更新,这仍然无法正常工作。我困惑和加重

时间:2015-06-08 04:56:05

标签: php sql 

i updated the code to what u all told me to put, see. still not working -__-

//更新

<?php

session_start();

if(isset($_POST["submit"])){


if (!(isset($_SESSION['sess_user']) || $_SESSION['sess_user'] == '')) {
header("location:index.php");
} else {

$dbcon = mysqli_connect('mysql6.000webhost.com', 'a8186782_db', 'password1', 'a8186782_db') or die(mysqli_error($dbcon));

$newname = mysqli_real_escape_string($dbcon, $_POST['newname']);
$newname2 = mysqli_real_escape_string($dbcon, $_POST['newname2']);
$username = mysqli_real_escape_string($dbcon, $_SESSION['sess_user']);

if ($newname <> $newname2) { echo "Your fraternity names do not match.";}

//看到我告诉你,这无效仍然无法正常工作

else if (mysqli_query($dbcon, "UPDATE accounts SET groupname = '$newname', founder = '$username' WHERE username = '$username'")

//更多细节

{ 

echo "Your fraternity has been created. You will now be logged out.";

echo "<META http-equiv='refresh' content='3;URL=logout.php'>";

}

//更多细节     else {mysqli_error($ dbcon); } 

mysqli_close($dbcon);
}
?>

3 个答案:

答案 0 :(得分:0)

试试这个,

<?php

session_start();

if(isset($_POST["submit"])){


if (!(isset($_SESSION['sess_user']) || $_SESSION['sess_user'] == '')) {
header("location:index.php");
} else {

$dbcon = mysqli_connect(' ', ' ', ' ', ' ') or die(mysqli_error($dbcon));

$newname = mysqli_real_escape_string($dbcon, $_POST['newname']);
$newname2 = mysqli_real_escape_string($dbcon, $_POST['newname2']);
$username = mysqli_real_escape_string($dbcon, $_SESSION['sess_user']);

if ($newname <> $newname2) { echo "Your fraternity names do not match.";}

else if (mysqli_query($dbcon, "UPDATE accounts SET (groupname, founder) VALUES($newname, $username) WHERE username = '$username'"))

{ 

 echo "Your fraternity has been created. You will now be logged out.";

 echo "<META http-equiv='refresh' content='3;URL=logout.php'>";

 }

 else { mysqli_error($dbcon); }

 mysqli_close($dbcon);
 }
 }
 ?>

像这样提出你的查询,

UPDATE accounts SET groupname = $newname, founder = $username WHERE username = $username"

答案 1 :(得分:0)

您的UPDATE查询语法错误:

 UPDATE accounts SET groupname =  $newname, 
                     founder = $username 
         WHERE username = '$username';

请参阅此http://dev.mysql.com/doc/refman/5.0/en/update.html

答案 2 :(得分:0)

不要像Update query那样处理你的insert query并且还要阻止使用sql注入进行查询,并且列名将在引号中。表名和字段名称始终位于backticks

这将是

mysqli_query($dbcon, "UPDATE `accounts` 
                      SET `groupname`='".$newname."', 
                          `founder` ='".$username."' 
                      WHERE `username` = '".$username."'")

你的整个代码

<?php

session_start();

if(isset($_POST["submit"])){


if (!(isset($_SESSION['sess_user']) || $_SESSION['sess_user'] == '')) {
header("location:index.php");
}

$dbcon = mysqli_connect(' ', ' ', ' ', ' ') or die(mysqli_error($dbcon));

$newname = mysqli_real_escape_string($dbcon, $_POST['newname']);
$newname2 = mysqli_real_escape_string($dbcon, $_POST['newname2']);
$username = mysqli_real_escape_string($dbcon, $_SESSION['sess_user']);

if ($newname <> $newname2) { echo "Your fraternity names do not match.";}

else if ((mysqli_query($dbcon, "UPDATE `accounts` 
                      SET `groupname`='".$newname."', 
                          `founder` ='".$username."' 
                      WHERE `username` = '".$username."'")))

{ 

 echo "Your fraternity has been created. You will now be logged out.";

 echo "<META http-equiv='refresh' content='3;URL=logout.php'>";

 }

 else { mysqli_error($dbcon); }

 mysqli_close($dbcon);
}
相关问题
最新问题