$newCity = $_POST['city'];
$set = mysqli_query($con, "UPDATE users SET city = '$newCity' WHERE username = '$theUser'");
我在嘗試使用變量的值更新mySql
列UPDATE
。 但是,當我檢查的價值,它更新,但一旦我刷新執行,它改變了值爲NULL
編輯:$theUser = a working session username
$newCity = $_POST['city'];
$set = mysqli_query($con, "UPDATE users SET city = '$newCity' WHERE username = '$theUser'");
我在嘗試使用變量的值更新mySql
列UPDATE
。 但是,當我檢查的價值,它更新,但一旦我刷新執行,它改變了值爲NULL
編輯:$theUser = a working session username
嘗試:
if(isset($_POST['city'])){
$newCity = $_POST['city'];
$set = mysqli_query($con, "UPDATE users SET city = '$newCity' WHERE username = '$theUser'");
}
也請儘量篩選用戶輸入之前將其傳遞給查詢。
謝謝,這工作得很好:) – user3324006
從'$ _POST'直接將變量傳遞到查詢是一種簡單的方法如何進行SQL注入...不要忘記使用'mysqli_real_escape_string()'! –
if(isset($_POST['city'])){
$newCity = mysqli_real_escape_string($_POST['city']);
$theUser = mysqli_real_escape_string($userUser); // assuming you haven't escaped it already.
$query = "UPDATE users SET city = '$newCity' WHERE username = '$theUser'";
$set = mysqli_query($con, $query);
}
你是什麼意思刷新執行?你是否重新提交表格? –