PHP mysqli_stmt_execute()错误

时间:2014-12-18 16:38:49

标签: php sql

当我尝试提交表单时,我收到以下错误:

Warning: mysqli_stmt_execute() expects parameter 1 to be mysqli_stmt, boolean given in                 /Applications/MAMP/htdocs/phpv1/v1/editprofilephp.php on line 66

Warning: mysqli_stmt_affected_rows() expects parameter 1 to be mysqli_stmt, boolean given in /Applications/MAMP/htdocs/phpv1/v1/editprofilephp.php on line 68
Error Occurred

Warning: mysqli_error() expects exactly 1 parameter, 0 given in /Applications/MAMP/htdocs/phpv1/v1/editprofilephp.php on line 83

Warning: mysqli_stmt_close() expects parameter 1 to be mysqli_stmt, boolean given in /Applications/MAMP/htdocs/phpv1/v1/editprofilephp.php on line 85

我已经检查了所有其他帖子,但是我没有提到相同的错误。

我的PHP是:

<?php 
session_start();

if(isset($_POST['submit'])){



$data_missing = array();    

if(empty($_POST['aboutme'])){

    // Adds name to array
    $data_missing[] = 'aboutme';

} else {

    // Trim white space from the name and store the name
    $aboutme = trim($_POST['aboutme']);

}

if(empty($_POST['full_name'])){

    // Adds name to array
    $data_missing[] = 'full_name';

} else {

    // Trim white space from the name and store the name
    $full_name = trim($_POST['full_name']);

}

if(empty($_POST['friend'])){

    // Adds name to array
    $data_missing[] = 'friend';

} else {

    // Trim white space from the name and store the name
    $friend = trim($_POST['friend']);

}





    if(empty($data_missing)){
    $id = $_SESSION["user_id"];    

    require_once('mysqli_connect.php');

    $query = "UPDATE userprofile SET full_name='{$full_name}' aboutme='{$aboutme}'  friend='{$friend}' WHERE id='{$id}' LIMIT 1";

    $stmt = mysqli_prepare($dbc, $query);


    //i Interger
    //d Doubles         
    //s Everything Else



    mysqli_stmt_execute($stmt);

    $affected_rows = mysqli_stmt_affected_rows($stmt);

    if($affected_rows == 1){

        echo 'Student Entered';



        mysqli_stmt_close($stmt);

        mysqli_close($dbc);

    } else {

        echo 'Error Occurred<br />';
        echo mysqli_error();

        mysqli_stmt_close($stmt);

        mysqli_close($dbc);

    }

} else {

    echo 'You need to enter the following data<br />';

    foreach($data_missing as $missing){

        echo "$missing<br />";

    }

}

}else {
echo mysqli_error();
}         

?>        

我之前在网站的前几节中使用过此代码用于不同的目的,我没有遇到任何问题。我花了很长时间试图找出错误而没有成功,所以我决定在这里问。

2 个答案:

答案 0 :(得分:2)

错误是由SQL中的错误引起的;由于错误,声明无法准备。

您的查询:

$query = "UPDATE userprofile SET full_name='{$full_name}' aboutme='{$aboutme}'  friend='{$friend}' WHERE id='{$id}' LIMIT 1";

您错过了列之间的逗号:

$query = "UPDATE userprofile SET full_name='{$full_name}', aboutme='{$aboutme}',  friend='{$friend}' WHERE id='{$id}' LIMIT 1";

而且,对于它的价值,您没有正确使用预准备语句 - 您仍然将值直接设置到易于SQL注入的查询中。

尝试更新至:

$query = "UPDATE userprofile SET full_name=?, aboutme=?,  friend=? WHERE id=? LIMIT 1";
$stmt = mysqli_prepare($dbc, $query);
if ($stmt) {
    mysqli_stmt_bind_param($stmt, "sssi", $full_name, $aboutme, $friend, $id);
    mysqli_stmt_execute($stmt);
    // the rest of your code
}

答案 1 :(得分:0)

我尝试了此答案,但不适用于我的案例,我的PHP代码中的问题是

$purchased_date = date('Y-m-d', strtotime($_POST['pdate']));

当我检查数据库时,我发现它仅存储Year并在看到它后停止-

所以它返回错误,我们应该得到这样的日期

$purchased_date = date('Ymd', strtotime($_POST['pdate']));

对不起,如果我语法错误