堆栈内存溢出
  简体   繁体   English

在同一页面上发送sql请求,但WHERE子句中缺少变量

[英]Sending a sql request on the same page but missing the variable in the WHERE clause

 原文  2012-06-19 14:01:19       php/ sql

问题描述

I am trying to update a row in my database. 我正在尝试更新数据库中的一行。 the problem is that I am getting an error from mySQL: 问题是我从mySQL中得到一个错误: 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' WHERE activiteitID = ''' at line 4

So it isn't getting the "activiteitID" and I don't know why. 因此它没有得到“ activiteitID”,我也不知道为什么。 Can someone tell me what the problem is? 有人可以告诉我问题是什么吗?

This are the two pages: 这是两个页面:

"roosters_wijzigen.php" “ roosters_wijzigen.php” 

 <?php 
    include ("html_start.php"); 

    $activiteitID = $_GET["activiteitID"];
    $datum = $_POST["datum"];
    $tijd = $_POST["tijd"];
    $vrijwilligerID = $_POST["vrijwilligerID"];
    $werkzaamheid = $_POST["werkzaamheid"];

echo '

<div id="registreer">
    <table cellpadding="5" align="center">
            <tr><th colspan="2" align="left">Activiteit wijzigen:</th></tr>
            <form name="roosters_wijzigen"  method="get" action="roosters_wijziging.php"> ';    

            $query = "SELECT * FROM activiteit WHERE activiteitID = '$activiteitID'; ";
            $result = mysql_query($query); 

            while($row = mysql_fetch_array($result)){           
    echo'       <tr>
                <td>Datum</td>
                <td><input type="text" size="50" name="datum" value="'.$row['datum'].' "></td>
            </tr>
            <tr>
                <td>Tijd</td>
                <td><input type="text" size="50" name="tijd" value="'.$row['tijd'].' "></input></td>
            </tr> ';
            }
            ?>
            <tr>
            <td>Vrijwilliger</td>
            <td>
                <select name="vrijwilligerID">
                    <?php

                        $vrijwilligerID = $_POST["vrijwilligerID"];

                        $query ="   SELECT voornaam, achternaam, vrijwilligerID
                                    FROM vrijwilliger;";

                        $result = mysql_query($query);

                        while($row=mysql_fetch_array($result)){
                        echo "<option value=".$row['vrijwilligerID'].">".$row["voornaam"]." ".$row["achternaam"]."</option>";
                        }
                        ?>              
            </select>
            </td>
            </tr>
            <tr>
                <td>Werkzaamheid</td>
                <?php

                $query = "SELECT werkzaamheid FROM activiteit WHERE activiteitID = '$activiteitID'; ";
                $result = mysql_query($query); 
                while($row = mysql_fetch_array($result)){           
                echo '<td><textarea rows="6" cols="39" type="text" name="werkzaamheid">'.$row["werkzaamheid"].'</textarea></td>';}

                ?>
            </tr>
            </tr>
            <tr align="right">
            <td></td>
            <td><input type="reset" value="Wissen">
            <input type="submit" name="verzenden" value="verzenden">
            </td>
            </tr>
            <tr>
            </tr>
            <tr>
            Ga <a href="roosters_aanpassen.php" MEDIA=screen>hier</a></br> terug. </br>
            </tr>
            </form>
    </table></br>

<div>
<?php
include ("html_end.php");
?>

"roosters_wijziging.php" “ roosters_wijziging.php” 

<?php   
    include ("html_start.php");

    $activiteitID = $_GET["activiteitID"];
    $datum = $_POST["datum"];
    $tijd = $_POST["tijd"];
    $vrijwilligerID = $_POST["vrijwilligerID"];
    $werkzaamheid = $_POST["werkzaamheid"];


