[英]Unknown Column 'member_id' in 'where clause'
I've searched this website for a solution but no result.我在这个网站上搜索了一个解决方案,但没有结果。 I'm stuck on the following problem, my code gives the Unknown Colum 'member_id' in 'where clause' error.
我遇到了以下问题,我的代码在“where 子句”错误中给出了未知列“member_id” 。 Never heard of it before.. so I am a bit confused right now.
以前从来没有听说过……所以我现在有点困惑。
This is my code :这是我的代码:
<?php
require("db.php");
$id = $_REQUEST['member_id'];
$result = mysql_query("SELECT * FROM members WHERE member_id = '$id'");
$test = mysql_fetch_array($result);
if (!$result)
{
die("Error: Data not found..");
}
$admin=$test['admin'] ;
$firstname=$test['firstname'] ;
$lastname=$test['lastname'] ;
$mail= $test['mail'] ;
$login=$test['login'] ;
$passwd=$test['passwd'] ;
if(isset($_POST['save']))
{
$admin_save = $_POST['admin'];
$firstname_save = $_POST['firstname'];
$lastname_save = $_POST['lastname'];
$mail_save = $_POST['mail'];
$login_save = $_POST['login'];
$passwd_save = md5($_POST['password']);
mysql_query("UPDATE lijst SET admin ='$admin_save',firstname ='$firstname_save',lastname ='$lastname_save', mail ='$mail_save', login ='$login_save',
passwd ='$passwd_save' WHERE member_id = '$id'")
or die(mysql_error());
echo "Saved!";
header("Location: main.php");
}
mysql_close($conn);
?>
The form :表格 :
<form method="post">
<table>
<tr>
<td>Admin</td>
<td><input type="text" name="admin" class="text w_20" value="<?php echo $admin ?>"/></td>
</tr>
<tr>
<td>Voornaam</td>
<td><input type="text" name="firstname" class="text w_20" value="<?php echo $firstname ?>"/></td>
</tr>
<tr>
<td>Achternaam</td>
<td><input type="text" name="lastname" class="text w_20" value="<?php echo $lastname ?>"/></td>
</tr>
<tr>
<td>E-mail</td>
<td><input type="text" name="mail" class="text w_20" value="<?php echo $mail ?>"/></td>
</tr>
<tr>
<td>Gebruikersnaam</td>
<td><input type="text" name="login" class="text w_20" value="<?php echo $login ?>"/></td>
</tr>
<tr>
<td>Password</td>
<td><input type="text" name="passwd" class="text w_20" value="<?php echo $passwd ?>"/></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="save" value="update" /></td>
</tr>
</table>
</form>
The error is saying there is no field member_id
in the database table lijst
.错误是说数据库表
lijst
没有字段member_id
。 Add the field or remove the condition from the WHERE
clause.添加字段或从
WHERE
子句中删除条件。
Given the SQL you just posted, your table is called members
not lijst
.鉴于您刚刚发布的 SQL,您的表被称为
members
而不是lijst
。 So change the query:所以更改查询:
UPDATE members ......
Edit: your MD5 problem is because your html input is named passwd
but you are targeting password
in the POST array:编辑:您的 MD5 问题是因为您的 html 输入名为
passwd
但您的目标是 POST 数组中的password
:
$passwd_save = md5($_POST['password']);
Change to:改成:
$passwd_save = md5($_POST['passwd']);
Finally, your query is vulnerable to SQL Injection.最后,您的查询容易受到 SQL 注入攻击。 As a quick fix, run your user input through
mysql_real_escape_string()
.作为快速修复,通过
mysql_real_escape_string()
运行您的用户输入。 Or even better, switch to a modern MySQL API such as PDO, and use parameterised queries.或者更好的是,切换到现代 MySQL API,例如 PDO,并使用参数化查询。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.