在表格行中查找值,如果在那里,则更新它

时间:2013-07-01 03:02:22

标签: php mysql sql

我正试图在我的桌子上找到一个人并更新他们的分数。这是我现在的代码。由于某种原因,它不起作用。它不会改变人的分数,而只会创建一个与该人名相同的新行。

$name = $_POST["strtolower(name)"];
$team = $_POST["team"];
$num = $_POST["number"];
$goals = $_POST["goals"];

if($query = mysqli_query("SELECT goals FROM goalscorers WHERE name=$name ", $db)){
  while($row = mysqli_fetch_assoc($query)){
    $origgoals = $row['goals'];
    $newgoals = (int)$origgoals + (int)$goals;
    mysqli_query($db, "UPDATE goalscorers SET goals=$newgoals WHERE name=$name ");
    echo "<h1>Thank you for submitting your details! <br /> <a href=\"goalscorers.php\">Add another</a></h1>";
  }
  mysqli_free_result($query);
}
else {
    $query = "INSERT INTO goalscorers (name, team, num, goals) VALUES ('$name','$team','$num','$goals') ";
    $result = mysqli_query($query, $db);
    if (mysqli_error()) { print "Database ERROR: " . mysql_error(); } 

    echo "<h1>Thank you for submitting your details! <br /> <a href=\"goalscorers.php\">Add another</a></h1>";
}

我对PHP和MySQL都很陌生,所以这可能是一个基本的错误。

另外,我已经连接到数据库了。

1 个答案:

答案 0 :(得分:1)

您的直接问题是您的sql查询中没有字符串值的引号。变化

"SELECT goals FROM goalscorers WHERE name=$name "


"SELECT goals FROM goalscorers WHERE name = '$name'"
                                            ^     ^


"UPDATE goalscorers SET goals=$newgoals WHERE name=$name "


"UPDATE goalscorers SET goals=$newgoals WHERE name = '$name'"
                                                     ^     ^

旁注:了解并使用prepared statements。您的代码容易受到SQL注入攻击。

UPDATE1 :您可以使用INSERT ... ON DUPLICATE KEY UPDATE大幅简化代码。为了使其正常工作,您必须在name列上具有UNIQUE(PRIMARY KEY)索引。 然后,您的insert语句应该看起来像

INSERT INTO goalscorers (`name`, `team`, `num`, `goals`)
VALUES (?, ?, ?, ?)
ON DUPLICATE KEY UPDATE goals = goals + VALUES(goals)

这是 SQLFiddle 演示

UPDATE2:现在您的代码INSERT ... ON DUPLICATE KEY UPDATE和预备语句可能如下所示

$name  = $_POST['name'];
$team  = $_POST['team'];
$num   = $_POST['number'];
$goals = $_POST['goals'];

/* connect to the database*/
$db = new mysqli('localhost', 'user', 'userpwd', 'test');
/* check connection */
if ($db->connect_errno) {
    die('Connection failed: ' .$db->connect_error);
}

$sql = 'INSERT INTO goalscorers (`name`, `team`, `num`, `goals`)
        VALUES (?, ?, ?, ?)
        ON DUPLICATE KEY UPDATE goals = goals + VALUES(goals)';
/* create a prepared statement */
if ($stmt = $db->prepare($sql)) {
    /* bind parameters for markers */
    $stmt->bind_param("ssii", $name, $team, $num, $goals);
    /* execute query */
    if ($stmt->execute()) {
        echo '<h1>Thank you for submitting your details! <br /> <a href="goalscorers.php">Add another</a></h1>';
    } else {
        die('Insert failed: ' .$db->error);    
    }
    /* close statement */
    $stmt->close();
} else {
    die('Statement prepare failed: ' .$db->error);    
}
相关问题
最新问题