我不能为我的生活弄清楚为什么以下不会更新记录。它给了我一个成功的消息,但实际上并没有更新记录。我已经完成了很多修改,并尝试了我能想到的一切。其他人可以看到问题所在吗?
<?php
$id = $_POST['id'];
$username = $_POST['username'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$company = $_POST['company'];
$rep1 = $_POST['rep1'];
$rep2 = $_POST['rep2'];
$rep3 = $_POST['rep3'];
$phone = $_POST['phone'];
$fax = $_POST['fax'];
$cell = $_POST['cell'];
$service = $_POST['service'];
$license = $_POST['license'];
$expdate = $_POST['expdate'];
$active = $_POST['active'];
$userlevel = $_POST['userlevel'];
$host="XXXXXXX"; // Host name
$username="XXXXXX"; // Mysql username
$password="XXXXXXX"; // Mysql password
$db_name="XXXXXXX"; // Database name
$tbl_name="users"; // Table name
// Connect to server and select database.
$con = mysqli_connect("$host", "$username", "$password","$db_name")or die("cannot connect");
// update data in mysql database
$sql="UPDATE $tbl_name SET id='".$id."', fname='".$fname."', lname='".$lname."', email='".$email."', company='".$company."', rep1='".$rep1."', rep2='".$rep2."', rep3='".$rep3."', phone='".$phone."', fax='".$fax."', cell='".$cell."', service='".$service."', license='".$license."', expdate='".$expdate."', active='".$active."', userlevel='".$userlevel."'".
"WHERE id = '".$id."'";
$result=mysqli_query($con,$sql);
// if successfully updated.
if($result){
$emailID = "info@domain.com";
$subject = "Registration notification from. $fname . through website";
$body = <<<EOD
<table cellspacing="0" cellpadding="1" border="1">
<tbody>
<tr>
<td style="padding: 5px 10px;" width="150">Name: </td>
<td style="padding: 5px 10px;">$fname $lname</td>
</tr>
<tr>
<td style="padding: 5px 10px;" width="150">Mobile: </td>
<td style="padding: 5px 10px;">$cell</td>
</tr>
<tr>
<td style="padding: 5px 10px;" width="150">Email: </td>
<td style="padding: 5px 10px;">$email</td>
</tr>
<tr>
<td style="padding: 5px 10px;" width="150">License Number: </td>
<td style="padding: 5px 10px;">$license</td>
</tr>
</tbody>
</table>
EOD;
$headers = "From: info@domain.com\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=\"iso-8859-1\"\n";
$headers .= "X-Priority: 1\r\n";
$headers .= "X-MSMail-Priority: High\n";
$headers .= "X-Mailer: PHP". phpversion() ."\r\n";
mail($emailID, $subject, $body, $headers );
echo "<h4>Thank you for updating your account info. We will authorize your account and notify you once we have verified your license number and expiration.</h4>";
}
else {
echo "ERROR";
}
?>
答案 0 :(得分:4)
您的上一个值后面没有空格,因此where关键字“卡住”了。
只需在where之前添加一个空格,您就可以了:
$sql="UPDATE $tbl_name SET id='".$id."', fname='".$fname."', lname='".$lname."', email='".$email."', company='".$company."', rep1='".$rep1."', rep2='".$rep2."', rep3='".$rep3."', phone='".$phone."', fax='".$fax."', cell='".$cell."', service='".$service."', license='".$license."', expdate='".$expdate."', active='".$active."', userlevel='".$userlevel."'".
" WHERE id = '".$id."'"; // Note the additional space here
答案 1 :(得分:3)
你的问题很普遍:一堆句子和额外的引号意味着你不能看到像你在查询中需要的空间。此外,您还没有在查询失败时生成mysql错误,这会有所帮助。
其他问题:你打字太多了。为什么在构造查询时为每个帖子值创建与键名称相同的变量?你还需要逃避你的价值观。
这是我的看法:
$con = mysqli_connect("$host", "$username", "$password","$db_name")or die("cannot connect");
$id=mysql_real_escape_string($id);
foreach($_POST as $k=>$v){
//exclude id
if($k!='id'){
//escape values
$escaped_value= mysql_real_escape_string($v);
//set up array for update query
$query_parts[]="$k='$escaped_value'";
//create variables with the same name as the key
${$k}=$v;
}
}
$sql="UPDATE $tbl_name SET ".implode(",",$query_parts)." $WHERE id = '$id' ";
$result=mysqli_query($con,$sql) or die(mysql_error());