我在這裏遇到一些問題。我正在爲我的公司開發一個閃存數據庫管理器,並且我已經擁有插入和「搜索」功能。嘗試使UPDATE工作時出現問題。生病後兩碼的位置:無法使用Flash應用程序更新php數據庫
PHP(修訂版)
<?php
//connect to the local MySQL
$connect=mysql_connect("localhost", "****", "****");
//select your database
mysql_select_db("****");
//Variables
$ID=$_POST[IDPost];
$Nome=$_POST[Nome];
$Tipo=$_POST[Tipo];
$Empresa=$_POST[Empresa];
$Morada=$_POST[Morada];
$CodPostal=$_POST[CodPostal];
$Email=$_POST[Email];
$Contacto1=$_POST[Contacto1];
$Contacto2=$_POST[Contacto2];
$DataNascimento=$_POST[DataNascimento];
$Profissao=$_POST[Profissao];
$Notas1=$_POST[Notas1];
$Notas2=$_POST[Notas2];
//query the database
$query="
UPDATE
GestaoClientes
SET
Nome = '$Nome',
Tipo = '$Tipo',
Empresa = '$Empresa',
Morada = '$Morada',
CodPostal = '$CodPostal',
Email = '$Email',
Contacto1 = '$Contacto1',
Contacto2 = '$Contacto2',
DataNascimento = '$DataNascimento',
Profissao = '$Profissao',
Notas1 = '$Notas1',
Notas2 = '$Notas2'
WHERE
ID = '$ID'";
$result=mysql_query($query);
if (!mysql_query($query,$connect))
{
die('Error: ' . mysql_error());
echo "Result=NotOk";
}else{
echo "Result=Ok";
}
mysql_close($connect);
?>
閃存
public function editInfo(MouseEvent):void
{
var request:URLRequest = new URLRequest ("link.php");
request.method = URLRequestMethod.POST;
trace("called");
var variables:URLVariables = new URLVariables();
variables.IDPost = NField.text;
variables.Nome = NomeField.text;
variables.Email = NomeField.text;
variables.Morada = MoradaField.text;
variables.CodPostal = CodPostalField.text;
variables.Tipo = TipoField.text;
variables.Empresa = EmpresaField.text;
variables.Profissao = ProfissaoField.text
variables.DataNascimento = DataNascimentoField.text;
variables.Notas1 = Notas1Field.text;
variables.Notas2 = Notas2Field.text;
request.data = variables;
var loader:URLLoader = new URLLoader (request);
loader.addEventListener(Event.COMPLETE, onComplete);
loader.dataFormat = URLLoaderDataFormat.VARIABLES;
loader.load(request);
function onComplete(e:Event):void
{
trace("ok");
}
}
當我嘗試在瀏覽器中去的PHP,如果只是給我錯誤:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''Nome' = '', 'Tipo' = '', 'Empresa' = '', 'Morada' = '', 'CodPostal' = '', 'Emai' at line 4
這雖然可能是正常的,因爲我沒有通過瀏覽器傳遞任何「POST」變量。
閃存doesent在嘗試這段代碼時會返回任何錯誤,所以我假設連接本身沒問題,但是它還沒有進行更新。這段代碼有什麼問題嗎?謝謝。
更新:我現在更改了我的代碼,它不顯示語法錯誤,但仍在閃存中進行更新。任何意識爲什麼? :/感謝
在嘗試對它們執行SQL quey之前,您應該轉義所有$ _POST變量。 – Twelve47 2011-04-12 14:15:07
什麼是「PHP數據庫」?您的SQL注入預防在哪裏? – 2011-04-12 14:15:52
@Marco,你的PHP很可怕。您可以隨時隨地進行大量攻擊,並且可能有些粗略的數據正在破壞您的查詢。您應該爲您的數據庫工作實施PDO。請參閱http://www.phpro.org/tutorials/Introduction-to-PHP-PDO.html – Brad 2011-04-12 14:17:30