[英]Sending a sql request on the same page but missing the variable in the WHERE clause
I am trying to update a row in my database. 我正在尝试更新数据库中的一行。 the problem is that I am getting an error from mySQL:
问题是我从mySQL中得到一个错误:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' WHERE activiteitID = ''' at line 4
So it isn't getting the "activiteitID" and I don't know why. 因此它没有得到“ activiteitID”,我也不知道为什么。 Can someone tell me what the problem is?
有人可以告诉我问题是什么吗?
This are the two pages: 这是两个页面:
"roosters_wijzigen.php" “ roosters_wijzigen.php”
<?php
include ("html_start.php");
$activiteitID = $_GET["activiteitID"];
$datum = $_POST["datum"];
$tijd = $_POST["tijd"];
$vrijwilligerID = $_POST["vrijwilligerID"];
$werkzaamheid = $_POST["werkzaamheid"];
echo '
<div id="registreer">
<table cellpadding="5" align="center">
<tr><th colspan="2" align="left">Activiteit wijzigen:</th></tr>
<form name="roosters_wijzigen" method="get" action="roosters_wijziging.php"> ';
$query = "SELECT * FROM activiteit WHERE activiteitID = '$activiteitID'; ";
$result = mysql_query($query);
while($row = mysql_fetch_array($result)){
echo' <tr>
<td>Datum</td>
<td><input type="text" size="50" name="datum" value="'.$row['datum'].' "></td>
</tr>
<tr>
<td>Tijd</td>
<td><input type="text" size="50" name="tijd" value="'.$row['tijd'].' "></input></td>
</tr> ';
}
?>
<tr>
<td>Vrijwilliger</td>
<td>
<select name="vrijwilligerID">
<?php
$vrijwilligerID = $_POST["vrijwilligerID"];
$query =" SELECT voornaam, achternaam, vrijwilligerID
FROM vrijwilliger;";
$result = mysql_query($query);
while($row=mysql_fetch_array($result)){
echo "<option value=".$row['vrijwilligerID'].">".$row["voornaam"]." ".$row["achternaam"]."</option>";
}
?>
</select>
</td>
</tr>
<tr>
<td>Werkzaamheid</td>
<?php
$query = "SELECT werkzaamheid FROM activiteit WHERE activiteitID = '$activiteitID'; ";
$result = mysql_query($query);
while($row = mysql_fetch_array($result)){
echo '<td><textarea rows="6" cols="39" type="text" name="werkzaamheid">'.$row["werkzaamheid"].'</textarea></td>';}
?>
</tr>
</tr>
<tr align="right">
<td></td>
<td><input type="reset" value="Wissen">
<input type="submit" name="verzenden" value="verzenden">
</td>
</tr>
<tr>
</tr>
<tr>
Ga <a href="roosters_aanpassen.php" MEDIA=screen>hier</a></br> terug. </br>
</tr>
</form>
</table></br>
<div>
<?php
include ("html_end.php");
?>
"roosters_wijziging.php" “ roosters_wijziging.php”
<?php
include ("html_start.php");
$activiteitID = $_GET["activiteitID"];
$datum = $_POST["datum"];
$tijd = $_POST["tijd"];
$vrijwilligerID = $_POST["vrijwilligerID"];
$werkzaamheid = $_POST["werkzaamheid"];
$query ="UPDATE vrijwilliger SET datum = '$datum',
tijd = '$tijd',
vrijwilligerID = '$vrijwilligerID',
werkzaamheid '$werkzaamheid'
WHERE activiteitID = '".$activiteitID."'";
mysql_query($query) or die ( mysql_error());
echo '<div id="registreer">
Uw activiteit is succesvol toegevoegd.
Ga <a href="roosters_aanpassen.php" MEDIA=screen>hier</a></br> terug.
</div> ';
include ("html_end.php");
?>
<?
/*
if(preg_match("/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}$/", $datum) === 0 || preg_match("/^([0-9])"."([0-9])"."(\:([0-9])"."([0-9]))$/", $tijd) === 0 || $werkzaamheid !== '')
{
echo '<div id="registreer">';
echo '<font>datum moet op dit formaat ingevoerd worden: JJJJ-MM-DD<br><font>';
echo '<font>Tijd moet op dit formaat ingevoerd worden: HH:MM <br><font>';
echo '<font>U heeft de werkzaamheid niet aangegeven<br><font>';
}
else{ */
?>
thank you in advance. 先感谢您。
You are missing a =
after werkzaamheid
: 在
werkzaamheid
之后,您缺少=
:
...
werkzaamheid = '$werkzaamheid'
WHERE activiteitID ...
它可能不起作用,但是尝试在表属性和表名称周围添加`字符...像这样:
$query = "SELECT * FROM `activiteit` WHERE `activiteitID` = '$activiteitID'";
"UPDATE vrijwilliger SET datum = '$datum',
tijd = '$tijd',
vrijwilligerID = '$vrijwilligerID',
werkzaamheid '$werkzaamheid'
WHERE activiteitID = '".$activiteitID."'";
You're missing an equals on the last but one line: 您在最后一行中缺少等号:
werkzaamheid = '$werkzaamheid'
Your missing an = in the update sql: 您在更新sql中缺少一个=:
werkzaamheid '$werkzaamheid'
change to: 改成:
werkzaamheid = '$werkzaamheid'
BUT, you're passing _GET params directly to SQL which is a no-no. 但是,您将_GET参数直接传递给SQL,这是不行的。
Use PDO and parametrized queries instead: http://www.php.net/manual/en/pdo.prepare.php 改用PDO和参数化查询: http : //www.php.net/manual/zh/pdo.prepare.php
$dbh = new PDO('mysql:host=localhost;dbname=test', $user, $pass);
$sth = $dbh->prepare('SELECT * FROM activiteit WHERE activiteitID = ?');
$sth->execute(array($activiteitID));
while($row = $sth->fetch()) {
}
Update your code similar to the above and it'll work. 更新您的代码,类似于上面的代码,它将起作用。 Do the same with the rest of your queries.
对其余的查询执行相同的操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.