带有$ var数据的SQL Update列

时间:2014-02-19 09:09:31

标签: php mysql 

$newCity = $_POST['city'];

$set = mysqli_query($con, "UPDATE users SET city = '$newCity' WHERE username = '$theUser'");

我正在尝试使用变量值更新mySql列到UPDATE。 但是当我检查该值时,它会更新,但是一旦我刷新执行,它就会将值更改为NULL

修改:$theUser = a working session username

2 个答案:

答案 0 :(得分:4)

尝试:

if(isset($_POST['city'])){
 $newCity = $_POST['city'];
 $set = mysqli_query($con, "UPDATE users SET city = '$newCity' WHERE username = '$theUser'");
}

另外,请在将用户输入传递给查询之前尝试过滤。

答案 1 :(得分:0)

if(isset($_POST['city'])){
   $newCity = mysqli_real_escape_string($_POST['city']);
   $theUser = mysqli_real_escape_string($userUser); // assuming you haven't escaped it already.
   $query = "UPDATE users SET city = '$newCity' WHERE username = '$theUser'";
   $set = mysqli_query($con, $query);
}
相关问题
最新问题