为什么我的PHP代码不更新SQL

时间:2013-12-18 18:43:19

标签: php sql

有谁知道为什么这个PHP代码没有更新列pictures它会更新其余部分,但只是不是图片列更新用户信息所以电子邮件地址,密码和图片我是非常新的PHP所以我真的不知道在寻找错误

时要寻找什么 
    <?php 

    require("common.php"); 

    if(empty($_SESSION['user'])) 
    { 
        header("Location: login.php"); 

        die("Redirecting to login.php"); 
    } 

    if(!empty($_POST)) 
    { 
        if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) 
        { 
            die("Invalid E-Mail Address"); 
        } 

        if($_POST['email'] != $_SESSION['user']['email']['picture']) 
        { 
            $query = " 
                SELECT 
                    1 
                FROM users 
                WHERE 
                    email = :email
                    picture = :picture
            "; 

            $query_params = array( 
                ':email' => $_POST['email'] 
            ); 

            try 
            { 
                $stmt = $db->prepare($query); 
                $result = $stmt->execute($query_params); 
            } 
            catch(PDOException $ex) 
            { 
                die("Failed to run query: " . $ex->getMessage()); 
            } 

            $row = $stmt->fetch(); 
            if($row) 
            { 
                die("This E-Mail address is already in use"); 
            } 
        } 

        if(!empty($_POST['password'])) 
        { 
            $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647)); 
            $password = hash('sha256', $_POST['password'] . $salt); 
            for($round = 0; $round < 65536; $round++) 
            { 
                $password = hash('sha256', $password . $salt); 
            } 
        } 
        else 
        { 
            $password = null; 
            $salt = null; 
        } 

        $query_params = array( 
            ':email' => $_POST['email'], 
            ':user_id' => $_SESSION['user']['id'], 
            ':picture' => $_POST['picture'], 
        ); 

        if($password !== null) 
        { 
            $query_params[':password'] = $password; 
            $query_params[':salt'] = $salt; 
        } 

        $query = " 
            UPDATE users 
            SET 
                email = :email 
                picture = :picture
        "; 

        if($password !== null) 
        { 
            $query .= " 
                , password = :password 
                , salt = :salt 
            "; 
        } 

        $query .= " 
            WHERE 
                id = :user_id 
        "; 

        try 
        { 
            // Execute the query 
            $stmt = $db->prepare($query); 
            $result = $stmt->execute($query_params); 
        } 
        catch(PDOException $ex) 
        { 
            die("Failed to run query: " . $ex->getMessage()); 
        } 

        $_SESSION['user']['email']['picture'] = $_POST['email']; 

        header("Location: private.php"); 

        die("Redirecting to private.php"); 
    } 

?>

2 个答案:

答案 0 :(得分:3)

您错过了,

$query = " 
    UPDATE users 
    SET 
        email = :email 
        picture = :picture
";

您需要将其更改为

$query = " 
    UPDATE users 
    SET 
        email = :email, 
        picture = :picture
";

答案 1 :(得分:2)

您错过了逗号:在您的UPDATE语句中发送电子邮件。

$query = " 
            UPDATE users 
            SET 
                email = :email 
                picture = :picture
        ";

应该是

$query = " 
        UPDATE users 
        SET 
            email = :email,  
            picture = :picture
    ";

编辑:除此之外,您还缺少第一个查询中的参数:

        $query = " 
            SELECT 
                1 
            FROM users 
            WHERE 
                email = :email
                picture = :picture
        "; 

        $query_params = array( 
            ':email' => $_POST['email'] 
        );

请注意您是如何申请:在您的查询参数中使用电子邮件,但您的查询需要:电子邮件和:图片。

您需要从picture = :picture移除$query或将':picture' => $_POST['picture']添加到$query_params

相关问题
最新问题