2017-02-15 56 views
0

我正嘗試使用POST方法嘗試向我的數據庫字段中添加文本。我特別提到的數據庫字段叫做ProductVariantHTML。某些原因,它不會將數據發佈到我的數據庫中。

這是我的表單textarea的

<tr> 
    <td><label for="product-variant-html-description">Variant HTML Description:</label></td> 
    <td><textarea id="product-variant-html-description" name="ProductVariantHTML" maxlength=""><?=htmlspecialchars($productVariantHTML)?></textarea></td> 
    <td><span class="input-help"></span></td> 
</tr> 

這是ProductVariant類

<?php 
class ProductVariant 
{ 
    // Attributes 
    private $_Con; 
    private $_productVariantID; 
    private $_productID; 
    private $_SKU; 
    private $_MPN; 
    private $_barcode; 
    private $_price; 
    private $_salePrice; 
    private $_finalPrice; 
    private $_stock; 
    private $_length; 
    private $_height; 
    private $_width; 
    private $_weight; 
    private $_leadTimeFrom; 
    private $_leadTimeTo; 
    private $_soldCount; 
    private $_createdDate; 
//Nathan Added 2017 
    private $_productVariantHTML; 

//Nathan Added 2017 
    public function __construct(MySQLi $Con = NULL, $productVariantID = NULL, $productID = NULL, $SKU = NULL, $MPN = NULL, $barcode = NULL, $price = NULL, $salePrice = NULL, $finalPrice = NULL, $stock = NULL, $length = NULL, $height = NULL, $width = NULL, $weight = NULL, $leadTimeFrom = NULL, $leadTimeTo = NULL, $soldCount = NULL, $createdDate = NULL, $productVariantHTML = NULL) 
    { 
     $this->_Con = $Con; 
     $this->_productVariantID = $productVariantID; 
     $this->_productID = $productID; 
     $this->_SKU = $SKU; 
     $this->_MPN = $MPN; 
     $this->_barcode = $barcode; 
     $this->_price = $price; 
     $this->_salePrice = $salePrice; 
     $this->_finalPrice = $finalPrice; 
     $this->_stock = $stock; 
     $this->_length = $length; 
     $this->_height = $height; 
     $this->_width = $width; 
     $this->_weight = $weight; 
     $this->_leadTimeFrom = $leadTimeFrom; 
     $this->_leadTimeTo = $leadTimeTo; 
     $this->_soldCount = $soldCount; 
     $this->_createdDate = $createdDate; 
//Nathan Added 2017 
     $this->_productVariantHTML = $productVariantHTML; 
    } 

    // Properties Get 
    public function GetProductVariantID() { return $this->_productVariantID; } 
    public function GetProductID() { return $this->_productID; } 
    public function GetSKU() { return $this->_SKU; } 
    public function GetMPN() { return $this->_MPN; } 
    public function GetBarcode() { return $this->_barcode; } 
    public function GetPrice() { return $this->_price; } 
    public function GetSalePrice() { return $this->_salePrice; } 
    public function GetFinalPrice() { return $this->_finalPrice; } 
    public function GetStock() { return $this->_stock; } 
    public function GetLength() { return $this->_length; } 
    public function GetHeight() { return $this->_height; } 
    public function GetWidth() { return $this->_width; } 
    public function GetWeight() { return $this->_weight; } 
    public function GetLeadTimeFrom() { return $this->_leadTimeFrom; } 
    public function GetLeadTimeTo() { return $this->_leadTimeTo; } 
    public function GetSoldCount() { return $this->_soldCount; } 
    public function GetCreatedDate() { return $this->_createdDate; } 
//Nathan Added 2017 
    public function GetProductVariantHTML() { return $this->_productVariantHTML; } 

