我正在尝试编写一个脚本,该脚本从名为update.php的脚本接收更新的数据并更新数据库条目。 updated.php的代码:
<?php
ini_set("display_errors","on");
$dsn='mysql:host=localhost;dbname=inventory_form';
$username="****";
$password="*****";
$database="inventory_form";
$FName_val=$_POST['ud_first'];
$LName_val=$_POST['ud_last'];
$Eqpmnt_Brwd_val=$_POST['ud_Equipment_Borrowed'];
$Service_Tag_val=$_POST['ud_Service_Tag'];
$Date_Taken_val=$_POST['ud_Date_Taken'];
$Comments_val=$_POST['ud_Comments'];
$id_val=$_POST['ud_id'];
try
{
$link=new PDO($dsn, $username,$password);
echo 'Connected To MySQL OK';
}
catch (PDOException $e)
{
$error_message=$e->getMessage();
echo "<h1>An error occurred: $error_message</h1>";
}
$query = "UPDATE Inventory SET FName='$FName_val', LName='$LName_val', Eqmnt_Brwd='$Eqpmnt_Brwd_val', Service_Tag='$Service_Tag_val', Date_Taken='$Date_Taken_val', Comments='$Comments_val' WHERE id_val='$id_val'";
$result=$link->query($query);
echo "Record Updated";
echo $LName_val;
?>
我没有收到任何错误,看到LName_val打印出来但数据库没有更新。任何帮助表示赞赏。
答案 0 :(得分:1)
使用准备好的查询:
$stmt = $link->prepare("UPDATE Inventory
SET FName = :FName, LName = :LName, Eqmnt_Brwd = :Eqmnt_Brwd,
Service_Tag = :Service_Tag, Date_Taken = :Date_Taken, Comments = :Comments
WHERE id = :id");
$stmt->execute(array(
':FName' => $FName_val,
':LName' => $LName_val,
':Eqmnt_Brwd' => $Eqmnt_Brwd_val,
':Service_Tag' => $Service_Tag_val,
':Date_Taken' => $Date_Taken_val,
':Comments' => $Comments_val,
':id' => $id_val));
如果任何值包含引号,这将避免出现问题。
此外,您需要更改
WHERE id_val =
为:
WHERE id =