1. 首頁
  2. 問答
  3. 更新查詢不更新表

更新查詢不更新表

2014-04-26 98 views
0

我有一個用戶數據配置文件,我想在用戶填寫表單時更新。當運行更新查詢時,值將被傳遞給PHP腳本,但不會在表中進行更改。更新查詢不更新表

HTML表單:

echo "<br />"; 
    echo "From this page you can change your profile details."; 
    echo "<br />"; 
    echo "<br />"; 
    echo "<form id='edit' action='../scripts/editscript.php' method='post' accept-charset='UTF-8'>"; 
    echo "<label for='firstname'>First Name:</label>"; 
    echo "<input type='text' id='firstname' name='firstname' />"; 
    echo "<br />"; 
    echo "<label for='lastname'>Last Name:</label>"; 
    echo "<input type='text' id='lastname' name='lastname' />"; 
    echo "<br />"; 
    echo "<label for='username'>User Name:</label>"; 
    echo "<input type='text' id='username' name='username' />"; 
    echo "<br />"; 
    echo "<label for='password'>Password:</label>"; 
    echo "<input type='password' id='password' name='password' />"; 
    echo "<br />"; 
    echo "<label for='passwordconfirm'>Confirm Password:</label>"; 
    echo "<input type='password' id='passwordconfirm' name='passwordconfirm' />"; 
    echo "<br />"; 
    echo "<label for='email'>E-Mail:</label>"; 
    echo "<input type='email' id='email' name='email' />"; 
    echo "<br />"; 
    echo "<label for='like'>Something you like:</label>"; 
    echo "<input type='text' id='like' name='like' />"; 
    echo "<br />"; 
    echo "<label for='dislike'>Something you dislike</label>"; 
    echo "<input type='text' id='dislike' name='dislike' />"; 
    echo "<br />"; 
    echo "<label for='fact'>A fun fact about yourself:</label>"; 
    echo "<input type='text' id='fact' name='fact' />"; 
    echo "<br />"; 
    echo "<label for='allow'>Do you want other people to see parts of your profile:</label>"; 
    echo "<input type='radio' name='allow' value='yes' /> Yes"; 
    echo "<input type='radio' name='allow' value='no' /> No"; 
    echo "<br />"; 
    echo "<br />"; 
    echo "<input type='submit' name='submit' value='Confirm' />"; 
    echo "</form>";

PHP腳本:

<?PHP 
session_start(); 
$time = time(); 
$firstname = $_POST['firstname']; 
$lastname = $_POST['lastname']; 
$username = $_POST['username']; 
$salt = substr(base64_encode(openssl_random_pseudo_bytes(17)),0,22); 
$salt = str_replace("+",".",$salt); 
$salt = '$2a$08$' . $salt; 
$password = crypt($_POST['password'], $salt); 
$email = $_POST['email']; 
$like = $_POST['like']; 
$dislike = $_POST['dislike']; 
$fact = $_POST['fact']; 
$allow = $_POST['allow']; 
$UID = $_SESSION['user']['UID']; 
if ($allow == 'yes') { 
    $allowvalue = 1; 
} else { 
    $allowvalue = 0; 
}; 
$con = mysqli_connect('localhost','//db_username','//db_pass','//table'); 
if (mysqli_connect_errno($con)) { 
    echo "Failed to connect to MySQL: " . mysqli_connect_error(); 
} 
$query = "UPDATE users SET firstname = '" . $firstname . "', 
lastname = '" . $lastname . "', 
username = '" . $username . "', 
password = '" . $password . "', 
email = '" . $email . "', 
like = '" . $like . "', 
dislike = '" . $dislike . "', 
fact = '" . $fact . "', 
allowview = " . $allowvalue . " WHERE UID = " . $UID . ""; 
mysqli_query($con,$query); 
mysqli_close($con); 
?>

我真的不明白爲什麼預期這不會。任何幫助表示讚賞。 :)

來源

2014-04-26 Jake Mansell

回答

0 

var_dump($_SESSION['user']['UID']);

最有可能的ID與id不匹配的分貝

來源

2014-04-26 00:09:07 ptheofan

+0

它返回1,並且在db-table中它有一個UID = 1的記錄 –

1

預處理語句是不僅有利於避免sql infection但他們也將幫助您因此組織代碼讓你的代碼更加堅固

<?php 
session_start(); 
/*your variables*/ 
$time = time(); 
$firstname = $_POST['firstname']; 
$lastname = $_POST['lastname']; 
$username = $_POST['username']; 
$salt = substr(base64_encode(openssl_random_pseudo_bytes(17)),0,22); 
$salt = str_replace("+",".",$salt); 
$salt = '$2a$08$' . $salt; 
$password = crypt($_POST['password'], $salt); 
$email = $_POST['email']; 
$like = $_POST['like']; 
$dislike = $_POST['dislike']; 
$fact = $_POST['fact']; 
$allow = $_POST['allow']; 
$UID = $_SESSION['user']['UID']; 
if ($allow == 'yes') { 
    $allowvalue = 1; 
} else { 
    $allowvalue = 0; 
}; 

$mysqli = new mysqli("localhost", "//db_username", "//db_pass", "//table"); 
/* check connection */ 
if (mysqli_connect_errno()) { 
    echo ("Failed to connect to MySQL:: %s\n", mysqli_connect_error()); 
    exit(); 
} 
/* Prepare an update statement */ 
$query = "UPDATE users SET firstname = ?, 
lastname = ?, 
username = ?, 
password = ?, 
email = ?, 
like = ?, 
dislike = ?, 
fact = ?, 
allowview = ? WHERE UID = ?"; 

$stmt = $mysqli->prepare($query); 
$stmt->bind_param("ssssssssii",$firstname, $lastname, $username, $password, $email, 
           $like, $dislike, $fact, $allowvalue, $UID); 

/* Execute the statement */ 
$stmt->execute(); 

/* close connection */ 
$mysqli->close(); 
?>

來源

2014-04-26 01:01:51 meda

0

我想通了它是什麼。我的數據庫中有一列是'like'。這是一個MySQL關鍵字,所以它搞亂了我的查詢,謝謝你的建議:)

來源

2014-04-26 15:48:41

相關問題

 相關問題