    // Properties Set 
    public function SetProductVariantID($v) { $this->_productVariantID = $v; } 
    public function SetProductID($v) { $this->_productID = $v; } 
    public function SetSKU($v) { $this->_SKU = $v; } 
    public function SetMPN($v) { $this->_MPN = $v; } 
    public function SetBarcode($v) { $this->_barcode = $v; } 
    public function SetPrice($v) { $this->_price = $v; } 
    public function SetSalePrice($v) { $this->_salePrice = $v; } 
    public function SetFinalPrice($v) { $this->_finalPrice = $v; } 
    public function SetStock($v) { $this->_stock = $v; } 
    public function SetLength($v) { $this->_length = $v; } 
    public function SetHeight($v) { $this->_height = $v; } 
    public function SetWidth($v) { $this->_width = $v; } 
    public function SetWeight($v) { $this->_weight = $v; } 
    public function SetLeadTimeFrom($v) { $this->_leadTimeFrom = $v; } 
    public function SetLeadTimeTo($v) { $this->_leadTimeTo = $v; } 
    public function SetSoldCount($v) { $this->_soldCount = $v; } 
    public function SetCreatedDate($v) { $this->_createdDate = $v; } 
//Nathan Added 2017 
    public function SetProductVariantHTML($v) { $this->_productVariantHTML = $v; } 
    public function FillProductVariantFromDBByProductID($productID) 
    { 
     $productID = $this->_Con->real_escape_string($productID); 
     $variantSQL = $this->_Con->query("SELECT ProductVariantID, ProductID, SKU FROM product_variant WHERE ProductID = $productID"); 

     if ($variantSQL == TRUE && $variantSQL->num_rows > 0) { 
      while ($variantRow = $variantSQL->fetch_assoc()) { 
       $ProductVariants[] = new self(NULL, (int)$variantRow['ProductVariantID'], (int)$variantRow['ProductID'], $variantRow['SKU']); 
      } 
      return $ProductVariants; 
     } 
     else { 
      return FALSE; 
     } 
    } 

    public function FillProductVariantFromDBByProductVariantID($productVariantID) 
    { 
     $productVariantID = $this->_Con->real_escape_string($productVariantID); 
     $variantSQL = $this->_Con->query("SELECT * FROM product_variant WHERE ProductVariantID = $productVariantID"); 

     if ($variantSQL == TRUE && $variantSQL->num_rows > 0) { 
      $variantRow = $variantSQL->fetch_assoc(); 
      $this->_productVariantID = (int)$variantRow['ProductVariantID']; 
      $this->_productID = (int)$variantRow['ProductID']; 
      $this->_SKU = $variantRow['SKU']; 
      $this->_MPN = $variantRow['MPN']; 
      $this->_barcode = $variantRow['Barcode']; 
      $this->_price = (float)$variantRow['Price']; 
      $this->_salePrice = ($variantRow['SalePrice'] == NULL) ? NULL : (float)$variantRow['SalePrice']; 
      $this->_finalPrice = (float)$variantRow['FinalPrice']; 
      $this->_stock = (int)$variantRow['Stock']; 
      $this->_length = ($variantRow['Length'] == NULL) ? NULL : (float)$variantRow['Length']; 
      $this->_height = ($variantRow['Height'] == NULL) ? NULL : (float)$variantRow['Height']; 
      $this->_width = ($variantRow['Width'] == NULL) ? NULL : (float)$variantRow['Width']; 
      $this->_weight = ($variantRow['Weight'] == NULL) ? NULL : (float)$variantRow['Weight']; 
      $this->_leadTimeFrom = (int)$variantRow['LeadTimeFrom']; 
      $this->_leadTimeTo = (int)$variantRow['LeadTimeTo']; 
//Nathan Added 2017 
      $this->_productVariantHTML = $variantRow['ProductVariantHTML']; 

      return TRUE; 
     } 
     else { 
      return FALSE; 
     } 
    } 

    // Create variant 
    public function CreateVariant($productID, $SKU, $MPN, $barcode, $price, $stock) 
    { 
     // Assign variables 
     $Con = $this->_Con; 
     $productID = $Con->real_escape_string($productID); 
     $SKU = $Con->real_escape_string(trim($SKU)); 
     if (empty($MPN)) { 
      $MPN = 'NULL'; 
     } else { 
      $MPN = "'" . $Con->real_escape_string(trim($MPN)) . "'"; 
     } 
     if (empty($barcode)) { 
      $barcode = 'NULL'; 
     } else { 
      $barcode = "'" . $Con->real_escape_string(trim($barcode)) . "'"; 
     } 
     $price = $Con->real_escape_string($price); 
     $finalPrice = $price; 
     $stock = $Con->real_escape_string($stock); 

