Mysql_query'where子句'中的未知列'name'

时间:2013-09-03 01:07:40

标签: php mysql sql

stackoverflow这是我的第一篇文章:D。 现在开始营业,我正在创建一个私人游戏网站,它将提取IP地址(不确定这是否合法,但我希望代码完成,以防万一,所以我可以放置我的网站并将它们存储在mysql数据库中,因为名称已经在表中。我有一个表单获取用户输入,即该人的姓名:

                <form action="/PHP/MembersIP.php" method="post">
                In Game Name: <input type="text" name="Name">
                <input type="submit">

我有我的外部php文件:

            //the queries are written into their values
            $selectname = "SELECT * from Members WHERE Name = " . $_POST['Name'];
            $updateIP = "UPDATE Members SET IP = " . $_SERVER['REMOTE_ADDR'] . "WHERE Name = " . $_POST['Name'];

            //check if the name is valid, if so add ip address in the row of the name given
            if (!mysql_query($selectname) ) {
            die('Your in game name was not found inside the database. Please check for misspellings, and try again. If problem persists please contact a guild official, or site manager. Inform them of the error: ' . mysql_error());
            } else {mysql_query($updateIP);}

为名称输入假值时,测试时我得到了正确的字符串:

 Your in game name was not found inside the database. Please check for misspellings, and try again.If problem persists please contact a guild official, or site manager. Inform them of the error: Unknown column 'lol' in 'where clause'

但是由于错误代码看起来很奇怪,我在我的数据库中输入了一个真实姓名,同样的事情出现了:

 Your in game name was not found inside the database. Please check for misspellings, and try again. If problem persists please contact a guild official, or site manager. Inform them of the error: Unknown column 'name' in 'where clause'

所以我知道这是我的第一个查询(第二个问题也会失败,因为我以同样的方式做了),这对于调用列而言是错误的#34; Name&#34;并找到值$_POST["Name"]。我只是想不通,所以有人可以帮忙,并解释一下。对于任何提示,请等到我得到我的解释,然后再向我提供您的其他信息。

谢谢

编辑:

谢谢大家,我解决了这个问题。当我最初编写脚本时,它给了我错误,我将其更改为:

SELECT * from Members WHERE Name = '" . $_POST['Name'] . "';"; 

由于我没有成功条款,它给了我一个空白页面,所以我认为它有效。我检查了我的表,ip单元格仍然是空白的,所以我认为它根本没有运行,所以我带着错误代码回到root的底部并搜索代码的问题,但我无法&#39 ;找到任何问题,除了我刚刚修复的那个没有&#34;工作&#34;。那是所有代码停止对我有意义的时刻,我来到这里发帖。但在查看其他答案后,我注意到我需要一个脚本来测试是否有任何代码运行,所以我添加了一个成功脚本,然后我重新测试:

SELECT * from Members WHERE Name = '" . $_POST['Name'] . "';";

我注意到我有其他代码,我写的方式与弹出错误相同:

UPDATE Members SET IP = " . $_SERVER['REMOTE_ADDR'] . "WHERE Name = " . $_POST['Name'];

最后,我添加了成功脚本并编辑了两个查询,并且成功了。这是更新的php:

$selectname = "SELECT * from Members WHERE Name = '" . $_POST['Name'] . "';" ;
$updateIP = "UPDATE Members SET IP = '" . $_SERVER['REMOTE_ADDR'] . "' WHERE Name = '" . $_POST['Name'] . "';";
if (!mysql_query($selectname) )
{
    die('Your in game name was not found inside the database. Please check for misspellings, and try again. If problem persists please contact a guild official, or site manager. Inform them of the error: ' . mysql_error());
}
else
{
    mysql_query($updateIP); 
    echo "Thank you " . $_POST['Name'] . ", this device's Ip Address has been saved. You may now edit your account, and use guild resources from this device.";
}

故事的道德总是为测试代码添加字符串。所有人

1 个答案:

答案 0 :(得分:-1)

如何将值放在Name = 'test'

之类的引号中

在您的情况下,查询将是......

"SELECT * from Members WHERE Name = '" . $_POST['Name'] . "'";