无法更新表PDO更新

时间:2016-02-26 17:56:20

标签: php mysql database pdo

我正在尝试使用PDO更新数据库中的表。目前我正在提交表单,除了白色屏幕外什么都没有,我已经启用了所有错误报告选项,但仍然只是一个白色的屏幕..我一直在盯着代码感觉像是一辈子仍然可以解决这个问题。推进正确的方向将非常感谢...谢谢

require('includes/config.php'); 

//if not logged in redirect to login page
if(!$user->is_logged_in()){ header('Location: login.php'); } 

$signedin = $_SESSION['username'];

$sql = "UPDATE member SET firstname = :firstname, 
            lastname = :lastname, 
            username = :username,  
            email = :email,
            age = :age,    
            country = :country  
            where username = $signedin";
$stmt = $db->prepare($sql);                                  
$stmt->bindParam(':firstname', $_POST['firstname'], PDO::PARAM_STR);       
$stmt->bindParam(':lastname', $_POST['$lastname'], PDO::PARAM_STR);    
$stmt->bindParam(':username', $_POST['username'], PDO::PARAM_STR);
// use PARAM_STR although a number  
$stmt->bindParam(':email', $_POST['email'], PDO::PARAM_STR); 
$stmt->bindParam(':age', $_POST['age'], PDO::PARAM_STR);   
$stmt->bindParam(':country', $_POST['country'], PDO::PARAM_INT);   
$stmt= $db->execute($sql);
?>

2 个答案:

答案 0 :(得分:2)

execute()函数不需要$sql(您在prepare()中提供的内容)

$stmt->execute();

接下来,您应该将所有数据传递到准备好的声明中,否则您将失去目的(这是最大的安全性)。所以,让我们删除

$sql = "UPDATE member SET firstname = :firstname, 
            lastname = :lastname, 
            username = :username,  
            email = :email,
            age = :age,    
            country = :country  
            where username = :username";
//snip
$stmt->bindParam(':username', $_SESSION['username'], PDO::PARAM_STR);  

答案 1 :(得分:1)

您需要where clause中的引号。

$sql = "UPDATE member SET firstname = :firstname, 
        lastname = :lastname, 
        username = :username,  
        email = :email,
        age = :age,    
        country = :country  
        where username = '$signedin'";

此外,最好通过ID进行更新,因为它是唯一的。