PHP SQL更新查詢語法

Question

我正在處理我的第一個PHP/MySQL項目，並且我已經獲得了基本的登錄和INSERT查詢工作，但沒有更新。這是我的第一次更新，它只是一個狀態和郵編的行。有什麼問題嗎？

$dbc = mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB"); 

$state=$_POST['state']; 
$zip=$_POST['zip']; 

$custnum = 0; 
$sql="UPDATE $tbl_name SET state = '$state', zip = '$zip', WHERE custnum = '$custnum'"; 
$result = mysqli_query($dbc, $sql) 
or die('Error querying database.'); 

Answer 1

我想你需要擺脫在WHERE之前的逗號。

Answer 2

$dbc = mysql_connect($host, $username, $password)or die("cannot connect"); //don't need quotes 
    mysql_select_db($db_name,$dbc)or die("cannot select DB"); //added the $dbc (connection link) as a second parameter 

    $state=mysql_real_escape_string($_POST['state']); //Should make it safe! 
    $zip=mysql_real_escape_string($_POST['zip']); //Should make it safe! 

    $custnum = 0; 
    $sql="UPDATE $tbl_name SET state = '$state', zip = '$zip' WHERE custnum = '$custnum'"; 

//removed an extra comma 

    //Notice that $tbl_name isn't defined! 
    u 
    $result = mysql_query($sql) 
    or die('Error querying database.'); //from mysqli to mysql 

Answer 3

之前 「WHERE」 條款刪除最後一個逗號。另外，如果剛開始時，在爲字符串使用雙引號時，將括號括在變量名稱周圍很合適。幫助您更好地區分變量。

Pekka在他的評論中也是正確的，你在混合mysql和mysqli函數。改用mysql_query（）。

Answer 4

看起來像SQL語法錯誤：刪除之前WHERE

Answer 5

如果（isset（$ _ POST [ '更新']））{ $ 名稱= $ _ POST [ '名稱']逗號; // echo $ name;死; $ surname = $ _ POST ['surname'];

$upd="update table_name SET name='$name',surname='$surname' where id=$id"; 
mysql_query($upd); 

}

Answer 6

$suitno =mysqli_real_escape_string($ecms,$_POST['suitno']);//protecting sql injection 
$defendant=mysqli_real_escape_string($ecms,$_POST['defendant']);//protecting sql injection 
$casenature=mysqli_real_escape_string($ecms,$_POST['casenature']);//protecting sql injection 

$sql="UPDATE causelist SET suitno='{$suitno}', 
casenature='{$casenature}' WHERE suitno='{$suitno}'"; 
$result = mysqli_query($ecms, $sql) 
or die('Error querying database.');