我查看过以前的问题,但无济于事。我有一个PHP脚本,我从请求流中提取信息并尝试进行更新:
<?php
include 'database_conn.php';
$pCDTitle = filter_has_var(INPUT_GET, 'title') ? $_GET['title']: null;
$pPrice = filter_has_var(INPUT_GET, 'price') ? $_GET['price']: null;
$pYear = filter_has_var(INPUT_GET, 'year') ? $_GET['year']: null;
$pcdID = filter_has_var(INPUT_GET, 'cdID') ? $_GET['cdID']: null;
$pCDTitle = isset($_REQUEST['title']) ? $_REQUEST['title'] : null;
$pYear = isset($_REQUEST['year']) ? $_REQUEST['year'] : null;
$pPrice = isset($_REQUEST['price']) ? $_REQUEST['price'] : null;
$pcdID = isset($_REQUEST['cdID']) ? $_REQUEST['cdID'] : null;
$pCDTitle = trim($pCDTitle);
$pYear = trim($pYear);
$pPrice = trim($pPrice);
$pCDTitle = filter_var($pCDTitle, FILTER_SANITIZE_STRING);
$pCDTitle = filter_var($pCDTitle, FILTER_FLAG_NO_ENCODE_QUOTES);
$pCDTitle = filter_var($pCDTitle, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$pYear = filter_var($pYear, FILTER_SANITIZE_STRING);
$pYear = filter_var($pYear, FILTER_FLAG_NO_ENCODE_QUOTES);
$pYear = filter_var($pYear, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$pPrice = filter_var($pPrice, FILTER_SANITIZE_STRING);
$pPrice = filter_var($pPrice, FILTER_FLAG_NO_ENCODE_QUOTES);
$pPrice = filter_var($pPrice, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$sql = "UPDATE `nmc_cd` SET `CDTitle` = '$pCDTitle', `CDYear` = '$pYear', `CDPrice` = $pPrice WHERE CDID=$pcdID";
mysqli_query($conn, $sql)
or die(mysqli_error($conn));
if(mysqli_affected_rows($conn)>0)
{
echo "Update succesful. Affected rows:".mysqli_affected_rows($conn);
echo "<a href='administrator.php'>Return to Admin Area</a>";
}
else
mysqli_close($conn);
?>
我无法查看代码或SQL语法的任何问题,但我一直收到此错误:
&#34;您的SQL语法出错了;查看与您的MySQL服务器版本对应的手册,以获得正确的语法,以便在&#39; WHERE CDID = 657&#39;附近使用。在第1行&#34;
任何人都可以协助我出错的地方。我也试过把&#39; 1&#39;在WHERE之后?