問題描述
這是我在 Stack Overflow 上的第一篇文章.我知道這個問題之前已經被問過很多次了.我經歷了很多答案,嘗試了所有答案(顯然正確的方法除外),但不知道該嘗試什么了.
this is my first post here at Stack Overflow. I know the question has been asked many times before. I went through many answers, tried all of them (except the correct approach obviously) and don't know what to try anymore.
我有一個 SQL 表,其中每一行都有一個編輯"按鈕.單擊它時,我將所選行的 id 傳遞給 edit.php.在那里,我得到它并根據用戶從表單輸入的 id 更新給定的行.第一列是 id,設置為 AUTO_INCREMENT.
I have an SQL table where every row has an "edit" button. When clicking it, I pass over the id of the selected row to edit.php. There, I get it and update the given row based on the id with the user input from the form. The first column is id which is set to AUTO_INCREMENT.
順便說一句,無論我使用 WHERE id=$id"; 還是 WHERE id='$id'";
On a side note, I get the same error, no matter if I use WHERE id=$id"; or WHERE id='$id'";
我認為最接近正確方法的代碼如下,并在代碼下方生成錯誤消息:
The code which I think is closest to the correct approach is as follows and generates the error message below the code:
<html>
<title>
Video Archiv - New
</title>
<body>
<?php
include("connect.php");
$id=$_GET['id'];
echo "Details von Video #$id editieren:<br /><br />";
if(isset($_POST['update']))
{
$sql = "UPDATE VideoArchiv
SET ('".$_POST["titel"]."','".$_POST["schauspieler"]."')
WHERE id=$id";
$result = mysqli_query($connect,$sql);
if (mysqli_query($connect,$sql) === TRUE)
{
echo "Record updated successfully";
}
else
{
echo "Error updating record: " . $connect->error;
}
}
?>
<form action="edit.php" method="post">
<label> Titel:</label><br/>
<input type="text" name="titel" required><br/>
<label>Schauspieler</label><br/>
<input type="text" name="schauspieler" required><br/>
<br />
<button type="submit" name="update">Speichern</button>
</form>
<?php
include("back.php");
?>
</body>
</html>
錯誤信息:
錯誤更新記錄:您的 SQL 語法有錯誤;檢查與您的 MySQL 服務器版本相對應的手冊,了解在第 2 行的 '('a','d') WHERE id=9' 附近使用的正確語法
非常感謝您的幫助,對于重復的問題很抱歉,但我真的找不到解決方案并且非常絕望.
Thanks a lot for your help and sorry for the duplicate question, but I really can't find the solution and am pretty desperate.
以下代碼給出了這個錯誤:
The following code gives this error:
致命錯誤:未捕獲的錯誤:在/homepages/25/d72758610/htdocs/multimedia/edit.php:30 中的 bool 上調用成員函數 bind_param() 堆棧跟蹤:#0 {main} throw in/homepages/25/d72758610/htdocs/multimedia/edit.php 第 30 行
Fatal error: Uncaught Error: Call to a member function bind_param() on bool in /homepages/25/d72758610/htdocs/multimedia/edit.php:30 Stack trace: #0 {main} thrown in /homepages/25/d72758610/htdocs/multimedia/edit.php on line 30
<html>
<title>
Video Archiv - New
</title>
<body>
<?php
include("connect.php");
$id=$_GET['id'];
$title = $_POST["titel"];
$schauspieler = $_POST["schauspieler"];
if(empty($title))
{
echo "error";
}
elseif(empty($schauspieler))
{
echo "error";
}
else
{
$sql = "UPDATE users SET title=?, schauspieler=? WHERE id=?";
$stmt= $connect->prepare($sql);
$stmt->bind_param("ssi", $title, $schauspieler, $id);
if($stmt->execute())
{
echo "Succes";
}
else
{
echo "something went wromg";
}
}
?>
<form action="edit.php" method="post">
<label> Titel:</label><br/>
<input type="text" name="titel" required><br/>
<label>Schauspieler</label><br/>
<input type="text" name="schauspieler" required><br/>
<br />
<button type="submit" name="update">Speichern</button>
</form>
<?php
include("back.php");
?>
</body>
</html>
推薦答案
非常簡單,可以避免 sql 注入并使用最新代碼,并且您的 SQL 語法有錯誤.
Very simple to avoid sql injections and use up to date codes and You have an error in your SQL syntax.
這是一個例子:
include("connect.php");
$id=$_GET['id'];
$title = $_POST["titel"];
$schauspieler = $_POST["schauspieler"];
if(empty($title)){
echo "error";
}elseif(empty($schauspieler)){
echo "error";
}else{
$sql = "UPDATE VideoArchiv SET title=?, schauspieler=? WHERE id=?";
$stmt= $connect->prepare($sql);
$stmt->bind_param("ssi", $title, $schauspieler, $id);
if($stmt->execute()){
echo "Succes";
}else{
echo "something went wromg";
}
}
查看更多:https://phpdelusions.net/mysqli_examples/update
更新:第一個代碼對你有用,但如果你仍然想使用程序化的方式,那么我們這個:
UPDATE : First code will work for you, but if you still want to use procedural way then us this :
include("connect.php");
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//Check if we get id
$Testid = $_GET['id'];
if(empty($Testid)){
echo "id is empty";
}else{
$id = $_GET['id'];
}
$title = $_POST["titel"];
$schauspieler = $_POST["schauspieler"];
if(empty($title )){
echo "error". $title;
}elseif(empty($schauspieler)){
echo "error". $schauspieler;
}else{
$sql = "UPDATE VideoArchiv SET title=?, schauspieler=? WHERE id=?";
$stmt = mysqli_prepare($connect, $sql);
mysqli_stmt_bind_param($stmt, 'ssi', $title, $schauspieler, $id);
mysqli_stmt_execute($stmt);
}
}
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<label> Titel:</label><br/>
<input type="text" name="titel" required><br/>
<label>Schauspieler</label><br/>
<input type="text" name="schauspieler" required><br/>
<br />
<button type="submit" name="update">Speichern</button>
</form>這篇關于為什么此 SQL UPDATE 查詢不適用于 WHERE 的變量?的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網!