您的SQL语法有错误;检查与MySQL服务器版本对应的手册,以便在第1行的'WHERE username ='115110030''附近使用正确的语法
我努力但却无法解决问题,请帮我解决这个问题
<?php
if(isset($_POST['submit'])){
$username = $_SESSION['username'];
$name = $_POST['nama'];
$tempat_lahir = $_POST['tempat_lahir'];
$tgl_lahir = $_POST['tgl_lahir'];
$gender = $_POST['gender'];
$alamat = $_POST['alamat'];
$telp = $_POST['telp'];
$email = $_POST['email'];
$image_name = $_FILES['file']['name'];
$path = "assets/img/photo/" . $image_name;
$upload = move_uploaded_file($_FILES['file']['tmp_name'], $path);
if (empty($image_name))
{
$update = mysql_query("UPDATE users SET name='$name', tempat_lahir='$tempat_lahir', tanggal_lahir='$tgl_lahir', gender='$gender', alamat='$alamat', telp='$telp', email='$email', WHERE username='$username'") or die(mysql_error());
echo "<script>alert('Data Berhasil Di Update.'); window.location.assign('index.php');</script>";
}
else if(!empty($image_name))
{
$update = mysql_query("UPDATE users SET name='$name', tempat_lahir='$tempat_lahir', tanggal_lahir='$tgl_lahir', gender='$gender', alamat='$alamat', telp='$telp', email='$email', image='$image_name' WHERE username='$username'") or die(mysql_error());
echo "<script>alert('Data Berhasil Di Update.'); window.location.assign('index.php');</script>";
}
}
?>
答案 0 :(得分:0)
替换它:
$update = mysql_query("UPDATE users SET name='$name', tempat_lahir='$tempat_lahir', tanggal_lahir='$tgl_lahir', gender='$gender', alamat='$alamat', telp='$telp', email='$email', WHERE username='$username'") or die(mysql_error());
用这个:
$update = mysql_query("UPDATE users SET name='$name', tempat_lahir='$tempat_lahir', tanggal_lahir='$tgl_lahir', gender='$gender', alamat='$alamat', telp='$telp', email='$email' WHERE username='$username'") or die(mysql_error());
此外,您应该解决SQL注入问题:http://php.net/manual/en/security.database.sql-injection.php