PHP-更新表时出错
我正在尝试更新MySQL表行中的一行,如下所示:PHP-更新表时出错,php,mysql,sql,Php,Mysql,Sql,我正在尝试更新MySQL表行中的一行,如下所示: $conn = new mysqli('localhost','root','','db'); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } //if input == members $sql = "UPDATE `members` SET id = ".$_POST['i
$conn = new mysqli('localhost','root','','db');
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
//if input == members
$sql = "UPDATE `members` SET id = ".$_POST['id']." fname = ".$_POST['fname'].", lname = ".
$_POST['lname'].", gender = ".$_POST['gender'].", age_group = ".$_POST['age_group'].", status = ".
$_POST['status'].", dob_day = ".$_POST['dob_day'].", dob_month = ".$_POST['dob_month'].", wed_anni_day = ".
$_POST['wed_anni_day'].", wed_anni_month = ".$_POST['wed_anni_month'].", type = ".
$_POST['type'].", email = ".$_POST['email'].", address = ".$_POST['address'].", city = ".$_POST['city'].", zipco = ".
$_POST['zipco'].", contact1 = ".$_POST['contact1'].", contact2 = ".$_POST['contact2'];
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
我得到这个错误:
Error updating record: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'fname = s_name, lname = l_name, gender = Female, age_group = Adult, status = ' at line 1
我做错了什么?
谢谢。在
id=“.$\u POST['id']”之后缺少一个,
。
这里是contact2=“.$\u POST['contact2']”;
不能像这样断线
$sql = "UPDATE `members` SET id = ".$_POST['id']."
fname = ".$_POST['fname'].",
lname = ".$_POST['lname'].",
gender = ".$_POST['gender'].",
age_group = ".$_POST['age_group'].",
status = ".$_POST['status'].",
dob_day = ".$_POST['dob_day'].",
dob_month = ".$_POST['dob_month'].",
wed_anni_day = ".$_POST['wed_anni_day'].",
wed_anni_month = ".$_POST['wed_anni_month'].",
type = ".$_POST['type'].",
email = ".$_POST['email'].",
address = ".$_POST['address'].",
city = ".$_POST['city'].",
zipco = ".$_POST['zipco'].",
contact1 = ".$_POST['contact1'].",
contact2 = ".$_POST['contact2'];
应该是
$sql = "UPDATE `members` SET id = ".$_POST['id'].",
fname = ".$_POST['fname'].",
lname = ".$_POST['lname'].",
gender = ".$_POST['gender'].",
age_group = ".$_POST['age_group'].",
status = ".$_POST['status'].",
dob_day = ".$_POST['dob_day'].",
dob_month = ".$_POST['dob_month'].",
wed_anni_day = ".$_POST['wed_anni_day'].",
wed_anni_month = ".$_POST['wed_anni_month'].",
type = ".$_POST['type'].",
email = ".$_POST['email'].",
address = ".$_POST['address'].",
city = ".$_POST['city'].",
zipco = ".$_POST['zipco'].",
contact1 = ".$_POST['contact1'].",
contact2 = ".$_POST['contact2']." ";
还有,其中
子句缺失
或者可能是查询应该是这样的
$sql = "UPDATE `members` SET fname = ".$_POST['fname'].",
lname = ".$_POST['lname'].",
gender = ".$_POST['gender'].",
age_group = ".$_POST['age_group'].",
status = ".$_POST['status'].",
dob_day = ".$_POST['dob_day'].",
dob_month = ".$_POST['dob_month'].",
wed_anni_day = ".$_POST['wed_anni_day'].",
wed_anni_month = ".$_POST['wed_anni_month'].",
type = ".$_POST['type'].",
email = ".$_POST['email'].",
address = ".$_POST['address'].",
city = ".$_POST['city'].",
zipco = ".$_POST['zipco'].",
contact1 = ".$_POST['contact1'].",
contact2 = ".$_POST['contact2']."
WHERE
id = ".$_POST['id']." ";
最好的方法
$id = mysql_real_escape_string($_POST['id']);
$fname = mysql_real_escape_string($_POST['fname']);
$lname = mysql_real_escape_string($_POST['lname']);
$gender = mysql_real_escape_string($_POST['gender']);
$age_group = mysql_real_escape_string($_POST['age_group']);
$status = mysql_real_escape_string($_POST['status']);
$dob_day = mysql_real_escape_string($_POST['dob_day']);
$dob_month = mysql_real_escape_string($_POST['dob_month']);
$wed_anni_day = mysql_real_escape_string($_POST['wed_anni_day']);
$wed_anni_month= mysql_real_escape_string($_POST['wed_anni_month']);
$type = mysql_real_escape_string($_POST['type']);
$email = mysql_real_escape_string($_POST['email']);
$address = mysql_real_escape_string($_POST['address']);
$city = mysql_real_escape_string($_POST['city']);
$zipco = mysql_real_escape_string($_POST['zipco']);
$contact1 = mysql_real_escape_string($_POST['contact1']);
$contact2 = mysql_real_escape_string($_POST['contact2']);
$sql = "UPDATE `members` SET fname = '$fname',
lname = '$lname',
gender = '$gender',
age_group = '$age_group',
status = '$status',
dob_day = '$dob_day',
dob_month = '$dob_month',
wed_anni_day = '$wed_anni_day',
wed_anni_month = '$wed_anni_month ',
type = '$type',
email = '$email',
address = '$address',
city = '$city ',
zipco = '$zipco',
contact1 = '$contact1',
contact2 = '$contact2'
WHERE
id = '$id' ";
在
id=“.$\u POST['id']”之后缺少,
,
,,这里是contact2=“.$\u POST['contact2']代码>不能像这样断线
$sql = "UPDATE `members` SET id = ".$_POST['id']."
