if($_POST['submit'])
{
$Day1 = $_POST['day1'];
$Day2 = $_POST['day2'];
$Day3 = $_POST['day3'];
$Day4 = $_POST['day4'];
$Day5 = $_POST['day5'];
$Day6 = $_POST['day6'];
$Day7 = $_POST['day7'];
$Day8 = $_POST['day8'];
$Day9 = $_POST['day9'];
$Day10 = $_POST['day10'];
$Day11 = $_POST['day11'];
$Day12 = $_POST['day12'];
$Day13 = $_POST['day13'];
$Day14 = $_POST['day14'];
$query_update = ("UPDATE user_glucose SET (Day1='$Day1',Day2='$Day2',Day3='$Day3',Day4='$Day4',Day5='$Day5',Day6='$Day6',Day7='$Day7',Day8='$Day8',Day9='$Day9',Day10='$Day10',Day11='$Day11',Day12='$Day12',Day13='$Day13',Day14='$Day14') WHERE username='$username'");
$result_update = mysql_query($query_update);
echo "Data Successfully Updated !";
echo"<p>";
echo mysql_error();
echo"</p>";
}
我正在尝试将表单中的值更新为名为“user_glucose”的表。 但每当我点击提交时,弹出这个错误:
您的SQL语法有错误;查看与您的MySQL服务器版本对应的手册,以便在'(Day1 ='10',Day2 ='10',Day3 ='0',Day4 ='0',Day5 ='0',Day6附近使用正确的语法='0',Day7 ='0',Day8 ='0',Day9 ='第1行
我是PHP和MySQL编程的新手,我不知道是什么问题。请帮忙。谢谢。
答案 0 :(得分:1)
删除SET值周围的括号:
UPDATE user_glucose SET Day1='$Day1', ...
您的代码极易受到注入攻击。您应该使用PDO或mysqli正确参数化查询。
答案 1 :(得分:1)
您不需要在UPDATE查询中使用括号,只需更改为
$query_update = ("UPDATE user_glucose SET Day1='$Day1',Day2='$Day2',Day3='$Day3',Day4='$Day4',Day5='$Day5',Day6='$Day6',Day7='$Day7',Day8='$Day8',Day9='$Day9',Day10='$Day10',Day11='$Day11',Day12='$Day12',Day13='$Day13',Day14='$Day14' WHERE username='$username'");
然后我想告诉您,您有sql injection的风险,请查看How can I prevent SQL injection in PHP?。您应该使用准备好的法规来避免任何风险
答案 2 :(得分:1)
尝试:
$query_update = "UPDATE user_glucose SET Day1='$Day1',Day2='$Day2',Day3='$Day3',Day4='$Day4',Day5='$Day5',Day6='$Day6',Day7='$Day7',Day8='$Day8',Day9='$Day9',Day10='$Day10',Day11='$Day11',Day12='$Day12',Day13='$Day13',Day14='$Day14' WHERE username='$username'";