无法更新数据库

时间:2014-10-30 09:00:03

标签: php sql 

<?php
    session_start();

    if (isset($_POST['userid']) && isset($_POST['password']))
    {
    // if the user has just tried to log in
    $userid = $_POST['userid'];
    $password = $_POST['password'];

    $db_conn = new mysqli('localhost', 'user', 'passwd', 'dbname');

    if (mysqli_connect_errno()) {
    echo 'Connection to database failed:'.mysqli_connect_error();
    exit();
    }

    $query = 'select * from users '
           ."where userid like'$userid' "
           ." and password like sha1('$password')";

    $result = $db_conn->query($query);


    if ($result->num_rows >0 )
    {
     // if they are in the database register the user id
     $_SESSION['valid_user'] = $userid;    
    }
    $db_conn->close();
    }
    ?>
    <?

     $db_conn = new mysqli('localhost', 'user', 'passwd', 'dbname');

    if (mysqli_connect_errno()) {
    echo 'Connection to database failed:'.mysqli_connect_error();
    exit();
    }


    if (isset($_POST['submit'])) {
    if (empty($_POST['name']) || empty ($_POST['dob']) || empty ($_POST['contact'])|| empty          ($_POST['address'])|| empty ($_POST['email'])) {
    echo "All records to be filled in";
    exit;}
    }
    $name = $_POST['name'];
    $dob = $_POST['dob'];
    $contact = $_POST['contact'];
    $address = $_POST['address'];
    $email = $_POST['email'];

    $userid = $_SESSION['valid_user'];
    $sql = "UPDATE users SET name=$name, dob=$dob, contact=$contact, address=$address, email=$email
    WHERE userid ='$userid'";
      $result = $db_conn->query($sql);
    if (!$result) 
        echo "Your query failed.";
    else
        echo "User Information Updated ";

?>
<meta http-equiv="refresh" content="5;URL=members.php" />

我跑的时候得到了your query failed。任何人都有任何线索为什么我的数据库不会更新?

我非常确定我的sql有效。我的编码有错吗?

3 个答案:

答案 0 :(得分:1)

您的查询没问题,除非您没有使用预准备语句。

问题在于你的变量。 echo他们,看看他们中有什么。

由于我们无权访问您的数据库,因此我们很难验证您的查询是否存在其他问题。例如,您可以创建SQL Fiddle

您应该阅读的其他内容:SQL Injection

Prepared statements看起来像这样:

<?php
$mysqli = new mysqli("localhost", "my_user", "my_password", "world");

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

$city = "Amersfoort";

/* create a prepared statement */
if ($stmt = $mysqli->prepare("SELECT District FROM City WHERE Name=?")) {

    /* bind parameters for markers */
    $stmt->bind_param("s", $city);

    /* execute query */
    $stmt->execute();

    /* bind result variables */
    $stmt->bind_result($district);

    /* fetch value */
    $stmt->fetch();

    printf("%s is in district %s\n", $city, $district);

    /* close statement */
    $stmt->close();
}

/* close connection */
$mysqli->close();
?>

答案 1 :(得分:-1)

看起来您的exist声明错误了。

 if (isset($_POST['submit'])) 
 {
    if (empty($_POST['name']) || empty ($_POST['dob']) || empty ($_POST['contact'])|| empty          ($_POST['address'])|| empty ($_POST['email'])) 
    {
        echo "All records to be filled in";
        **exit**;
    }
 }

答案 2 :(得分:-1)

引号丢失。代替

"UPDATE users SET name=$name, dob=$dob, contact=$contact, address=$address, email=$email WHERE userid ='$userid'"; try this
"UPDATE users SET name='$name', dob=$dob, contact=$contact, address=$address, email=$email WHERE userid ='$userid'";
相关问题
最新问题