     // Turn off autocommit 
     $Con->autocommit(FALSE); 
     $Con->query('BEGIN'); 

     $variantSQL = $Con->query("INSERT INTO product_variant (ProductID, SKU, MPN, Barcode, Price, FinalPrice, Stock, LeadTimeFrom, LeadTimeTo) 
     VALUES ($productID, '$SKU', $MPN, $barcode, $price, $finalPrice, $stock, 1, 2)"); 

     // Update productVariantID 
     $productVariantID = $Con->insert_id; 
     $this->_productVariantID = $productVariantID; 

     $detailSQL = $Con->query("INSERT INTO product_detail (ProductVariantID) 
     VALUES ($productVariantID)"); 

     if ($variantSQL == TRUE && $detailSQL == TRUE) { 
      // Commit the data, turn autocommit on 
      $Con->commit(); 
      $Con->autocommit(TRUE); 
      return TRUE; 
     } 
     else { 
      // If error inputting ANY data, rollback 
      $Con->rollback(); 
      $Con->autocommit(TRUE); 
      return FALSE; 
     } 
    } 

    // Create multi variant 
    public function CreateMultiVariant($variant, $productID, $SKU, $MPN, $barcode, $price, $stock, $variantStr) 
    { 
     // Assign variables 
     $Con = $this->_Con; 
     $productID = $Con->real_escape_string($productID); 
     $success = TRUE; 

     // Turn off autocommit 
     $Con->autocommit(FALSE); 
     $Con->query('BEGIN'); 

     // Loop through variant types and values 
     foreach ($variant as $key => $val) 
     { 
      // Get variant type and insert into database 
      $dbVariant = $Con->real_escape_string($key); 
      $variantSQL = $Con->query("INSERT INTO variant (Variant) 
      VALUES ('$dbVariant')"); 

      if ($success == TRUE && $variantSQL == TRUE) 
      { 
       $variantID = $Con->insert_id; 

       // Loop through each variant type values 
       foreach ($val as $v) 
       { 
        $dbVariantValue = $Con->real_escape_string($v); 
        $variantValueSQL = $Con->query("INSERT INTO variant_value (VariantID, VariantValue) 
        VALUES ($variantID, '$dbVariantValue')"); 

        if ($variantValueSQL == TRUE) { 
         $variantIDLink[$v] = $Con->insert_id; 
        } 
        else { 
         $success = FALSE; 
         break; 
        } 
       } 
      } 
      else 
      { 
       $success = FALSE; 
       break; 
      } 
     } 

     if ($success == TRUE) 
     { 
      for ($i = 0; isset($SKU[$i]); $i++) 
      { 
       $dbSKU = $Con->real_escape_string(trim($SKU[$i])); 
       if (empty($MPN[$i])) { 
        $dbMPN = 'NULL'; 
       } else { 
        $dbMPN = "'" . $Con->real_escape_string(trim($MPN[$i])) . "'"; 
       } 
       if (empty($barcode[$i])) { 
        $dbBarcode = 'NULL'; 
       } else { 
        $dbBarcode = "'" . $Con->real_escape_string(trim($barcode[$i])) . "'"; 
       } 
       $dbPrice = $Con->real_escape_string($price[$i]); 
       $dbFinalPrice = $dbPrice; 
       $dbStock = $Con->real_escape_string($stock[$i]); 

