Php 主题更新失败
一切正常,我在编写代码时没有收到任何语法错误(我使用的是Dreamviwer代码编辑器软件。但是,当我运行它时,我收到以下错误: //处理表格Php 主题更新失败,php,mysql,mariadb,Php,Mysql,Mariadb,一切正常,我在编写代码时没有收到任何语法错误(我使用的是Dreamviwer代码编辑器软件。但是,当我运行它时,我收到以下错误: //处理表格 Subject Update Failed!!You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '' at line 1 I
Subject Update Failed!!You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '' at line 1
I am stuck here can anyone help me what I am missing in this code.The error is in Update Query.
很可能您输入了错误的参数名称。请先输入您的参数 并使用准备好的语句来防止SQL注入:
$id= $current_subject["Id"];
$name=mysql_prep($_POST["Name"]);
$position=(int)$_POST["Position"];
$visible=(int)$_POST["Visible"];
$query="UPDATE subjects SET Name='{$name}',Position=$position,Visible=$visible WHERE Id={$id}";
$result= mysqli_query($conn, $query);
if($result && mysqli_affected_rows($conn)==1){
//success
$_SESSION["message"]="Subject updated.";
redirect_to("manage_content.php");
}else{
//Failure
$message="Subject Update Failed" . $conn->error;
}
进一步阅读:。什么是mysql_prep?我认为您需要删除更新查询
echo$query
中的{}。当您发现语法错误时,请卷起尾巴。
$dbh = new PDO('mysql:host=localhost;dbname=test', $user, $pass);
$query="UPDATE subjects SET Name = ? ,Position = ?,Visible = ? WHERE Id = ?";
$stmt = $dbh->prepare($query);
$stmt->bindParam(1, $name);
$stmt->bindParam(2, $position);
$stmt->bindParam(3, $visible);
$stmt->bindParam(4, $id);
$stmt->execute();
$stmt->fetchAll();