    $query ="UPDATE vrijwilliger SET datum = '$datum', 
                                     tijd = '$tijd', 
                                     vrijwilligerID = '$vrijwilligerID', 
                                     werkzaamheid '$werkzaamheid'
                                        WHERE activiteitID = '".$activiteitID."'";
    mysql_query($query) or die ( mysql_error());

    echo '<div id="registreer"> 
    Uw activiteit is succesvol toegevoegd.
    Ga <a href="roosters_aanpassen.php" MEDIA=screen>hier</a></br> terug. 
    </div> ';

    include ("html_end.php");   
?>
<?
/*

if(preg_match("/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}$/", $datum) === 0 || preg_match("/^([0-9])"."([0-9])"."(\:([0-9])"."([0-9]))$/", $tijd) === 0 || $werkzaamheid !== '') 
    {
    echo '<div id="registreer">';
    echo '<font>datum moet op dit formaat ingevoerd worden: JJJJ-MM-DD<br><font>';
    echo '<font>Tijd moet op dit formaat ingevoerd worden: HH:MM <br><font>';
    echo '<font>U heeft de werkzaamheid niet aangegeven<br><font>';
    }
else{   */
?>

thank you in advance. 先感谢您。

4 个解决方案

解决方案1
 0  2012-06-19 14:05:11

You are missing a = after werkzaamheid : werkzaamheid之后,您缺少= 

...
werkzaamheid = '$werkzaamheid'
WHERE activiteitID ...

解决方案2
 0  2012-06-19 14:05:14

它可能不起作用,但是尝试在表属性和表名称周围添加`字符...像这样: 

$query = "SELECT * FROM `activiteit` WHERE `activiteitID` = '$activiteitID'";

解决方案3
 0  2012-06-19 14:05:14

"UPDATE vrijwilliger SET datum = '$datum', 
tijd = '$tijd', 
vrijwilligerID = '$vrijwilligerID', 
werkzaamheid '$werkzaamheid'
WHERE activiteitID = '".$activiteitID."'";

You're missing an equals on the last but one line: 您在最后一行中缺少等号: 

werkzaamheid = '$werkzaamheid'

解决方案4
 0  2012-06-19 14:06:53

Your missing an = in the update sql: 您在更新sql中缺少一个=: 

werkzaamheid '$werkzaamheid'

change to: 改成: 

werkzaamheid = '$werkzaamheid'

BUT, you're passing _GET params directly to SQL which is a no-no. 但是,您将_GET参数直接传递给SQL,这是不行的。

Use PDO and parametrized queries instead: http://www.php.net/manual/en/pdo.prepare.php 改用PDO和参数化查询: http : //www.php.net/manual/zh/pdo.prepare.php 

$dbh = new PDO('mysql:host=localhost;dbname=test', $user, $pass);
$sth = $dbh->prepare('SELECT * FROM activiteit WHERE activiteitID = ?');
$sth->execute(array($activiteitID));

while($row = $sth->fetch()) {

}

Update your code similar to the above and it'll work. 更新您的代码,类似于上面的代码,它将起作用。 Do the same with the rest of your queries. 对其余的查询执行相同的操作。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 将变量传递给sql WHERE IN子句 - Passing variable to sql WHERE IN clause PHP和SQL-带变量的Consult和WHERE子句 - PHP and SQL - Consult and WHERE clause with variable 原则缺少“ WHERE”子句 - Doctrine missing “WHERE” clause Select 语句条件 WHERE 子句 - 如何在同一查询中添加不受 WHERE 子句影响的变量 - Select Statement Conditional WHERE Clause - How do you add a variable not affected by WHERE clause in same query 带有WHERE子句中数组数据的Wordpress SQL请求 - Wordpress SQL request with data from array in WHERE clause 如何在SQL的WHERE子句中用通配符char替换空变量 - How to replace empty variable with the wildcard char in WHERE clause in sql 当变量为false时where子句不考虑进入SQL查询? - Where clause when variable is false doesn't consider that into the SQL query? 如何在查询中具有变量的where子句中使用SQL UNION - how to use SQL UNION in where clause having variable in query 在where子句中使用变量 - Using variable in where clause Laravel变量where子句 - Laravel variable to where clause
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM