使用PHP的MySQL更新:您的SQL语法有错误

时间:2015-06-21 23:35:17

标签: php mysql sql

我收到此错误: 您的SQL语法有错误;检查与MySQL服务器版本对应的手册,以便在第1行的“WHERE user_id = 1”附近使用正确的语法

我已尝试过''或“”,甚至'。 “。和“'。''”。

我发现它没有任何问题。请帮忙!

它应该更新MySQL数据库,但它只输出该错误。

<? 
    ob_start();
    $mid = $_GET['id'];
    include 'connect.php'; 

    if($_SESSION['signed_in'] == false | $_SESSION['user_level'] != 2)
    {
        header('Location: index.php');
    }
    ?>

    <!DOCTYPE html>
    <html lang="en">
    <head>
        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1.0">
        <title>Group 5 Waggle</title>

        <link rel="stylesheet" type="text/css" href="bootstrap/css/bootstrap.min.css" />
        <link rel="stylesheet" type="text/css" href="font-awesome/css/font-awesome.min.css" />
        <link rel="stylesheet" type="text/css" href="css/local.css" />

        <script type="text/javascript" src="js/jquery-1.10.2.min.js"></script>
        <script type="text/javascript" src="bootstrap/js/bootstrap.min.js"></script>   
    </head>
    <body>

        <div id="wrapper">
            <nav class="navbar navbar-inverse navbar-fixed-top" role="navigation">
                <div class="navbar-header">
                    <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-ex1-collapse">
                        <span class="sr-only">Toggle navigation</span>
                        <span class="icon-bar"></span>
                        <span class="icon-bar"></span>
                        <span class="icon-bar"></span>
                    </button>
                    <a class="navbar-brand" href="index.php">Waggle</a>
                </div>
                <div class="collapse navbar-collapse navbar-ex1-collapse">
                    <ul class="nav navbar-nav side-nav">
                    <? if($_SESSION['signed_in'] == true && $_SESSION['user_level'] == 2 ) { ?>
                        <li> &nbsp; </li>
                        <li><a href="add.php"><i class="fa fa-table"></i> Add User</a></li>
                        <li><a href="create.php"><i class="fa fa-tasks"></i> Cream Forums</a></li>
                    <? } ?>
                    </ul>
            <?
            if($_SESSION['signed_in'])
            { ?>
                    <ul class="nav navbar-nav navbar-right navbar-user">
                    <li class="dropdown user-dropdown">
                        <a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-user"></i> <?=htmlentities($_SESSION['user_name']); ?> <b class="caret"></b></a>
                        <ul class="dropdown-menu">
                            <li><a href="#"><i class="fa fa-user"></i> Profile</a></li>
                            <li><a href="#"><i class="fa fa-gear"></i> Edit Profile</a></li>
                            <li class="divider"></li>
                            <li><a href="logout.php"><i class="fa fa-power-off"></i> Logout</a></li>
                        </ul>
                    </li>
                    </ul>
            <? } ?>
                </div>
            </nav>

            <div id="page-wrapper">

                <div class="row">
                    <div class="col-lg-12">
                        <h1>Update <small>User</small></h1>
                    </div>
                </div>
                <p>&nbsp</p>
                <div class="row">

    <? if($_SERVER['REQUEST_METHOD'] != 'POST') { 
            $result1 = mysql_query("SELECT * FROM users WHERE user_id = '$mid'");
            $row = mysql_fetch_array($result1);
        ?>
                    <form method="post" action="">
                    <div class="col-lg-12">
                        <div>
                            <label for="firstname" class="col-md-2">
                                Full Name:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_name" class="form-control" id="firstname" value="<?=$row[user_name];?>">
                            </div>
                            <div class="col-md-1">
                                <i class="fa fa-lock fa-2x"></i>
                            </div>
                        </div>        
                        <div>
                            <label for="emailaddress" class="col-md-2">
                                Email address:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_email" class="form-control" id="emailaddress" value="<?=$row[user_email];?>">
                                <p class="help-block">
                                    Example: yourname@domain.com
                                </p>
                            </div>
                             <div class="col-md-1">
                                <i class="fa fa-lock fa-2x"></i>
                            </div>
                        </div>
                        <div>
                            <label for="password" class="col-md-2">
                                Password:
                            </label>
                            <div class="col-md-9">
                                <input type="password" name="user_pass" class="form-control" id="password" placeholder="Enter Password">
                                <p class="help-block">
                                    Min: 6 characters (Alphanumeric only)
                                </p>
                            </div>
                             <div class="col-md-1">
                                <i class="fa fa-lock fa-2x"></i>
                            </div>
                        </div>
                       <div>
                            <label for="password" class="col-md-2">
                                Password (again):
                            </label>
                            <div class="col-md-9">
                                <input type="password" name="user_pass_check" class="form-control" id="password" placeholder="Enter Password">
                                <p class="help-block">
                                    Min: 6 characters (Alphanumeric only)
                                </p>
                            </div>
                             <div class="col-md-1">
                                <i class="fa fa-lock fa-2x"></i>
                            </div>
                        </div>            
                        <div>
                            <label for="website" class="col-md-2">
                                Website:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_web"  class="form-control" id="website" value="<?=$row[user_web];?>">
                            </div>
                             <div class="col-md-1">

