[英]Cannot update database
<?php
session_start();
if (isset($_POST['userid']) && isset($_POST['password']))
{
// if the user has just tried to log in
$userid = $_POST['userid'];
$password = $_POST['password'];
$db_conn = new mysqli('localhost', 'user', 'passwd', 'dbname');
if (mysqli_connect_errno()) {
echo 'Connection to database failed:'.mysqli_connect_error();
exit();
}
$query = 'select * from users '
."where userid like'$userid' "
." and password like sha1('$password')";
$result = $db_conn->query($query);
if ($result->num_rows >0 )
{
// if they are in the database register the user id
$_SESSION['valid_user'] = $userid;
}
$db_conn->close();
}
?>
<?
$db_conn = new mysqli('localhost', 'user', 'passwd', 'dbname');
if (mysqli_connect_errno()) {
echo 'Connection to database failed:'.mysqli_connect_error();
exit();
}
if (isset($_POST['submit'])) {
if (empty($_POST['name']) || empty ($_POST['dob']) || empty ($_POST['contact'])|| empty ($_POST['address'])|| empty ($_POST['email'])) {
echo "All records to be filled in";
exit;}
}
$name = $_POST['name'];
$dob = $_POST['dob'];
$contact = $_POST['contact'];
$address = $_POST['address'];
$email = $_POST['email'];
$userid = $_SESSION['valid_user'];
$sql = "UPDATE users SET name=$name, dob=$dob, contact=$contact, address=$address, email=$email
WHERE userid ='$userid'";
$result = $db_conn->query($sql);
if (!$result)
echo "Your query failed.";
else
echo "User Information Updated ";
?>
<meta http-equiv="refresh" content="5;URL=members.php" />
运行your query failed
时, your query failed
。 有人知道我的数据库为什么不更新吗?
我很确定我的SQL工作正常。 我的编码有任何错误吗?
您的查询还可以,只是您没有使用准备好的语句。
问题出在您的变量上。 echo
他们,看看里面有什么。
由于我们无权访问您的数据库,因此很难验证您的查询是否存在其他问题。 例如,您可以创建一个SQL Fiddle 。
您还应该阅读以下内容: SQL注入
准备好的语句如下所示:
<?php
$mysqli = new mysqli("localhost", "my_user", "my_password", "world");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$city = "Amersfoort";
/* create a prepared statement */
if ($stmt = $mysqli->prepare("SELECT District FROM City WHERE Name=?")) {
/* bind parameters for markers */
$stmt->bind_param("s", $city);
/* execute query */
$stmt->execute();
/* bind result variables */
$stmt->bind_result($district);
/* fetch value */
$stmt->fetch();
printf("%s is in district %s\n", $city, $district);
/* close statement */
$stmt->close();
}
/* close connection */
$mysqli->close();
?>
看起来您的exist
声明是错误的。
if (isset($_POST['submit']))
{
if (empty($_POST['name']) || empty ($_POST['dob']) || empty ($_POST['contact'])|| empty ($_POST['address'])|| empty ($_POST['email']))
{
echo "All records to be filled in";
**exit**;
}
}
引号丢失。 代替
"UPDATE users SET name=$name, dob=$dob, contact=$contact, address=$address, email=$email WHERE userid ='$userid'"; try this
"UPDATE users SET name='$name', dob=$dob, contact=$contact, address=$address, email=$email WHERE userid ='$userid'";
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.