请在下面找到我的代码:
<?php
//Insert New User to Database
$username = "root";
$password = "root";
$hostname = "localhost";
$db = "ab-cargo";
$conn = mysqli_connect($hostname, $username, $password, $db);
if (mysqli_connect_errno()){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$user_id = $_SESSION['namechat'];
$user_email = $_SESSION['emailchat'];
$last_login = $datetime_formatted;
mysqli_query($conn,"INSERT INTO users (`user_id`, `user_email`, last_login, isActive) VALUES ('".$user_id."', '".$user_email."', '".$last_login."', 1)");
mysqli_query($conn,"UPDATE users SET last_login = ".$last_login.", isActive = 1 WHERE `user_email` = ".$user_email."");
?>
请帮助我找出mysqli_query的错误,因为它不会更新并在我的数据库中插入数据,即使连接工作正常(我知道因为用户能够登录)
编辑:查询插入是将新用户数据输入数据库,如果之前用户数据已在数据库中,则更新查询将仅更新last_login时间/日期。
答案 0 :(得分:1)
您需要使用mysqli_real_escape_string阻止MySQL注入。阅读有关此功能的更多信息here。
使用or die mysqli_error($conn)检查查询中的错误。
另外,检查每个查询是否成功,然后再继续下一个查询。
$user_id = mysqli_real_escape_string($conn, $_SESSION['namechat']);
$user_email = mysqli_real_escape_string($conn, $_SESSION['emailchat']);
$last_login = mysqli_real_escape_string($conn, $datetime_formatted);
$query1 = mysqli_query($conn,"INSERT INTO users (`user_id`, `user_email`, last_login, isActive) VALUES ('$user_id', '$user_email', '$last_login', 1)") or die mysqli_error($conn);
if ($query1) $success = 1;
if ($success) $query2 = mysqli_query($conn,"UPDATE users SET last_login = '$last_login', isActive = 1 WHERE `user_email` = '$user_email'");
if ($query2) echo 'User added';
答案 1 :(得分:0)
import { environment } from './environments/environment';