![](/img/trans.png)
[英]PHP Mysql update multiple columns with multiple row values by single query
[英]PHP MySQL Update Set query with Multiple columns
我已经使用逗号和“ AND”语句尝试了此查询,如下图所示。 我收到语法错误
出问题了。您的SQL语法有误。 查看与您的MySQL服务器版本相对应的手册以获取正确的语法,以在第1行
'are available 24/7 by phone and email to answer any questions and to assist you '
在'are available 24/7 by phone and email to answer any questions and to assist you '
附近使用
每次我尝试此查询:
$sql = mysql_query("UPDATE general
SET bookabandheading = $_POST[bookabandheading
AND bookaband = $_POST[bookaband]
AND contactus = $_POST[contactus]
AND aboutuslisten = $_POST[aboutuslisten]
AND contactusheading = $_POST[contactusheading]
AND nightclubsheading = $_POST[nightclubsheading]
AND acousticheading = $_POST[acousticheading]
AND schoolsheading = $_POST[schoolsheading]
AND privateheading = $_POST[privateheading]
AND concertsheading = $_POST[concertsheading]
AND festivalsheading = $_POST[festivalsheading]
AND submissions = $_POST[submissions]
AND interns = $_POST[interns]
AND managementbio = $_POST[managementbio]
AND latestnews = $_POST[latestnews]
AND artistofthemonth = $_POST[artistofthemonth]
AND artistofthemonthphoto = $_POST[artistofthemonthphoto]
AND artistofthemonthid = $_POST[artistofthemonthid]
AND listentoourartists = $_POST[listentoourartists]
AND musicianswanted = $_POST[musicianswanted]
AND aboutus = $_POST[aboutus]
AND bshowcases = $_POST[bshowcases]
AND bandavails = $_POST[bandavails]");
该查询在另一个VPS上的不同数据库中工作,但是我只是迁移了服务器,因此不再起作用。 非常感谢任何帮助!
尽管主要问题是您在bookamandheading之后错过了右括号,但我还是建议您重构该请求,例如:
$keys = array("bookabandheading", "bookaband", "contactus", "aboutuslisten",
"contactusheading", "nightclubsheading", "acousticheading",
"schoolsheading", "privateheading", "concertsheading",
"festivalsheading", "submissions", "interns", "managementbio",
"latestnews", "artistofthemonth", "artistofthemonthphoto",
"artistofthemonthid", "listentoourartists", "musicianswanted",
"aboutus", "bshowcases", "bandavails");
$set = array();
foreach ($keys as $key) {
$set[] = sprintf(" %s = '%s' ", $key, mysql_escape_string($_POST[$key]));
}
$sql = mysql_query("UPDATE general SET " . implode(", ", $set));
通过转义输入,维护起来容易得多,并且安全性也更高。
更新:添加where语句示例
$where = array();
$where[] = sprintf(" some_string = '%s' ", mysql_escape_string($some_string));
$where[] = sprintf(" some_integer = %d ", $some_integer);
$where = " WHERE " . implode(" AND ", $where);
$sql = mysql_query("UPDATE general SET " . implode(", ", $set) . " " . $where);
我认为这有3件事是错误的:
您有一些错误:
语法错误。 更改
$ _POST [bookabandheading到$ _POST [bookabandheading]
这也极容易发生SQL注入。 您应该使用mysqli,但是如果在mysql上进行了设置(从5.5.0版开始不推荐使用),则应使用mysql_real_escape_string()来转义每个$ _POST变量。
每个$ _POST变量都需要使用引号将其参数化。 举个例子:
$ _POST ['bookabandheading'] (对所有$ _POST变量都执行此操作)
$_POST[bookabandheading
改成
$_POST[bookabandheading]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.