堆栈内存溢出
  简体   繁体   English

PHP 脚本不会更新数据库

[英]PHP Script wont update Database

 原文  2020-12-06 00:37:09       php/ mysql/ mysqli

问题描述

I'm using a MySQLI API to try to make a modify system to change the price of a product.我正在使用 MySQLI API 尝试制作修改系统以更改产品的价格。 When I try to run this code I see no errors but nothing in my database changes.当我尝试运行此代码时,我看不到任何错误,但我的数据库中没有任何变化。 Here are the code and the table.这是代码和表格。

数据库

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<link href="css/design.css" rel="stylesheet">
<title>Home Page</title>
</head>

<body>
    <nav class="navbar">
        <table border="0" height="100%" class="tablenav" >
            <tr>
                <td class="logo">Mask Emporium
                </td>
                <td class="navcell"><a href="adminpage.html" class="linknav">Admin</a>
                </td>
            </tr>
        </table>
    </nav>
    <div align="center">
        <div align="center" class="container">
            <br>
            <img src="images/banner.png" alt="banner" width="100%">
            <br>
            <br>

<?php
//Gets input info for stock manager
 $price=$_POST['price'];
$ID=$_POST['mask_id'];
 
 //Connects to database
 $conn = new mysqli('localhost','teamavatar','teamavatarpass');
 
 //Selecting database
 $conn->select_db("teamavatar");
 
 //Querys the database and updates stock info with a error checker
 $query = "UPDATE stock SET price='".$price."' WHERE access= .$ID." or die("Error: ".mysql_error());
            
 $result = $conn->query($query);
 
 //Simply makes sure that info was logged, if not info must be inputted incorrectly
 if($result== TRUE){
     echo "The Mask Price has been updated";
 }
 

  $conn->close();

 
?>
        </div>
    </div>
</body>
</html>

2 个解决方案

解决方案1
 2  2020-12-06 01:23:16

Problems问题

Query询问

 $query = "UPDATE stock SET price='".$price."' WHERE access= .$ID." or die("Error: ".mysql_error());

  1. You don't have a column access in your database structure您的数据库结构中没有列access

     stock - id - name - price - inventory - type

  2. You're open to SQL injection because you're putting user generated content directly into a query which is run on the database您对 SQL 注入持开放态度,因为您将用户生成的内容直接放入在数据库上运行的查询中

    price='".$price."' WHERE access=.$ID.

  3. You have periods either side of your variable so this wouldn't work even if access was the right column name您的变量两侧都有句点,因此即使access是正确的列名,这也不起作用

    .$ID. ==BECOMES==>.1.

  4. Reporting your errors with die is not an efficient way to do thingsdie报告错误并不是一种有效的做事方式

  5. In MySQL all column names are treated as lower case.在 MySQL 中,所有列名都被视为小写。 It's good practice not to mix and match cases though!不过,最好不要混合和匹配案例!

Code代码

  1. You can access the database directly in the connection.您可以在连接中直接访问数据库。 There's not need to run a separate function to choose a database无需运行单独的 function 来选择数据库

    //Connects to database $conn = new mysqli('localhost','teamavatar','teamavatarpass'); //Selecting database $conn->select_db("teamavatar");

  2. You haven't activated error reporting for mysqli which means you have a lot of additional code to check for errors needlessly您尚未激活mysqli的错误报告,这意味着您有很多额外的代码来检查不必要的错误

    mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); // Comes before connection

  3. Checking that the query completed the way you have doesn't prove much.检查查询是否按照您的方式完成并不能证明太多。 Checking if/how many rows on the other hand would confirm exactly what has happened另一方面,检查是否/有多少行将确切地确认发生了什么

    $result = $conn->query($query); //Simply makes sure that info was logged, if not info must be inputted incorrectly if($result== TRUE){ echo "The Mask Price has been updated"; }

  4. There's nothing stopping your query running with blank/empty values没有什么可以阻止您的查询以空白/空值运行

  5. Again it's good to have consistency naming variables and functions don't mix同样,保持命名变量和函数不混用的一致性很好

    // Common naming conventions $variableOne = "..."; // Camel case $variable_two = "..."; // Snake case

Working solution工作解决方案

// Gets input values or sets variables to NULL if nothing has been posted
$price = $_POST['price']   ?? NULL;
$id    = $_POST['mask_id'] ?? NULL;

// Check we have input variables before running the code
if($price && $id){

    // Set error reporting and connect to the database
    mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
    $mysqli = new mysqli('localhost','teamavatar','teamavatarpass', 'teamavatar');
 

    $sql   = "UPDATE stock SET price = ? WHERE id = ?"; // Query with ? as placeholders for variables
    $query = $mysqli->prepare($sql);                    // Prepare query
    $query->bind_param("ii", $price, $id);              // Bind variables to place holders (assuming both are integers based on SS)
    $query->execute();                                  // Run the query
    echo $mysqli->affected_rows;                        // Print the number of rows updated in the query
 }
 else{
    echo "Nothing submitted.";
 }

解决方案2
 -2  2020-12-06 00:40:20

Are you sure the connection to the DB is successful?您确定与数据库的连接成功吗? Try adding this under the connection code:尝试在连接代码下添加:

if ($conn->connect_error) {
   echo 'Error connecting to DB: ' . $mysqli->connect_error;
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP或MySQL不会更新数据库 - PHP or MySQL wont update database PHP PDO不会更新数据库 - PHP PDO wont update database MYSQL和PHP数据库更新不会更新数据库 - MYSQL and PHP database update wont update database PHP mySQL UPDATE脚本无法执行 - PHP mySQL UPDATE script wont execute PHP脚本更新rrd数据库 - PHP script to update rrd database PHP:使用脚本更新数据库 - PHP: Update database using script HTML / PHP-从mysql数据库获取的输入值不会更新 - HTML/PHP - Input value taken from a mysql database wont update 我的 PHP PDO 不会对数据库 PHPMYADMIN 运行更新查询 - My PHP PDO wont run the update query to database PHPMYADMIN HTML表单 - 不会使用PHP更新Mysql数据库 - HTML form - wont update Mysql database using PHP PHP不会更新/插入 - PHP wont update/insert
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM