retval = mysqli_query($conn, $sql);
if(! $retval )
{
die('Could not update data: ' . mysqli_error($conn));
}
else{
echo "Updated data successfully\n";
}
mysqli_close($conn);
?>
<?php
$fresh = "test_string";
$user_id = 1;
$sql = 'UPDATE courses SET fresh="$fresh" WHERE user_id=$user_id';
$corrected_sql = "UPDATE courses SET fresh='$fresh' WHERE user_id=$user_id";
echo '<pre>';
echo "\$sql output: $sql" . "\n";
echo "\$corrected_sql output: $corrected_sql";
echo '</pre>';
?>
<?php
$dbhost = 'localhost';
$dbuser = 'username';
$dbpass = '123';
$database='registrations';
$conn = mysqli_connect($dbhost, $dbuser, $dbpass,$database);
if (!$conn || $conn==null) die('Could not connect: ' . mysqli_error($conn));
$fresh = $_REQUEST["fresh"];
$user_id= $_REQUEST["user_id"];
$sql = "UPDATE courses
SET fresh='$fresh'
WHERE user_id=$user_id";
$retval = mysqli_query($conn, $sql);
if(! $retval )
{
die('Could not update data: ' . mysqli_error($conn));
}
else{
echo "Updated data successfully\n";
}
mysqli_close($conn);
?>
您可以注意到单引号和双引号之间的差异。希望有帮助 试试这个代码块
试试这个代码块
user_id可能是int,因此不需要引号。见下面Shankar的答案。可能是,但不确定。因此,正确使用可变报价是无害的;但这不是问题所在。OP将SQL查询包装在单引号中。在PHP中,变量在单引号内时不会被插值。您必须1使用双引号,或2使用串联来连接字符串。user_id可能是int,因此不需要引号。见下面Shankar的答案。可能是,但不确定。因此,正确使用可变报价是无害的;但这不是问题所在。OP将SQL查询包装在单引号中。在PHP中,变量在单引号内时不会被插值。您必须1使用双引号,或2使用串联来连接字符串。您是sql注入的简单目标。还需要使用一些转义。您使用的是decprecated mysql_*使用mysqli_*或PDO。您是sql注入的简单目标。还需要使用一些转义。您使用的是decprecated mysql\u*使用mysqli\u*或pdo