fname = ".$_POST['fname'].",
lname = ".$_POST['lname'].",
gender = ".$_POST['gender'].",
age_group = ".$_POST['age_group'].",
status = ".$_POST['status'].",
dob_day = ".$_POST['dob_day'].",
dob_month = ".$_POST['dob_month'].",
wed_anni_day = ".$_POST['wed_anni_day'].",
wed_anni_month = ".$_POST['wed_anni_month'].",
type = ".$_POST['type'].",
email = ".$_POST['email'].",
address = ".$_POST['address'].",
city = ".$_POST['city'].",
zipco = ".$_POST['zipco'].",
contact1 = ".$_POST['contact1'].",
contact2 = ".$_POST['contact2'];
应该是
$sql = "UPDATE `members` SET id = ".$_POST['id'].",
fname = ".$_POST['fname'].",
lname = ".$_POST['lname'].",
gender = ".$_POST['gender'].",
age_group = ".$_POST['age_group'].",
status = ".$_POST['status'].",
dob_day = ".$_POST['dob_day'].",
dob_month = ".$_POST['dob_month'].",
wed_anni_day = ".$_POST['wed_anni_day'].",
wed_anni_month = ".$_POST['wed_anni_month'].",
type = ".$_POST['type'].",
email = ".$_POST['email'].",
address = ".$_POST['address'].",
city = ".$_POST['city'].",
zipco = ".$_POST['zipco'].",
contact1 = ".$_POST['contact1'].",
contact2 = ".$_POST['contact2']." ";
还有,其中
子句缺失
或者可能是查询应该是这样的
$sql = "UPDATE `members` SET fname = ".$_POST['fname'].",
lname = ".$_POST['lname'].",
gender = ".$_POST['gender'].",
age_group = ".$_POST['age_group'].",
status = ".$_POST['status'].",
dob_day = ".$_POST['dob_day'].",
dob_month = ".$_POST['dob_month'].",
wed_anni_day = ".$_POST['wed_anni_day'].",
wed_anni_month = ".$_POST['wed_anni_month'].",
type = ".$_POST['type'].",
email = ".$_POST['email'].",
address = ".$_POST['address'].",
city = ".$_POST['city'].",
zipco = ".$_POST['zipco'].",
contact1 = ".$_POST['contact1'].",
contact2 = ".$_POST['contact2']."
WHERE
id = ".$_POST['id']." ";
最好的方法
$id = mysql_real_escape_string($_POST['id']);
$fname = mysql_real_escape_string($_POST['fname']);
$lname = mysql_real_escape_string($_POST['lname']);
$gender = mysql_real_escape_string($_POST['gender']);
$age_group = mysql_real_escape_string($_POST['age_group']);
$status = mysql_real_escape_string($_POST['status']);
$dob_day = mysql_real_escape_string($_POST['dob_day']);
$dob_month = mysql_real_escape_string($_POST['dob_month']);
$wed_anni_day = mysql_real_escape_string($_POST['wed_anni_day']);
$wed_anni_month= mysql_real_escape_string($_POST['wed_anni_month']);
$type = mysql_real_escape_string($_POST['type']);
$email = mysql_real_escape_string($_POST['email']);
$address = mysql_real_escape_string($_POST['address']);
$city = mysql_real_escape_string($_POST['city']);
$zipco = mysql_real_escape_string($_POST['zipco']);
$contact1 = mysql_real_escape_string($_POST['contact1']);
$contact2 = mysql_real_escape_string($_POST['contact2']);
$sql = "UPDATE `members` SET fname = '$fname',
lname = '$lname',
gender = '$gender',
age_group = '$age_group',
status = '$status',
dob_day = '$dob_day',
dob_month = '$dob_month',
wed_anni_day = '$wed_anni_day',
wed_anni_month = '$wed_anni_month ',
type = '$type',
email = '$email',
address = '$address',
city = '$city ',
zipco = '$zipco',
contact1 = '$contact1',
contact2 = '$contact2'
WHERE
id = '$id' ";
您错过了一个,
,这就是错误的原因
UPDATE `members` SET id = ".$_POST['id']." fname = ".$_POST['fname']
^..... Here
您错过了一个,
,这就是错误的原因
UPDATE `members` SET id = ".$_POST['id']." fname = ".$_POST['fname']
^..... Here
$\u POST['id']
后缺少逗号,字符串需要在引号内:
fname = '".$_POST['fname']."'
^ >> here ^ and here...
您需要对插入/更新字符串的所有字段更改此设置。您在$\u POST['id']
之后缺少逗号,字符串需要在引号内:
fname = '".$_POST['fname']."'
^ >> here ^ and here...
对于插入/更新字符串的所有字段,您都需要对此进行更改。切勿将从POST/get获取的任何数据直接放入数据库查询中。在使用之前,您应该先进行筛选/转义。切勿将从POST/get获得的任何数据直接放入数据库查询中。您应该在使用它之前进行筛选/转义。谢谢,但我仍然收到以下错误:错误更新记录:您的SQL语法有错误;检查与MySQL服务器版本对应的手册,以了解在第11行“@tcd.ie,address=40 cG,city=city,zipco=zip,contact1=187”附近使用的正确语法
I更新了答案代码,使用了上次更新的代码谢谢,但我仍然收到以下错误:错误更新记录:您的SQL语法有错误;检查与您的MySQL服务器版本对应的手册,了解在第11行“@tcd.ie,address=40 C G,city=city,zipco=zip,contact1=187”附近使用的正确语法