用PHP錯誤更新SQL查詢

Question

這是我提交更新的表單時遇到的錯誤 ： 您的SQL語法有錯誤； 檢查與您的MySQL服務器版本相對應的手冊以獲取正確的語法，以在第1行的'WHERE id = '19'LIMIT 1'附近使用

這是用於編輯（更新）頁面的PHP和HTML。

    <?php

require_once('../../../private/initialize.php');

if(!isset($_GET['id'])) {
  redirect_to(url_for('/staff/subjects/index.php'));
}
$id = $_GET['id'];

if(is_post_request()) {

  // Handle form values sent by new.php

  $subject = [];
  $subject['id'] = $id;
  $subject['menu_name'] = $_POST['menu_name'] ?? '';
  $subject['description'] = $_POST['description'] ?? '';




  $result = update_subject($subject);
  if($result === true) {
    redirect_to(url_for('/staff/subjects/show.php?id=' . $id));
  } else {
    $errors = $result;
  }

} else {

  $subject = find_subject_by_id($id);

}

$subject_set = find_all_subjects();
$subject_count = mysqli_num_rows($subject_set);
mysqli_free_result($subject_set);

?>

<?php $page_title = 'Edit Subject'; ?>
<?php include(SHARED_PATH . '/staff_header.php'); ?>

  <a class="back-link" href="<?php echo url_for('/staff/subjects/index.php'); ?>">&laquo; Back to List</a>

  <div class="subject edit">
    <h1>Edit Subject</h1>

    <?php echo display_errors($errors); ?>

    <form action="<?php echo url_for('/staff/subjects/edit.php?id=' . h(u($id))); ?>" method="post">
      <dl>
        <dt>Subject name</dt>
        <dd><input type="text" name="menu_name" value="<?php echo h($subject['menu_name']); ?>"</dd>
      </dl>
      <dl>
        <dt>Description</dt>
        <dd>
          <textarea name="description" cols="60" rows="10"><?php echo h($subject['description']); ?></textarea>
        </dd>
      </dl>
      <div id="operations">
        <input type="submit" value="Edit Subject" />
      </div>
    </form>

  </div>


<?php include(SHARED_PATH . '/staff_footer.php'); ?>

這是我的PHP更新，以更新記錄。

//UPDATE SUBJECTS
function update_subject($subject) {
global $db;

$errors = validate_subject($subject);
if(!empty($errors)) {
  return $errors;
}

$sql = "UPDATE subjects SET ";
$sql .= "menu_name='" . db_escape($db, $subject['menu_name']) . "', ";
$sql .= "description='" . db_escape($db, $subject['description']) . "', ";
$sql .= "WHERE id='" . db_escape($db, $subject['id']) . "' ";
$sql .= "LIMIT 1";

$result = mysqli_query($db, $sql);
// For UPDATE statements, $result is true/false
if($result) {
  return true;
} else {
  // UPDATE failed
  echo mysqli_error($db);
  db_disconnect($db);
  exit;
}}

Answer 1

您在WHERE前面有一個逗號（，）

$sql .= "description='" . db_escape($db, $subject['description']) . "', ";
$sql .= "WHERE id='" . db_escape($db, $subject['id']) . "' ";

更改為：

$sql .= "description='" . db_escape($db, $subject['description']) . "' ";

Answer 2

從此行最后刪除, ：

$sql .= "description='" . db_escape($db, $subject['description']) . "', ";

用這個：

$sql .= "description='" . db_escape($db, $subject['description']) . "' ";

用PHP錯誤更新SQL查詢

問題描述

2 個解決方案

解決方案1
1 2017-10-25 17:49:43

解決方案2
0 2017-10-25 17:47:17

用PHP錯誤更新SQL查詢

問題描述

2 個解決方案

解決方案1 1 2017-10-25 17:49:43

解決方案2 0 2017-10-25 17:47:17

解決方案1
1 2017-10-25 17:49:43

解決方案2
0 2017-10-25 17:47:17