Php 在MySQL中更新表行时出现问题
这是一个具体的问题 我在下面有一个函数。我Php 在MySQL中更新表行时出现问题,php,mysql,Php,Mysql,这是一个具体的问题 我在下面有一个函数。我echo输出$user和$request变量只是为了确保它们被传递,我正在使用gettype()检查它们是否都是整数 public function acceptRequest($user, $request){ echo $user . $request ; $this->db->query("UPDATE test_requestBuddy SET accept = 'accepted' WHERE us
echo$user$requestgettype()public function acceptRequest($user, $request){
echo $user . $request ;
$this->db->query("UPDATE test_requestBuddy SET accept = 'accepted'
WHERE user_requestId = $request AND user_responseId = $user ");
echo 'success';
}
$test->acceptRequest(3,9);
$request$userpublic function acceptRequest($user, $request){
echo $user . $request ;
$this->db->query("UPDATE test_requestBuddy SET accept = 'accepted'
WHERE user_requestId = 9 AND user_responseId = 3 "); // replace variables
echo 'success';
}
$this->db->query("UPDATE test_requestBuddy SET accept = 'accepted'
WHERE user_requestId = '$request' AND user_responseId = '$user' ");
或者您可以检查mysql是否在严格模式下运行 使用MySQLi和准备好的语句:
public function acceptRequest($user, $request){
echo $user . $request ;
# NOTE Your db handle needs to be mysqli!
# http://php.net/manual/en/mysqli.quickstart.statements.php
$mysqli = $this->db;
if ($stmt = $mysqli->prepare("UPDATE test_requestBuddy SET accept = 'accepted'
WHERE user_requestId = ? AND user_responseId = ? ")) {
/* bind parameters - i ensures integers */
$stmt->bind_param("ii", $user, $request);
/* execute query */
$stmt->execute();
/* close statement */
$stmt->close();
echo 'success';
}
}
正如JoeT所提到的,在这里使用MySQLi将是最好的技术——因为您不想成为SQL注入的牺牲品。假设请求和响应是数据库中的整数:
$query = ("UPDATE test_requestBuddy SET accept = 'accepted'
WHERE user_requestId = ? AND user_responseId = ? ");
$stmt = $mysqli->prepare($query);
$stmt->bind_param('ii', $request, $user);
$stmt->execute();
$stmt->bind_result();
$stmt->fetch();
$stmt->close();
$this->db->query("UPDATE test_requestBuddy SET accept = 'accepted'
WHERE user_requestId = {$request} AND user_responseId = {$user} ");
你在用mysqli,对吗?你试过使用事先准备好的陈述吗?啊,不,我会调查的