                            </div>
                        </div>
                        <div>
                            <label for="twitter" class="col-md-2">
                                Twitter:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_twitter"  class="form-control" id="twitter" value="<?=$row[user_twitter];?>">
                            </div>
                             <div class="col-md-1">

                            </div>
                        </div>
                        <div>
                            <label for="facebook" class="col-md-2">
                                Facebook:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_facebook"  class="form-control" id="facebook" value="<?=$row[user_facebook];?>">
                            </div>
                             <div class="col-md-1">

                            </div>
                        </div>
                        <div>
                            <label for="github" class="col-md-2">
                                Github:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_github"  class="form-control" id="github" value="<?=$row[user_github];?>">
                            </div>
                             <div class="col-md-1">

                            </div>
                        </div>
                        <div>
                            <label for="uploadimage" class="col-md-2">
                                Profile Image:
                            </label>
                            <div class="col-md-10">
                                <input type="file" name="uploadimage" id="uploadimage">
                                <p class="help-block">
                                    Allowed Formats: jpeg, jpg, gif, png
                                </p>
                            </div>          
                        </div>
                        <div>
                            <div class="col-md-2">
                            </div>
                            <div class="col-md-10">
                                <br />
                                <br />
                                 <button type="submit" class="btn btn-info">
                                    Save Profile 
                                </button>
                            </div>            
                        </div>
                    </div>
                    </form>
    <? }
    else {
        /* so, the form has been posted, we'll process the data in three steps:
            1.  Check the data
            2.  Let the user refill the wrong fields (if necessary)
            3.  Save the data 
        */
        $errors = array(); /* declare the array for later use */

        if(!isset($_POST['user_name']))
        {
            $errors[] = 'The username field must not be empty.';
        }


        if(isset($_POST['user_pass']))
        {
            if($_POST['user_pass'] != $_POST['user_pass_check'])
            {
                $errors[] = 'The two passwords did not match.';
            }
        }
        else
        {
            $errors[] = 'The password field cannot be empty.';
        }

        if(!empty($errors)) /*check for an empty array, if there are errors, they're in this array (note the ! operator)*/
        { ?>
                    <div class="col-lg-4">
                    <div class="alert alert-dismissable alert-danger">
                        <button type="button" class="close" data-dismiss="alert">&times;</button>
                        <ul>
                        <?
                        foreach($errors as $key => $value) {
                            echo '<li>' . $value . '</li>'; 
                        } 
                        ?>
                        </ul>
                    </div>
                    </div>
                    <br />
                    <form method="post" action="">
                    <div class="col-lg-12">
                        <div>
                            <label for="firstname" class="col-md-2">
                                Full Name:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_name" class="form-control" id="firstname" value="<?=$_POST['user_name'];?>">
                            </div>
                            <div class="col-md-1">
                                <i class="fa fa-lock fa-2x"></i>
                            </div>
                        </div>        
                        <div>
                            <label for="emailaddress" class="col-md-2">
                                Email address:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_email" class="form-control" id="emailaddress" value="<?=$_POST['user_email'];?>">
                                <p class="help-block">
                                    Example: yourname@domain.com
                                </p>
                            </div>
                             <div class="col-md-1">
                                <i class="fa fa-lock fa-2x"></i>
                            </div>
                        </div>
                        <div>
                            <label for="password" class="col-md-2">
                                Password:
                            </label>
                            <div class="col-md-9">
                                <input type="password" name="user_pass" class="form-control" id="password" placeholder="Enter Password">
                                <p class="help-block">
                                    Min: 6 characters (Alphanumeric only)
                                </p>
                            </div>
                             <div class="col-md-1">
                                <i class="fa fa-lock fa-2x"></i>
                            </div>
                        </div>
                       <div>
                            <label for="password" class="col-md-2">
                                Password (again):
                            </label>
                            <div class="col-md-9">
                                <input type="password" name="user_pass_check" class="form-control" id="password" placeholder="Enter Password">
                                <p class="help-block">
                                    Min: 6 characters (Alphanumeric only)
                                </p>
                            </div>
                             <div class="col-md-1">
                                <i class="fa fa-lock fa-2x"></i>
                            </div>
                        </div>            
                        <div>
                            <label for="website" class="col-md-2">
                                Website:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_web"  class="form-control" id="website" value="<?=$_POST['user_web'];?>">
                            </div>
                             <div class="col-md-1">