       // SQL INSERT for Product Variant 
       $pVariantSQL = $Con->query("INSERT INTO product_variant (ProductID, SKU, MPN, Barcode, Price, FinalPrice, Stock, LeadTimeFrom, LeadTimeTo) 
       VALUES ($productID, '$dbSKU', $dbMPN, $dbBarcode, $dbPrice, $dbFinalPrice, $dbStock, 1, 2)"); 
       $productVariantID = $Con->insert_id; 
       $this->_productVariantID = $productVariantID; 

       $dbVariantStrArray = explode('|', $variantStr[$i]); 

       foreach ($dbVariantStrArray as $dbVariantStr) 
       { 
        // Get ID of variant type 
        $dbVariantID = $variantIDLink[$dbVariantStr]; 

        // SQL INSERT for Product Detail 
        $pDetailSQL = $Con->query("INSERT INTO product_detail (ProductVariantID, VariantValueID) 
        VALUES ($productVariantID, $dbVariantID)"); 

        if ($pDetailSQL != TRUE) { 
         $success = FALSE; 
         break; 
        } 
       } 

       if ($success == FALSE || $pVariantSQL == FALSE || $variantSQL == FALSE || $variantValueSQL == FALSE || $pDetailSQL == FALSE) { 
        $success = FALSE; 
        break; 
       } 
      } 
     } 

     if ($success == TRUE) { 
      // Commit the data, turn autocommit on 
      $Con->commit(); 
      $Con->autocommit(TRUE); 
      return TRUE; 
     } 
     else { 
      // If error inputting ANY data, rollback 
      $Con->rollback(); 
      $Con->autocommit(TRUE); 
      return FALSE; 
     } 
    } 

    public function UpdatedProductVariant($productVariantID, $SKU, $MPN, $barcode, $price, $salePrice, $stock, $length, $height, $width, $weight, $leadTimeFrom, $leadTimeTo, $productVariantHTML) 
    { 
     $productVariantID = $this->_Con->real_escape_string($productVariantID); 
     $SKU = $this->_Con->real_escape_string($SKU); 
     $MPN = $this->_Con->real_escape_string($MPN); 
     if (empty($barcode)) { 
      $barcode = 'NULL'; 
     } else { 
      $barcode = "'" . $this->_Con->real_escape_string($barcode) . "'"; 
     } 
     $price = $this->_Con->real_escape_string($price); 
     if (empty($salePrice)) { 
      $salePrice = 'NULL'; 
      $finalPrice = $price; 
     } else { 
      $salePrice = $this->_Con->real_escape_string($salePrice); 
      $finalPrice = $salePrice; 
     } 
     $stock = $this->_Con->real_escape_string($stock); 
     if (empty($length)) { 
      $length = 'NULL'; 
     } else { 
      $length = $this->_Con->real_escape_string($length); 
     } 
     if (empty($height)) { 
      $height = 'NULL'; 
     } else { 
      $height = $this->_Con->real_escape_string($height); 
     } 
     if (empty($width)) { 
      $width = 'NULL'; 
     } else { 
      $width = $this->_Con->real_escape_string($width); 
     } 
     if (empty($weight)) { 
      $weight = 'NULL'; 
     } else { 
      $weight = $this->_Con->real_escape_string($weight); 
     } 
     if (empty($productVariantHTML)) { 
      $productVariantHTML = 'NULL'; 
     } else { 
      $productVariantHTML = $this->_Con->real_escape_string($productVariantHTML); 
     } 

     $leadTimeFrom = $this->_Con->real_escape_string($leadTimeFrom); 
     $leadTimeTo = $this->_Con->real_escape_string($leadTimeTo); 

     $variantSQL = $this->_Con->query("UPDATE product_variant SET SKU = '$SKU', MPN = '$MPN', Barcode = $barcode, Price = $price, SalePrice = $salePrice, FinalPrice = $finalPrice, Stock = $stock, Length = $length, Height = $height, Width = $width, Weight = $weight, LeadTimeFrom = $leadTimeFrom, LeadTimeTo = $leadTimeTo, ProductVariantHTML = $productVariantHTML WHERE ProductVariantID = $productVariantID"); 

     if ($variantSQL == TRUE) { 
      return TRUE; 
     } 
     else { 
      return FALSE; 
     } 
    } 

