+----------------+-----------+
|name(varchar)PK |money(int) |
+----------------+-----------+
我怎麼能制定一個查詢,以便它可以:查詢插入或如果需要更新記錄
1.Be能夠插入的名稱和貨幣價值
2.如果說名字已經存在,它應該只通過增加它的值和它從表單中獲得的值來更新錢列。 嘗試使用:
REPLACE INTO practable SET name = '$name', money = 'money' + $amount
它滿足第一個要求,但在更新錢列它只是取代了舊的價值用新的,不添加它們。
下面是完整的代碼(草案版本):
<?php
//This script by another form which takes the amount and name paramters from user
if(!empty($_GET['nameg']) && !empty($_GET['amountg'])){
$user="root";
$pass="password";
$db="practice";
$name=$_GET['nameg'];
$amount=$_GET['amountg'];
mysql_connect('localhost',$user,$pass) or die("Connection Failed!, " . mysql_error());
$query="REPLACE INTO practable SET name = '$name', given = 'given' + $amount";
mysql_select_db($db) or die("Couldn't connect to Database, " . mysql_error());
mysql_query($query) or die("Couldn't execute query! ". mysql_error());
mysql_close() or die("Couldn't disconnect!");
}
?>
您試過了: REPLACE INTO實際SET name ='$ name',money = SUM(money,$ amount) 順便說一下。你的代碼非常危險!它允許SQL注入攻擊。 – 2012-03-17 19:56:58
請閱讀SQL注入...請參閱:http://stackoverflow.com/questions/332365/xkcd-sql-injection-please-explain – Johan 2012-03-17 20:01:59
我知道,這是草稿版本:)謝謝反正! – tutak 2012-03-17 20:09:05