                            </div>
                        </div>
                        <div>
                            <label for="twitter" class="col-md-2">
                                Twitter:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_twitter"  class="form-control" id="twitter" value="<?=$_POST['user_twitter'];?>">
                            </div>
                             <div class="col-md-1">

                            </div>
                        </div>
                        <div>
                            <label for="facebook" class="col-md-2">
                                Facebook:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_facebook"  class="form-control" id="facebook" value="<?=$_POST['user_facebook'];?>">
                            </div>
                             <div class="col-md-1">

                            </div>
                        </div>
                        <div>
                            <label for="github" class="col-md-2">
                                Github:
                            </label>
                            <div class="col-md-9">
                                <input type="text" name="user_github"  class="form-control" id="github" value="<?=$_POST['user_github'];?>">
                            </div>
                             <div class="col-md-1">

                            </div>
                        </div>
                        <div>
                            <label for="uploadimage" class="col-md-2">
                                Profile Image:
                            </label>
                            <div class="col-md-10">
                                <input type="file" name="uploadimage" id="uploadimage">
                                <p class="help-block">
                                    Allowed Formats: jpeg, jpg, gif, png
                                </p>
                            </div>          
                        </div>
                        <div>
                            <div class="col-md-2">
                            </div>
                            <div class="col-md-10">
                                <br />
                                <br />
                                 <button type="submit" class="btn btn-info">
                                    Save Profile 
                                </button>
                            </div>            
                        </div>
                    </div>
                    </form>
        <? }
        else
        {
            $new_name = mysql_real_escape_string($_POST['user_name']);
            $new_pass = sha1($_POST['user_pass']);
            $new_email = mysql_real_escape_string($_POST['user_email']);
            $new_web = mysql_real_escape_string($_POST['user_web']);
            $new_twitter = mysql_real_escape_string($_POST['user_twitter']);
            $new_facebook = mysql_real_escape_string($_POST['user_facebook']);
            $new_github = mysql_real_escape_string($_POST['user_github']); 
            //the form has been posted without, so save it
            //notice the use of mysql_real_escape_string, keep everything safe!
            //also notice the sha1 function which hashes the password
            $sql = "UPDATE `users` SET `user_name` = '$new_name', `user_pass` = '$new_pass', `user_email` = '$new_email', `user_web` = '$new_web', `user_twitter` = '$new_twitter', `user_facebook` = '$new_facebook', `user_github` = '$new_github', `user_level` = '0', WHERE user_id = $mid";

            $result = mysql_query($sql);
            if(!$result)
            {
                //something went wrong, display the error
                echo $mid;
                echo '<div class="well well-lg">Something went wrong while registering. Please try again later.</div>';
                echo mysql_error(); //debugging purposes, uncomment when needed
            }
            else
            {
                header('Location: index.php');
            }
        }
    }
    ?>
                </div>
            </div>

        </div>    
    </body>
    </html>

1 个答案:

答案 0 :(得分:1)

您的问题出在此查询中:

$sql = "UPDATE `users` 
SET `user_name` = '$new_name', `user_pass` = '$new_pass', `user_email` = '$new_email', `user_web` = '$new_web', `user_twitter` = '$new_twitter', `user_facebook` = '$new_facebook', `user_github` = '$new_github', `user_level` = '0', WHERE user_id = $mid";

特别是在最后一部分:

`user_level` = '0', WHERE user_id = $mid";

应删除where之前的最后一个逗号。