Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/mysql/62.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php 无法更新表PDO更新_Php_Mysql_Database_Pdo - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php 无法更新表PDO更新

Php 无法更新表PDO更新

php mysql database

Php 无法更新表PDO更新,php,mysql,database,pdo,Php,Mysql,Database,Pdo,我正在尝试使用PDO更新数据库中的表。目前,我正在提交表单,只得到一个白色屏幕,我已经启用了所有错误报告选项,但仍然只有一个白色屏幕。。我已经盯着代码看了一辈子,但仍然无法解决这个问题。如果能朝着正确的方向努力,我们将不胜感激……谢谢 require('includes/config.php'); //if not logged in redirect to login page if(!$user->is_logged_in()){ header('Location: login.p

我正在尝试使用PDO更新数据库中的表。目前,我正在提交表单,只得到一个白色屏幕,我已经启用了所有错误报告选项,但仍然只有一个白色屏幕。。我已经盯着代码看了一辈子,但仍然无法解决这个问题。如果能朝着正确的方向努力,我们将不胜感激……谢谢

require('includes/config.php'); 

//if not logged in redirect to login page
if(!$user->is_logged_in()){ header('Location: login.php'); } 

$signedin = $_SESSION['username'];

$sql = "UPDATE member SET firstname = :firstname, 
            lastname = :lastname, 
            username = :username,  
            email = :email,
            age = :age,    
            country = :country  
            where username = $signedin";
$stmt = $db->prepare($sql);                                  
$stmt->bindParam(':firstname', $_POST['firstname'], PDO::PARAM_STR);       
$stmt->bindParam(':lastname', $_POST['$lastname'], PDO::PARAM_STR);    
$stmt->bindParam(':username', $_POST['username'], PDO::PARAM_STR);
// use PARAM_STR although a number  
$stmt->bindParam(':email', $_POST['email'], PDO::PARAM_STR); 
$stmt->bindParam(':age', $_POST['age'], PDO::PARAM_STR);   
$stmt->bindParam(':country', $_POST['country'], PDO::PARAM_INT);   
$stmt= $db->execute($sql);
?>
您需要在
where子句中使用引号


$sql = "UPDATE member SET firstname = :firstname, 
        lastname = :lastname, 
        username = :username,  
        email = :email,
        age = :age,    
        country = :country  
        where username = '$signedin'";



另外,最好按id更新,因为它是唯一的。
您需要在
where子句中使用引号


$sql = "UPDATE member SET firstname = :firstname, 
        lastname = :lastname, 
        username = :username,  
        email = :email,
        age = :age,    
        country = :country  
        where username = '$signedin'";


另外,最好按id更新,因为它是唯一的。
函数不需要
$sql
(您在
prepare()
中提供了该函数)

接下来,您应该将所有数据传递到您准备好的语句中,否则您就失去了目的(这是最大的安全性)。所以让我们移除


$sql = "UPDATE member SET firstname = :firstname, 
            lastname = :lastname, 
            username = :username,  
            email = :email,
            age = :age,    
            country = :country  
            where username = :username";
//snip
$stmt->bindParam(':username', $_SESSION['username'], PDO::PARAM_STR);  



execute()

接下来,您应该将所有数据传递到您准备好的语句中,否则您就失去了目的(这是最大的安全性)。所以让我们移除


$sql = "UPDATE member SET firstname = :firstname, 
            lastname = :lastname, 
            username = :username,  
            email = :email,
            age = :age,    
            country = :country  
            where username = :username";
//snip
$stmt->bindParam(':username', $_SESSION['username'], PDO::PARAM_STR);  



如果是唯一的,则按用户名更新没有问题。如果是唯一的,则按用户名更新没有问题。@chris85就是这样。Updated@chris85的确如此。更新你应该检查错误日志而不是盯着白页。你应该检查错误日志而不是盯着白页。