    // Delete variant 
    public function DeleteVariant() 
    { 
     // Assign variables 
     $Con = $this->_Con; 
     $productVariantID = $this->_productVariantID; 

     $deleteSQL = $Con->query("DELETE FROM product_variant WHERE ProductVariantID = $productVariantID"); 

     if ($deleteSQL == TRUE) { 
      return TRUE; 
     } 
     else { 
      return FALSE; 
     } 
    } 

    // Destructor 
    public function __destruct() 
    { 
    } 
} 
?> 

這是編輯產品variants.php

<?php 
include ('includes/site-define.php'); 
include ('includes/connection-open.php'); 
include ('includes/checks.php'); 
$metaTitle = 'Edit Product Variant'; 
$ConsoleMessage = new ConsoleMessage(); 
$productVariantID = (isset($_GET['product_variant_id'])) ? $_GET['product_variant_id'] : NULL; 
$productID = NULL; 
$SKU = NULL; 
$MPN = NULL; 
$barcode = NULL; 
$price = NULL; 
$salePrice = NULL; 
$finalPrice = NULL; 
$stock = NULL; 
$length = NULL; 
$height = NULL; 
$width = NULL; 
$weight = NULL; 
$leadTimeFrom = NULL; 
$leadTimeTo = NULL; 
$soldCount = NULL; 
$createdDate = NULL; 
//Nathan 2017 
$productVariantHTML = NULL; 

$ProductVariant = new ProductVariant($Con); 
$ProductVariant->FillProductVariantFromDBByProductVariantID($productVariantID); 
$productVariantID = $ProductVariant->GetProductVariantID(); 
$productID = $ProductVariant->GetProductID(); 
$SKU = $ProductVariant->GetSKU(); 
$MPN = $ProductVariant->GetMPN(); 
$barcode = $ProductVariant->GetBarcode(); 
$price = $ProductVariant->GetPrice(); 
$salePrice = $ProductVariant->GetSalePrice(); 
$stock = $ProductVariant->GetStock(); 
$length = $ProductVariant->GetLength(); 
$height = $ProductVariant->GetHeight(); 
$width = $ProductVariant->GetWidth(); 
$weight = $ProductVariant->GetWeight(); 
$leadTimeFrom = $ProductVariant->GetLeadTimeFrom(); 
$leadTimeTo = $ProductVariant->GetLeadTimeTo(); 
//Nathan 2017 
$productVariantHTML = $ProductVariant->GetProductVariantHTML(); 

if (isset($_POST['Save'])) 
{ 
    $SKU = $_POST['SKU']; 
    $MPN = $_POST['MPN']; 
    $barcode = $_POST['Barcode']; 
    $price = $_POST['Price']; 
    $salePrice = $_POST['SalePrice']; 
    $stock = (isset($_POST['Stock'])) ? 1 : 0; 
    $length = $_POST['Length']; 
    $height = $_POST['Height']; 
    $width = $_POST['Width']; 
    $weight = $_POST['Weight']; 
    $leadTimeFrom = $_POST['LeadTimeFrom']; 
    $leadTimeTo = $_POST['LeadTimeTo']; 
//Nathan 2017 
    $productVariantHTML = $_POST['ProductVariantHTML']; 

