Php 从GET表单插入值后无法更新用户表
我目前正在为我高中的班级做一个测验 我需要从表格中获取数据,然后插入,然后它应该用在测验中获得的分数更新插入的行 我目前正在使用以下代码,但我没有得到会员数据库中的点更新Php 从GET表单插入值后无法更新用户表,php,mysql,Php,Mysql,我目前正在为我高中的班级做一个测验 我需要从表格中获取数据,然后插入,然后它应该用在测验中获得的分数更新插入的行 我目前正在使用以下代码,但我没有得到会员数据库中的点更新 $conn= mysql_connect($servername,$username,$password)or die(mysql_error()); mysql_select_db("kiggeded_marketingmix",$conn); mysql_query("SET NAMES 'utf8'"); mysql_
$conn= mysql_connect($servername,$username,$password)or die(mysql_error());
mysql_select_db("kiggeded_marketingmix",$conn);
mysql_query("SET NAMES 'utf8'");
mysql_query("SET CHARACTER SET utf8");
$q1="SELECT point FROM questions WHERE dif = '1'";
$q2="SELECT point FROM questions WHERE dif = '2'";
$q3="SELECT point FROM questions WHERE dif = '3'";
$q4="SELECT point FROM questions WHERE dif = '4'";
$q5="SELECT point FROM questions WHERE dif = '5'";
$q6="SELECT point FROM questions WHERE dif = '6'";
$q7="SELECT point FROM questions WHERE dif = '7'";
$q8="SELECT point FROM questions WHERE dif = '8'";
$q9="SELECT point FROM questions WHERE dif = '9'";
$q10="SELECT point FROM questions WHERE dif = '10'";
$q11="SELECT point FROM questions WHERE dif = '11'";
$q12="SELECT point FROM questions WHERE dif = '12'";
$q13="SELECT point FROM questions WHERE dif = '13'";
$q14="SELECT point FROM questions WHERE dif = '14'";
$q15="SELECT point FROM questions WHERE dif = '15'";
$q16="SELECT point FROM questions WHERE dif = '16'";
$q17="SELECT point FROM questions WHERE dif = '17'";
$q18="SELECT point FROM questions WHERE dif = '18'";
$q19="SELECT point FROM questions WHERE dif = '19'";
$q20="SELECT point FROM questions WHERE dif = '20'";
$q21="SELECT point FROM questions WHERE dif = '21'";
$q21="SELECT point FROM questions WHERE dif = '22'";
$point= $q1 + $q2 + $q3 + $q4 + $q5 + $q6 + $q7 + $q8 + $q9 + $q10 + $q11 + $q12 + $q13 + $q14 + $q15 + $q16 + $q17 + $q18 + $q19 + $q20 + $q21 + $q22;
$sql="INSERT INTO members
(uid, username, first_name, last_name, q2, q3, q4, q5, q6,
q7, q8, q9, q10, q11, q12, q13, q14, q15, q16, q17, q18,
q19, q20, q21, q22) VALUES
('$_GET[uid]', '$_GET[username]', '$_GET[first_name]', '$_GET[last_name]', '$_GET[q2]',
'$_GET[q3]', '$_GET[q4]', '$_GET[q5]', '$_GET[q6]', '$_GET[q7]', '$_GET[q8]',
'$_GET[q9]', '$_GET[q10]', '$_GET[q11]', '$_GET[q12]', '$_GET[q13]', '$_GET[q14]',
'$_GET[q15]', '$_GET[q16]', '$_GET[q17]', '$_GET[q18]', '$_GET[q19]', '$_GET[q20]',
'$_GET[q21]','$_GET[q22]')";
$sql2="UPDATE members SET point='$point' WHERE uid='$_GET[uid]'";
$result=mysql_query($sql,$conn) or die(mysql_error());
$result=mysql_query($sql2,$conn) or die(mysql_error());
header("Location: http://kiggede.dk/quiz/?tak=1");
$q1="SELECT point FROM questions WHERE dif = '1'";
$result1=mysql_query($q1,$conn)
$q2="SELECT point FROM questions WHERE dif = '2'";
$result2=mysql_query($q2,$conn)
[...]
