我的专栏不是空白但我收到此错误:'where子句'中的未知列''

时间:2013-02-15 23:23:40

标签: php mysql

我知道列npi存在,所以我不确定为什么我会收到此错误;我在这里读过其他一些帖子,但没有什么对我有用。在我的where子句中,我尝试了反引号和单引号,但没有用。任何帮助将不胜感激。谢谢。 

 <?php
    include('config.php');
    if (isset($_GET['insurance_id']) ) {
    $insurance_id = (string) $_GET['insurance_id'];
    if (isset($_POST['submitted'])) {
    foreach($_POST AS $key => $value) { $_POST[$key] = mysql_real_escape_string($value); }
    $sql = ("UPDATE `doctor_data` SET `dr_first_name` = '{$_POST['dr_first_name']}', `dr_last_name` = '{$_POST['dr_last_name']}' where npi='$npi'");

    mysql_query($sql) or die(mysql_error());
    echo (mysql_affected_rows()) ? "Edited Record.<br />" : "Nothing changed. <br />";
    echo "<a href='index.php?id=28&insurance_id=($REQUEST:insurance_id)'>Back To List</a>";
    }
    $row = mysql_fetch_array ( mysql_query("SELECT * from `doctor_data`"));
    ?>

    <form action='' method='POST'>
    <p><b>Doctor:</b><br /><input type='text' name='dr_first_name' value='<?= stripslashes($row['dr_first_name']) ?>' /> <input type='text' name='dr_last_name' value='<?= stripslashes($row['dr_last_name']) ?>' />
    <p><input class="btn btn-success" type='submit' value='Update Record' /><input type='hidden' value='1' name='submitted' />
    </form>
    <? } ?>

此外,数据在发布后保存在表单上,​​但不会保存到数据库中,按下发布按钮后,我会收到标题中发布的错误消息。 

-- phpMyAdmin SQL Dump
-- version 3.4.11.1
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generation Time: Feb 15, 2013 at 05:50 PM
-- Server version: 5.5.23
-- PHP Version: 5.2.17

SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";


/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;

--
-- Database: `anag_demo`
--

-- --------------------------------------------------------

--
-- Table structure for table `doctor_data`
--

CREATE TABLE `doctor_data` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `npi` int(11) DEFAULT NULL,
  `dr_first_name` varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL,
  `dr_last_name` varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL,
  PRIMARY KEY (`id`),
  KEY `npi` (`npi`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=17 ;

/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;

1 个答案:

答案 0 :(得分:1)

试试这个:

$nameFirst = $_POST['dr_first_name'];
$nameLast = $_POST['dr_last_name'];

$sql = "UPDATE doctor_data SET dr_first_name = '$nameFirst', dr_last_name = '$nameLast' where npi = '$npi'";

字符串格式不正确b / c您有一系列单引号,一些用于表示传递给mysql的字符串,另一些用于指示关联数组引用的键。如评论中所述,您应该查看PDObindValue

- 更新 -

你有可能在姓氏中有一个撇号,导致破损。您应始终清理 vars传递给mysql,以确保恶意用户不会尝试执行恶意命令。你使用弃用的mysql api,你应该至少转移到mysqli或者更好的pdo,如上所述。无论如何,试试这个:

$nameFirst = mysql_real_escape_string($_POST['dr_first_name']);
$nameLast = mysql_real_escape_string($_POST['dr_last_name']);
相关问题
最新问题