    if (empty($SKU) || strlen($SKU) > 100) { 
     $ConsoleMessage->AddError('SKU', NULL); 
    } 
    if (empty($MPN) || strlen($MPN) > 100) { 
     $ConsoleMessage->AddError('MPN', NULL); 
    } 
    if (strlen($barcode) > 100) { 
     $ConsoleMessage->AddError('Barcode', NULL); 
    } 
    if (empty($price) || !is_numeric($price)) { 
     $ConsoleMessage->AddError('Price', NULL); 
    } 
    if (!empty($salePrice)) { 
     if (!is_numeric($salePrice)) { 
      $ConsoleMessage->AddError('Sale Price', NULL); 
     } 
    } 
    if (!empty($length)) { 
     if (!is_numeric($length)) { 
      $ConsoleMessage->AddError('Length', NULL); 
     } 
    } 
    if (!empty($height)) { 
     if (!is_numeric($height)) { 
      $ConsoleMessage->AddError('Height', NULL); 
     } 
    } 
    if (!empty($width)) { 
     if (!is_numeric($width)) { 
      $ConsoleMessage->AddError('Width', NULL); 
     } 
    } 
    if (!empty($weight)) { 
     if (!is_numeric($weight)) { 
      $ConsoleMessage->AddError('Weight', NULL); 
     } 
    } 
    if (empty($leadTimeFrom) || !is_numeric($leadTimeFrom)) { 
     $ConsoleMessage->AddError('Lead Time From', NULL); 
    } 
    if (empty($leadTimeTo) || !is_numeric($leadTimeTo)) { 
     $ConsoleMessage->AddError('Lead Time To', NULL); 
    } 

    if ($ConsoleMessage->GetErrorCount() === 0) { 
     $UpdatedProductVariant = new ProductVariant($Con); 
     $updatedProductVariant = $UpdatedProductVariant->UpdatedProductVariant($productVariantID, $SKU, $MPN, $barcode, $price, $salePrice, $stock, $length, $height, $width, $weight, $leadTimeFrom, $leadTimeTo, $productVariantHTML); 

     if ($updatedProductVariant == TRUE) { 
      header("Location: product-variants.php?product_id=$productID"); 
      exit(); 
     } 
     else { 
      $ConsoleMessage->AddError('Updating Product Variant', NULL); 
     } 
    } 
} 
?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<title><?=$metaTitle . ' | ' . SITE_NAME?></title> 
<?php include ('includes/header-tags.php'); ?> 
</head> 
<body> 
<div id="wrapper"> 
    <?php 
    // Print header 
    $HeaderMenu = new HeaderMenu(); 
    $HeaderMenu->PrintHeader(); 
    ?> 
    <div id="main"> 
     <div class="h-wrapper"> 
      <h1>Edit Product Variant</h1> 
      <div class="menu-bar"> 
      </div> 
     </div> 
     <?php $ConsoleMessage->PrintMessages(); ?> 
     <form id="form" method="post" action=""> 
      <table class="input-table" cellpadding="0" cellspacing="0" border="0"> 
       <tr> 
        <th colspan="3">Product Variant Details</th> 
       </tr> 
       <tr> 
        <td><label for="sku">SKU:</label></td> 
        <td><input type="text" id="sku" size="10" name="SKU" value="<?=htmlspecialchars($SKU)?>" maxlength=""></td> 
        <td><span class="input-help"></span></td> 
       </tr> 
       <tr> 
        <td><label for="mpn">MPN:</label></td> 
        <td><input type="text" id="mpn" size="10" name="MPN" value="<?=htmlspecialchars($MPN)?>" maxlength="" /></td> 
        <td><span class="input-help"></span></td> 
       </tr> 
       <tr> 
        <td><label for="barcode">Barcode:</label></td> 
        <td><input type="text" id="barcode" size="10" name="Barcode" value="<?=htmlspecialchars($barcode)?>" maxlength="" /></td> 
        <td><span class="input-help"></span></td> 
       </tr> 
       <tr> 
        <td><label for="price">Price:</label></td> 
        <td><input type="text" id="price" size="10" name="Price" value="<?=htmlspecialchars($price)?>" maxlength=""></td> 
        <td><span class="input-help"></span></td> 
       </tr> 
       <tr> 
        <td><label for="sale-price">Sale Price:</label></td> 
        <td><input type="text" id="sale-price" size="10" name="SalePrice" value="<?=htmlspecialchars($salePrice)?>" maxlength=""></td> 
        <td><span class="input-help"></span></td> 
       </tr> 
       <tr> 
        <td><label for="stock">Stock:</label></td> 
        <td> 
        <input type="checkbox" id="stock" name="Stock" <?php if ($stock == 1) { echo 'checked="checked"'; } ?> /> 
        </td> 
        <td><span class="input-help"></span></td> 
       </tr> 
       <tr> 
        <td><label for="length">Length:</label></td> 
        <td><input type="text" id="length" size="10" name="Length" value="<?=htmlspecialchars($length)?>" maxlength=""></td> 
        <td><span class="input-help"></span></td> 
       </tr> 
       <tr> 
        <td><label for="height">Height:</label></td> 
        <td><input type="text" id="height" size="10" name="Height" value="<?=htmlspecialchars($height)?>" maxlength=""></td> 
        <td><span class="input-help"></span></td> 
       </tr> 
       <tr> 
        <td><label for="width">Width:</label></td> 
        <td><input type="text" id="width" size="10" name="Width" value="<?=htmlspecialchars($width)?>" maxlength=""></td> 
        <td><span class="input-help"></span></td> 
       </tr> 
       <tr> 
        <td><label for="weight">Weight:</label></td> 
        <td><input type="text" id="weight" size="10" name="Weight" value="<?=htmlspecialchars($weight)?>" maxlength=""></td> 
        <td><span class="input-help"></span></td> 
       </tr> 
<!--Nathan 2017--> 
       <tr> 
        <td><label for="product-variant-html-description">Variant HTML Description:</label></td> 
        <td><textarea id="product-variant-html-description" name="ProductVariantHTML" maxlength=""><?=htmlspecialchars($productVariantHTML)?></textarea></td> 
        <td><span class="input-help"></span></td> 
       </tr> 

       <tr> 
        <td><label for="lead-time-from">Lead Time:</label></td> 
        <td> 
         <input type="text" id="lead-time-from" size="5" name="LeadTimeFrom" value="<?=htmlspecialchars($leadTimeFrom)?>" maxlength=""> to 
         <input type="text" id="lead-time-to" size="5" name="LeadTimeTo" value="<?=htmlspecialchars($leadTimeTo)?>" maxlength=""> 
        </td> 
        <td><span class="input-help"></span></td> 
       </tr> 
       <tr> 
        <td colspan="3"> 
         <button id="proceed-btn" type="submit" name="Save">Save</button> 
         <img class="btn-load-left" src="images/btn-load.gif"> 
        </td> 
       </tr> 
      </table> 
     </form> 
    </div> 
    <div style="clear:both;"></div> 
</div> 
<?php include('includes/footer.php') ?> 
</body> 
</html> 
<?php include ('includes/connection-close.php'); ?> 

錯誤消息

Error

+1

HTML中某處是否有'

'? – RiggsFolly

+0

是否所有其他列都得到更新? – RiggsFolly

+0

您可以發佈整個HTML代碼嗎? – DamiToma

回答

1

在與 「開頭的SQL語句」 UPDATE product_variant SET SKU ...「:

ProductVariantHTML = $productVariantHTML 

應該

ProductVariantHTML = '$productVariantHTML' 

我會猜測$ productVariantHTML不是一個數值,也不是inte nded代表表中的另一列。因此它需要引用它。否則,由於您創建了變量「nathan」,因此它會嘗試將ProductVariantHTML列的值設置爲名爲nathan的列的值,因爲SQL解釋器將其視爲字面值,而不是字符串數據。

注意:正如其他人在評論中所說的,你可以通過首先使用適當的參數化查詢來避免這種語法錯誤,而不是脆弱的字符串連接。這樣做還可以更好地防範SQL注入攻擊的實際危險。您的數據可能會被破壞,刪除或泄露給任何使用相對普通技能操作的人。

相關問題