0
這是我的代碼,第一要素IM mysqli_query給人以0
function update_profile($session_user_id, $email, $first_name, $last_name) {
global $con;
mysqli_query($con, "UPDATE `users` SET `email` = '$email' AND `first_name` = '$first_name' AND `last_name` = '$last_name' WHERE `user_id` = $session_user_id");
}
當更新它會改變電子郵件的0
他爲什麼這樣做?
一個編輯...
對誰認爲它有用的..這是我的表單的人。
if (isset($_POST['update_profile'])) {
if (empty($_POST['email'])) {
$error[] = 'Fill in a email';
} if (empty($_POST['first_name'])) {
$error[] = 'Fill in a first name';
} else {
if (email_exist($_POST['email']) && $_POST['email'] != $user_data['email']) {
$error[] = 'This email already exist.';
} if (strlen($_POST['first_name']) < 3 || strlen($_POST['first_name']) > 30) {
$error[] = 'This first name is to short or to long, it must be between a range of 3 and 30.';
}
}
if (empty($error) == false) {
echo error_handeling($error);
} else {
$user_id = $session_user_id;
$email = $_POST['email'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
update_profile($session_user_id, $email, $first_name, $last_name);
}
}
?>
<h1><?php echo $user_data['first_name'] ?> his profile</h1>
<form action = "" method = "post">
<ul>
<li>
Email*:<br>
<input type = "email" name = "email" value = "<?php echo $user_data['email'] ?>">
</li>
<li>
First name*:<br>
<input type = "text" name = "first_name" value = "<?php echo $user_data['first_name'] ?>">
</li>
<li>
Last name:<br>
<input type = "text" name = "last_name" value = "<?php echo $user_data['last_name'] ?>">
</li>
<li>
<input type = "submit" name = "update_profile" value = "Update">
</li>
</ul>
</form>
我必須把更多的文字,但idk什麼放在這裏。 XD srry :)
什麼是模式?你傳遞給函數的是什麼?你爲什麼不使用參數化查詢? – 2014-09-12 21:55:30
請使用準備好的語句,或者至少使用'mysqli_real_escape_string'來自己逃脫數據庫輸入。 – lxg 2014-09-12 21:56:21
嘗試回顯SQL以查看實際設置的內容。 – Barmar 2014-09-12 21:56:55