Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/265.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php 有条件准备语句不转换_Php_Sql_Mysql - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php 有条件准备语句不转换

Php 有条件准备语句不转换

php sql mysql

Php 有条件准备语句不转换,php,sql,mysql,Php,Sql,Mysql,我有下面的PHP代码,用于在给定用户名的用户名字段为空时插入数据,或者在存在用户名时更新数据。目前,insert以前工作正常,但它永远不会切换到update子句 然而,现在insert子句没有明显的原因,无法识别我的测试变量。我得到的错误是: Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given 及 这些都是最近的 if($cmd=="submitinfo"){ $userna

我有下面的PHP代码,用于在给定用户名的用户名字段为空时插入数据,或者在存在用户名时更新数据。目前,insert以前工作正常,但它永远不会切换到update子句

然而,现在insert子句没有明显的原因,无法识别我的测试变量。我得到的错误是:

Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given

这些都是最近的

if($cmd=="submitinfo"){

$usernameQuery = "select username from USERS where username = $username";

$xblah = $con->query($usernameQuery);
  while ($row = mysqli_fetch_assoc($xblah))
  {
    $checkUsername = $row['username'];

  }

if ($checkUsername == null) {

$userQuery = "INSERT INTO USERS VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
if ($userInfo = $con->prepare($userQuery)) {
    $userInfo->bind_param("ssssssssssssssssssss", $username, $firstname, $lastname, $flaggedauctions, $lastauction, $street1, $city1, $postcode1, $street2, $city2, $postcode2, $phone, $mobilephone, $fax, $email, $website, $bank, $banknumber, $accountnumber, $comments);
    $userInfo->execute();
    $userInfo->close();
    echo "true";
} else {
echo "false";
}
print_r($con->error);
}

else if ($checkUsername == $username) {

$userQuery = "UPDATE USERS SET firstname = ?, lastname = ?, flaggedauctions = ?, lastauction = ?, street1 = ?, city1 = ?, postcode1 = ?, street2 = ?, city2 = ?, postcode2 = ?, phone = ?, mobilephone = ?, fax = ?, email = ?, website = ?, bank = ?, banknumber = ?, accoutnumber = ? WHERE username = ?";
if ($userInfo = $con->prepare($userQuery)) {
    $userInfo->bind_param("sssssssssssssssssss", $firstname, $lastname, $flaggedauctions, $lastauction, $street1, $city1, $postcode1, $street2, $city2, $postcode2, $phone, $mobilephone, $fax, $email, $website, $bank, $banknumber, $accountnumber, $username);
    $userInfo->execute();
    $userInfo->close();
    echo "true";
} else {
echo "false";
}
print_r($con->error);
}
}
根据与用户名字段匹配的$username的内容,更新或插入的首选方式是什么

Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given
那是你的错误信息?我认为你的问题在于这一行:

$xblah = $con->query($usernameQuery);
对$xblah执行
var\u转储
。我怀疑你的查询失败了。可能是因为您尚未从输入中获取
$username
。为了对根的爱,一定要逃避它
mysql\u real\u escape\u string()
将执行您想要的操作。

如果您使用的是mysql,并且用户名是唯一的,您可以使用以下方便的SQL:

INSERT INTO users (?, ?, ...) ON
DUPLICATE KEY UPDATE firstname=?,
lastname=?, ...)
有关完整文档,请参阅。

Yep。另一个查询是参数化的,为什么不是这个呢?$xblah打印出bool(false)?@Josh这意味着您的查询失败了。确保您在$username中有输入。@Kalium var_dump$username打印出一个由15个字符组成的字符串,即正确的用户名。我正在从GET获取用户名,并且输入肯定在那里。我想你没事。您正在使用的方法是可以接受的,并且可能与不涉及完整抽象层的情况下得到的方法一样好。所以我应该使用它来代替我目前使用的条件代码? 
INSERT INTO users (?, ?, ...) ON
DUPLICATE KEY UPDATE firstname=?,
lastname=?, ...)