我的编辑用户遇到问题。单击提交按钮后,它将显示错误“您的SQL语法中有错误;请查看与您的MySQL服务器版本对应的手册,以便在第1行附近使用正确的语法” 这是它的错误代码。 我不知道我的代码发生了什么。我尝试多次调试。
<?php
//set session start
session_start();
function renderForm($UID,$Username,$Unitno,$Cont,$PW,$UEmail,$UPay,$JD,$PD)
{?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><link href="styles/style1.css" media="screen" rel="stylesheet" title="CSS" type="text/css" /></head><body><!-- Begin Container -->
<div id="container">
<!-- Begin Masthead -->
<div id="masthead">
</div>
<!-- End Masthead -->
<!-- Begin Navigation -->
<div id="navigation">
<ul>
<li><a href="homepage.php">Home Page</a></li>
<li><a href="notice.php">Notice</a></li>
<li><a href="feedback.php">Feedback</a></li>
<li><a href="user.php">User</a></li>
<li><a href="logout.php">Logout</a></li>
</ul>
</div>
<!-- End Navigation -->
<!-- Begin Content -->
<div id="content">
<!-- #BeginEditable "content" -->
<h1>Edit User</h1>
<hr/>
You are on:
<a href="user.php">User</a>
<br/>
<form action="" method="post">
<table align="center">
<tr>
<p align = "center"><strong>User ID: </strong> <?php echo $UID?></p><br/>
<td align = "right">
<strong>User Name: </strong> <input type="text" name="UserName" value = "<?php echo $Username; ?>" /><br/>
<strong>Unit No: </strong> <input type="text" name="UnitNo" value = "<?php echo $Unitno; ?>" /><br/>
<strong>Contact: </strong> <input type="text" name="Contact" value = "<?php echo $Cont; ?>" /><br/>
<strong>Password: </strong> <input type="text" name="Password" value = "<?php echo $PW; ?>" /><br/>
<strong>Email: </strong> <input type="text" name="UserEmail" value = "<?php echo $UEmail; ?>" /><br/>
<strong>User Pay: </strong> <input type="text" name="UPayment" value = "<?php echo $UPay; ?>" /><br/>
<strong>Join Date: </strong> <input type="text" name="JoinDate" value = "<?php echo $JD; ?>" /><br/>
<strong>Pay Date: </strong> <input type="text" name="PayDate" value = "<?php echo $PD; ?>" /><br/>
<input type="submit" name="submit" value="Submit">
</td>
</tr></table>
<br/>
<hr/>
</div>
<!-- End Content -->
<!-- Begin Footer -->
<div id="footer">
<p>
Copyright © 2012 Condominium Management. All Rights Reserved.
</p>
</div>
<!-- End Footer -->
</div>
<!-- End Container -->
</body>
</html><?php
include ("connection_db.php");
if(isset($_POST['submit']))
{
if (is_numeric($_POST['UID']))
{
$UserID = $_POST['UserID'];
$UserName= mysql_real_escape_string(htmlspecialchars($_POST['UserName']));
$UnitNo = mysql_real_escape_string(htmlspecialchars($_POST['UnitNo']));
$Contact = mysql_real_escape_string(htmlspecialchars($_POST['Contact']));
$Password= mysql_real_escape_string(htmlspecialchars($_POST['Password']));
$UEmail = mysql_real_escape_string(htmlspecialchars($_POST['UserEmail']));
$UPayment = mysql_real_escape_string(htmlspecialchars($_POST['UPayment']));
$JoinDate= mysql_real_escape_string(htmlspecialchars($_POST['JoinDate']));
$PayDate = mysql_real_escape_string(htmlspecialchars($_POST['PayDate']));
}
else
{
$sql = "UPDATE User SET UserName='$UserName', UnitNo='$UnitNo', Contact='$Contact', Password='$Password', UserEmail='$UEmail', UPayment='$UPayment', JoinDate='$JoinDate', PayDate='$PayDate' where UserID = $UserID";
mysql_query($sql) or die(mysql_error());
header("Location:user.php");
}
}
else
{
if(isset($_GET['UserID']) && is_numeric($_GET['UserID']) && $_GET['UserID']>0)
{
$uid = $_GET['UserID'];
$result = mysql_query("SELECT * FROM User Where UserID = $uid") or die (mysql_error());
$row = mysql_fetch_array($result);
if($row)
{
$UID = $row['UserID'];
$Username = $row['UserName'];
$Unitno = $row['UnitNo'];
$Cont = $row['Contact'];
$PW = $row['Password'];
$UEmail = $row['UserEmail'];
$UPay = $row['UPayment'];
$JD = $row['JoinDate'];
$PD = $row['PayDate'];
renderForm($UID, $Username, $Unitno, $Cont, $PW, $UEmail, $UPay, $JD, $PD, '');
}
else
{
echo "No result";
}
}
else
{
echo 'Error';
}
}?>
答案 0 :(得分:1)
你应该打印出sql语句:
$sql = "UPDATE User SET UserName='$UserName', UnitNo='$UnitNo', Contact='$Contact', Password='$Password', UserEmail='$UEmail', UPayment='$UPayment', JoinDate='$JoinDate', PayDate='$PayDate' where UserID = $UserID";
echo "MY QUERY: ".$sql;
mysql_query($sql) or die(mysql_error());
header("Location:user.php");
请发布您的结果,我想我们可以轻松检测到错误。
更新:确保$UserID
已定义(非空)并添加分号:
$sql = "UPDATE User SET UserName='$UserName', UnitNo='$UnitNo', Contact='$Contact', Password='$Password', UserEmail='$UEmail', UPayment='$UPayment', JoinDate='$JoinDate', PayDate='$PayDate' where UserID = '$UserID' ;";
答案 1 :(得分:1)
我看到两个错误。
$_POST['UserID']
,但您没有名为UserID的字段,只有UID。$UserID
的变量,但此变量仅由其他代码路径设置,因此当UPDATE运行时,它尚未初始化,因此可能是一个空字符串我认为这是造成问题的第二个问题。您的UPDATE语句可能以where UserID =
结尾。但是,正如其他人所说,唯一可以确定的方法是打印出你的查询,看看它有什么问题。
通常,要调试SQL问题,您应该:
答案 2 :(得分:0)
将where UserID = $UserID"
替换为where UserID = '$UserID';"
不要忘记这些引号和分号