访问
$\u GET$sql2="UPDATE members SET point='$point' WHERE uid = '" . $_GET['uid'] . "'";
然而,这段代码极易被SQL注入。您应该清理用户输入。如果这是您的完整代码,则您忘记实际从数据库中选择点
$conn= mysql_connect($servername,$username,$password)or die(mysql_error());
mysql_select_db("kiggeded_marketingmix",$conn);
mysql_query("SET NAMES 'utf8'");
mysql_query("SET CHARACTER SET utf8");
$q1="SELECT point FROM questions WHERE dif = '1'";
$q2="SELECT point FROM questions WHERE dif = '2'";
$q3="SELECT point FROM questions WHERE dif = '3'";
$q4="SELECT point FROM questions WHERE dif = '4'";
$q5="SELECT point FROM questions WHERE dif = '5'";
$q6="SELECT point FROM questions WHERE dif = '6'";
$q7="SELECT point FROM questions WHERE dif = '7'";
$q8="SELECT point FROM questions WHERE dif = '8'";
$q9="SELECT point FROM questions WHERE dif = '9'";
$q10="SELECT point FROM questions WHERE dif = '10'";
$q11="SELECT point FROM questions WHERE dif = '11'";
$q12="SELECT point FROM questions WHERE dif = '12'";
$q13="SELECT point FROM questions WHERE dif = '13'";
$q14="SELECT point FROM questions WHERE dif = '14'";
$q15="SELECT point FROM questions WHERE dif = '15'";
$q16="SELECT point FROM questions WHERE dif = '16'";
$q17="SELECT point FROM questions WHERE dif = '17'";
$q18="SELECT point FROM questions WHERE dif = '18'";
$q19="SELECT point FROM questions WHERE dif = '19'";
$q20="SELECT point FROM questions WHERE dif = '20'";
$q21="SELECT point FROM questions WHERE dif = '21'";
$q21="SELECT point FROM questions WHERE dif = '22'";
$point= $q1 + $q2 + $q3 + $q4 + $q5 + $q6 + $q7 + $q8 + $q9 + $q10 + $q11 + $q12 + $q13 + $q14 + $q15 + $q16 + $q17 + $q18 + $q19 + $q20 + $q21 + $q22;
$sql="INSERT INTO members
(uid, username, first_name, last_name, q2, q3, q4, q5, q6,
q7, q8, q9, q10, q11, q12, q13, q14, q15, q16, q17, q18,
q19, q20, q21, q22) VALUES
('$_GET[uid]', '$_GET[username]', '$_GET[first_name]', '$_GET[last_name]', '$_GET[q2]',
'$_GET[q3]', '$_GET[q4]', '$_GET[q5]', '$_GET[q6]', '$_GET[q7]', '$_GET[q8]',
'$_GET[q9]', '$_GET[q10]', '$_GET[q11]', '$_GET[q12]', '$_GET[q13]', '$_GET[q14]',
'$_GET[q15]', '$_GET[q16]', '$_GET[q17]', '$_GET[q18]', '$_GET[q19]', '$_GET[q20]',
'$_GET[q21]','$_GET[q22]')";
$sql2="UPDATE members SET point='$point' WHERE uid='$_GET[uid]'";
$result=mysql_query($sql,$conn) or die(mysql_error());
$result=mysql_query($sql2,$conn) or die(mysql_error());
header("Location: http://kiggede.dk/quiz/?tak=1");
$q1="SELECT point FROM questions WHERE dif = '1'";
$result1=mysql_query($q1,$conn)
$q2="SELECT point FROM questions WHERE dif = '2'";
$result2=mysql_query($q2,$conn)
[...]
$q="SELECT count(point) FROM questions WHERE dif between 1 and 22";
$result=mysql_query($q,$conn)
你的选择之墙是无用的。将它们减少到:
SELECT point FROM questions WHERE dif BETWEEN 1 AND 22;
作为对未来的提示:我建议在任何情况下都使用预先准备好的语句。我还建议使用MySQLi(或更好的PDO)进行数据库交互。PHP5.5不推荐使用PHP MySQL扩展。点域类型是什么?请注意,您的代码易于SQL注入点域类型是int