Question

我正在使用Ajax来收集winsReddit，LosingReddit以及胜出和失败照片等数据。然后PHP脚本（下面）将其发送到MySQL表。 “赢”和“输”列每次应增加1。

由于某种原因，此脚本不会保存到数据库中。我究竟做错了什么？我错过了什么吗？

<?php
if(isset ($_POST['action'])) {

include( 'connection.php');

$winnerLink = $_POST['winnerReddit'];
$loserLink = $_POST['losingReddit'];
$win = $_POST['win'];
$lose = $_POST['lose'];


mysql_query("UPDATE $winnerLink SET win = win + 1 WHERE imagelink = '$win'");
mysql_query("UPDATE $loserLink SET lose = lose + 1 WHERE imagelink = '$lose'");

}

?>

这是我正在使用的Ajax代码：

    $.ajax({
        url: 'http://website.com/vote.php',
        method: 'POST',
        data: {
            action: 'save',
            win: chosenURL,
            lose: chosenURL,
            winnerReddit: $(this).attr('id'),
            losingReddit: $(this).siblings('div').attr('id')
        },
        success: function(data) {
            alert('sent');
        },
        error: function() {
            alert('nope')
        }
    });
})
})

Answer 1

替换此

mysql_query("UPDATE $winnerLink SET win = win + 1 WHERE imagelink = $win");
mysql_query("UPDATE $loserLink SET lose = lose + 1 WHERE imagelink = $lose");

准备好这份声明：

$stmt = mysqli_prepare("UPDATE ? SET win = win + 1 WHERE imagelink = ?");
$stmt->bind_param("ss", $_POST['winnerReddit'], $_POST['win']);
$stmt->execute();
$stmt->close();

$stmt = mysqli_prepare("UPDATE ? SET lose = lose + 1 WHERE imagelink = ?");
$stmt->bind_param("ss", $_POST['losingReddit'], $_POST['lose']);
$stmt->execute();
$stmt->close();

您还需要确保拥有connected to a database。

PHP没有插入SQL列

1 个答案: