1. 首頁
  2. 問答
  3. 無法更新數據庫

無法更新數據庫

2014-10-30 122 views
0 
<?php 
    session_start(); 

    if (isset($_POST['userid']) && isset($_POST['password'])) 
    { 
    // if the user has just tried to log in 
    $userid = $_POST['userid']; 
    $password = $_POST['password']; 

    $db_conn = new mysqli('localhost', 'user', 'passwd', 'dbname'); 

    if (mysqli_connect_errno()) { 
    echo 'Connection to database failed:'.mysqli_connect_error(); 
    exit(); 
    } 

    $query = 'select * from users ' 
      ."where userid like'$userid' " 
      ." and password like sha1('$password')"; 

    $result = $db_conn->query($query); 


    if ($result->num_rows >0) 
    { 
    // if they are in the database register the user id 
    $_SESSION['valid_user'] = $userid;  
    } 
    $db_conn->close(); 
    } 
    ?> 
    <? 

    $db_conn = new mysqli('localhost', 'user', 'passwd', 'dbname'); 

    if (mysqli_connect_errno()) { 
    echo 'Connection to database failed:'.mysqli_connect_error(); 
    exit(); 
    } 


    if (isset($_POST['submit'])) { 
    if (empty($_POST['name']) || empty ($_POST['dob']) || empty ($_POST['contact'])|| empty   ($_POST['address'])|| empty ($_POST['email'])) { 
    echo "All records to be filled in"; 
    exit;} 
    } 
    $name = $_POST['name']; 
    $dob = $_POST['dob']; 
    $contact = $_POST['contact']; 
    $address = $_POST['address']; 
    $email = $_POST['email']; 

    $userid = $_SESSION['valid_user']; 
    $sql = "UPDATE users SET name=$name, dob=$dob, contact=$contact, address=$address, email=$email 
    WHERE userid ='$userid'"; 
     $result = $db_conn->query($sql); 
    if (!$result) 
     echo "Your query failed."; 
    else 
     echo "User Information Updated "; 

?> 
<meta http-equiv="refresh" content="5;URL=members.php" />

我得到your query failed當我運行它。任何人有任何線索爲什麼我的數據庫不更新?無法更新數據庫

我很確定我的sql的作品。我的編碼有錯誤嗎?

來源

2014-10-30 Lionel Koh Wei Hao

+0

你檢查了mysql錯誤返回了嗎? – 2014-10-30 09:02:55

+2

爲什麼不使用MySQLi準備語句? – 2014-10-30 09:03:09

+0

試着迴應你的查詢並將其複製/粘貼到你的數據庫查詢工具中,你會發現自己有什麼問題!順便說一句,不要沒有很好的理由,使用=代替。 – Logar 2014-10-30 09:03:15

回答

1

您的查詢完好無損,只是您沒有使用準備好的語句。

問題在於你的變量。 echo他們,看看他們有什麼。

由於我們無法訪問您的數據庫,因此我們很難驗證您的查詢是否有其他問題。你可以例如創建一個SQL Fiddle

別的東西,你應該讀了起來:SQL Injection

Prepared statements這個樣子的:

<?php 
$mysqli = new mysqli("localhost", "my_user", "my_password", "world"); 

/* check connection */ 
if (mysqli_connect_errno()) { 
    printf("Connect failed: %s\n", mysqli_connect_error()); 
    exit(); 
} 

$city = "Amersfoort"; 

/* create a prepared statement */ 
if ($stmt = $mysqli->prepare("SELECT District FROM City WHERE Name=?")) { 

    /* bind parameters for markers */ 
    $stmt->bind_param("s", $city); 

    /* execute query */ 
    $stmt->execute(); 

    /* bind result variables */ 
    $stmt->bind_result($district); 

    /* fetch value */ 
    $stmt->fetch(); 

    printf("%s is in district %s\n", $city, $district); 

    /* close statement */ 
    $stmt->close(); 
} 

/* close connection */ 
$mysqli->close(); 
?>

來源

2014-10-30 09:07:46 deW1

-1

看起來你exist說法是不對的..

if (isset($_POST['submit'])) 
{ 
    if (empty($_POST['name']) || empty ($_POST['dob']) || empty ($_POST['contact'])|| empty   ($_POST['address'])|| empty ($_POST['email'])) 
    { 
     echo "All records to be filled in"; 
     **exit**; 
    } 
}

來源

2014-10-30 09:24:27

-1

報價失蹤。而不是

"UPDATE users SET name=$name, dob=$dob, contact=$contact, address=$address, email=$email WHERE userid ='$userid'"; try this 
"UPDATE users SET name='$name', dob=$dob, contact=$contact, address=$address, email=$email WHERE userid ='$userid'";

來源

2014-10-30 09:54:00 user3510665

相關問題

 相關問題