为什么我的PHP代码不更新SQL
有人知道为什么这个PHP代码不更新列图片吗?它会更新其余的列图片,但不更新图片列。它是用来更新用户信息的,所以电子邮件地址、密码和图片我对PHP很陌生,所以我不知道在查找错误时要查找什么为什么我的PHP代码不更新SQL,php,sql,Php,Sql,有人知道为什么这个PHP代码不更新列图片吗?它会更新其余的列图片,但不更新图片列。它是用来更新用户信息的,所以电子邮件地址、密码和图片我对PHP很陌生,所以我不知道在查找错误时要查找什么 <?php require("common.php"); if(empty($_SESSION['user'])) { header("Location: login.php"); die("Redirecting to lo
<?php
require("common.php");
if(empty($_SESSION['user']))
{
header("Location: login.php");
die("Redirecting to login.php");
}
if(!empty($_POST))
{
if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
{
die("Invalid E-Mail Address");
}
if($_POST['email'] != $_SESSION['user']['email']['picture'])
{
$query = "
SELECT
1
FROM users
WHERE
email = :email
picture = :picture
";
$query_params = array(
':email' => $_POST['email']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("This E-Mail address is already in use");
}
}
if(!empty($_POST['password']))
{
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
$password = hash('sha256', $_POST['password'] . $salt);
for($round = 0; $round < 65536; $round++)
{
$password = hash('sha256', $password . $salt);
}
}
else
{
$password = null;
$salt = null;
}
$query_params = array(
':email' => $_POST['email'],
':user_id' => $_SESSION['user']['id'],
':picture' => $_POST['picture'],
);
if($password !== null)
{
$query_params[':password'] = $password;
$query_params[':salt'] = $salt;
}
$query = "
UPDATE users
SET
email = :email
picture = :picture
";
if($password !== null)
{
$query .= "
, password = :password
, salt = :salt
";
}
$query .= "
WHERE
id = :user_id
";
try
{
// Execute the query
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$_SESSION['user']['email']['picture'] = $_POST['email'];
header("Location: private.php");
die("Redirecting to private.php");
}
?>
您的更新声明中:email后缺少逗号
$query = "
UPDATE users
SET
email = :email
picture = :picture
";
应该是
$query = "
UPDATE users
SET
email = :email,
picture = :picture
";
编辑:除此之外,您在第一次查询中还缺少一个参数:
$query = "
SELECT
1
FROM users
WHERE
email = :email
picture = :picture
";
$query_params = array(
':email' => $_POST['email']
);
请注意,您在查询参数中仅应用了:email,但您的查询同时需要:email和:picture
您需要从$query中删除picture=:picture,或者将“:picture'=>$\u POST['picture']添加到$query\u参数中,您缺少一个、
你需要把它改成
$query = "
UPDATE users
SET
email = :email,
picture = :picture
";
+1对于实际使用准备好的语句和验证输入,您需要在email=:email picture=:picture之间添加逗号。您是否正在检查设置了$_POST['picture']吗?还需要在SELECT的WHERE子句中输入AND,否?您的SELECT查询在in中有两个参数:email和:picture;但你只是绑定:电子邮件。我认为你的/a问题在于,你的列名1是一个从用户中选择1的单个数字,我引用的标识符可能以数字开头,但除非引用,否则可能不仅仅由数字组成。-@user3116240 OK,我刚刚更新了它,它似乎仍在运行检查,以确保您的表单输入有名称=图片,拼写正确。您确定picture不是文件吗?请在$query语句之前尝试使用var\u dump$\u POST['picture'],查看其值。该变量可能为空。检查您的html以查看是否有输入名称=pictureSeems,如变量为空,请验证您的html为上面提到的@Leng。
$query = "
UPDATE users
SET
email = :email,
picture = :picture
";