$sql = "UPDATE debtorsmaster SET name='" . $_POST['CustName'] . "',
address1='" . $_POST['Address1'] . "',
address2='" . $_POST['Address2'] . "',
address3='" . $_POST['Address3'] . "',
如何更改此更新以更新所有行
答案 0 :(得分:0)
因为您没有添加WHERE语句,所有行都将被更新。如上面的注释中所述,您有一个尾随,这会导致查询无效。
此外,它还建议使用预准备语句来阻止SQL注入。
$statement = $db->prepare("UPDATE `debtorsmaster` SET `name`=?, `address1`=?, `address2`=?, `address3`=?");
$statement->bind_param("ssss", $customerName, $address1, $address2, $address3);
$customerName = $_POST['CustName'];
$address1 = $_POST['Address1'];
$address2 = $_POST['Address2'];
$address3 = $_POST['Address3'];
$statement->execute();
编辑:以上示例基于mysqli。