[英]I keep getting an error when i try to use UPDATE to update my database
每當有人贏得比賽時,我都試圖將分數加 1,但我一直收到此錯誤。 我不太確定我做錯了什么。
Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'ID = 61a379cd4798f' at line 1 in C:\xampp\htdocs\dicegame\update.php:16 Stack trace: #0 C:\xampp\htdocs\dicegame\update.php(16): PDOStatement->execute() #1 C:\xampp\htdocs\dicegame\index.php(161): Update->scoreUpdate(Object(PDO)) #2 {main} thrown in C:\xampp\htdocs\dicegame\update.php on line 16
<?php
class Update{
private $score;
private $id;
public function scoreUpdate($conn){
$this->id = $_SESSION['id'];
$sql = "update user set score = score + 1 ID = $this->id";
$stmt = $conn->prepare($sql);
$stmt->execute();
}
}
?>
它應該是:
$sql = "update user set score = score + 1 where ID = $this->id";
您也對 sql 注射敞開大門。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.