請幫我解決這個問題 我想造成這樣的 - >爆炸()預計參數2爲字符串
UPDATE anggota SET id = '1000',name = 'Danti',Address = 'Jalan Mawar' WHERE Kode_anggota='10000'
我用$_GET
爲我的表名,所以我可以用一個查詢所有的表,這是我的代碼:
<?php
function updateData($value) {
$table = $_GET['tujuan'];
$id = $_GET['id'];
$query1 = mysql_query("SELECT * FROM $table ORDER BY Kode_$table");
$fieldNum = mysql_num_fields($query1);
for($q=0;$q<$fieldNum;$q++){
$fieldName = mysql_field_name($query1, $q);
$name [] = $fieldName;
}
$output1 = explode (" ",$name);
foreach ($value as $arrVal) {
$total [] = $arrVal;
}
$output = explode("", $total);
echo "UPDATE $table SET";
for($a=0;$a<$fieldNum;$a++){
$akhir = "$output1".$a." = $output".$a."";
$akhir1 [] = $akhir;
}
$akhir2 = implode (",",$akhir1);
echo $akhir2;
echo " WHERE Kode_$table='$id'";
}
?>
但是,當我跑步時我的節目,我得到了這樣的通知,2 - >
Warning:explode()期望參數2是字符串,數組在C:\ xampp \ htdocs \ Proyek 2 \ cobalagi \ koneksi_class.php上在線88
警告:explode()期望參數2是字符串,陣列中的C中給出:\ XAMPP \ htdocs中\ Proyek 2 \ cobalagi \ koneksi_class.php上線93 UPDATE anggota SET0 = 0,1 = 1,2 = 2 WHERE Kode_anggota = '10000'
我應做?
因爲變量$ name是數組不是字符串 –
首先,也是最重要的,你要修復SQL注入漏洞。永遠不要在sql語句中使用未過濾和未轉義的請求數據。看看http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php –