Php 仅在值不为null时更新mySQL
我正在处理一个更新查询,其中的值只应在值不为null或空时更新。现在,它会更新所有内容,而不考虑值。请帮我解决这个问题Php 仅在值不为null时更新mySQL,php,mysql,Php,Mysql,我正在处理一个更新查询,其中的值只应在值不为null或空时更新。现在,它会更新所有内容,而不考虑值。请帮我解决这个问题 $query = "UPDATE bundels SET batchkosten = CASE WHEN ". $_POST['batchkosten'] . " IS NOT NULL THEN ". $_POST['batchkosten'] . " ELSE batchkosten
$query = "UPDATE bundels
SET batchkosten = CASE WHEN ". $_POST['batchkosten'] . " IS NOT NULL
THEN ". $_POST['batchkosten'] . "
ELSE batchkosten
END CASE,
CASE WHEN ". $_POST['maandelijkse_kosten'] . " IS NOT NULL
THEN ". $_POST['maandelijkse_kosten'] . "
ELSE maandelijkse_kosten
END CASE,
CASE WHEN ". $_POST['aanmeldkosten'] . " IS NOT NULL
THEN ". $_POST['aanmeldkosten'] . "
ELSE aanmeldkosten
END CASE,
CASE WHEN ". $_POST['transactiekosten'] . " IS NOT NULL
THEN ". $_POST['transactiekosten'] . "
ELSE transactiekosten
END CASE,
CASE WHEN ". $_POST['referral'] . " IS NOT NULL
THEN ". $_POST['referral'] . "
ELSE referral
END CASE,
CASE WHEN ". $_POST['actief'] . " IS NOT NULL
THEN ". $_POST['actief'] . "
ELSE actief
END CASE
WHERE bundel_id = ". $_POST['bundel_id'] . "";
$result = mysql_query($query, $db) or die ('FOUT: werkt niet');
header ("Location: vergelijker_bewerken.php");
} else {
$bundels = mysql_query("SELECT bundels.psp_id, psp.psp_id, psp_naam, bundels.bundel_id, batchkosten, maandelijkse_kosten, aanmeldkosten, transactiekosten, referral, actief from bundels
JOIN psp
ON psp.psp_id = bundels.psp_ID");
}
案例
UPDATE bundels
SET batchkosten = case when ? is not null and length(?) > 0
then ?
else batchkosten
end,
...
SET batchkosten = CASE WHEN ? is not null and length(?) > 0
将查询更改为
$query= "UPDATE bundels SET
batchkosten = ' ". $_POST['batchkosten'] . " ',
maandelijkse_kosten = ' ". $_POST['maandelijkse_kosten'] . " ',
aanmeldkosten = ' ". $_POST['aanmeldkosten'] . " ',
transactiekosten = ' ". $_POST['transactiekosten'] . " ',
referral = ' ". $_POST['referral'] . " ',
actief = ' ". $_POST['actief'] . " '
WHERE bundel_id = ". $_POST['bundel_id'] . " ".
"and your_attribut is not null and your_attribut != ''";
别忘了更改“您的属性”。您可以编写如下脚本:
$query = "Update bundels SET ";
$columns = array( "batchkosten",
"maandelijkse_kosten",
"aanmeldkosten",
"transactiekosten",
"referral",
"actief");
foreach($columns as $column){
if(isset($_POST[$column]) && !empty($_POST[$column])){
$query .= $column . " = " $_POST[$column] . " ";
}
}
$query .= " WHERE bundel_id = " . $_POST['bundel_id'];
您指的是哪个值?1。停止使用
mysql\u
函数。它们已经被弃用多年了。它们也不受支持,并且没有任何安全更新。2.您的代码对SQL注入非常开放。对准备好的语句使用PDO
或MySQLi
,并绑定变量。将$\u POST['bundel\u id']
更改为''或1=1
以更改数据库中的所有记录并不困难。绑定变量可以解决这个问题。我现在有了:$query=“UPDATE bundels SET batchkosten=CASE WHEN”$_POST['batchkosten']。“那么不是空的”$_POST['batchkosten']。“以其他方式结束,以情况为准”$_邮政['maandelijkse_kosten']。“那么不是空的”$_邮政['maandelijkse_kosten']。“ELSE maandelijkse_kosten END等。但它不起作用,我找不到解决方案。你能帮我解决这个问题吗?它不会更新//当我将完整的代码放在第一篇文章中时,你的输入可能不是空的,而是空字符串。使用length()
例如,要检查这一点。正如回答中提到的,使用准备好的语句。如果不这样做,您会很快遇到麻烦。我尝试使用length()部分,因为我必须将其与length(“.$\u POST['batchkosten']”)一样放置但它仍然没有更新。这是我的代码,可能很简单。$query=“update-bundels SET-batchkosten=CASE当“$\u-POST['batchkosten]”长度(““$\u-POST['batchkosten]”)大于0,然后“$\u-POST['batchkosten]”否则batchkosten结束于bundel\u id=“$\u POST['bundel\u id']。"";
$query = "Update bundels SET ";
$columns = array( "batchkosten",
"maandelijkse_kosten",
"aanmeldkosten",
"transactiekosten",
"referral",
"actief");
foreach($columns as $column){
if(isset($_POST[$column]) && !empty($_POST[$column])){
$query .= $column . " = " $_POST[$column] . " ";
}
}
$query .= " WHERE bundel_id = " . $_POST['bundel_id'];