PHP表单不会在数据库字段$ _POST方法中存储文本

时间:2017-02-15 15:27:45

标签: php html

我正在尝试使用POST方法尝试将文本添加到我的数据库字段中。我特别谈到的数据库字段叫做ProductVariantHTML。有些原因,它没有将数据发布到我的数据库中。

这是我表格中的textarea 

<tr>
    <td><label for="product-variant-html-description">Variant HTML Description:</label></td>
    <td><textarea id="product-variant-html-description" name="ProductVariantHTML" maxlength=""><?=htmlspecialchars($productVariantHTML)?></textarea></td>
    <td><span class="input-help"></span></td>
</tr>

这是ProductVariant类 

<?php
class ProductVariant
{
    // Attributes
    private $_Con;
    private $_productVariantID;
    private $_productID;
    private $_SKU;
    private $_MPN;
    private $_barcode;
    private $_price;
    private $_salePrice;
    private $_finalPrice;
    private $_stock;
    private $_length;
    private $_height;
    private $_width;
    private $_weight;
    private $_leadTimeFrom;
    private $_leadTimeTo;
    private $_soldCount;
    private $_createdDate;
//Nathan Added 2017
    private $_productVariantHTML;

//Nathan Added 2017
    public function __construct(MySQLi $Con = NULL, $productVariantID = NULL, $productID = NULL, $SKU = NULL, $MPN = NULL, $barcode = NULL, $price = NULL, $salePrice = NULL, $finalPrice = NULL, $stock = NULL, $length = NULL, $height = NULL, $width = NULL, $weight = NULL, $leadTimeFrom = NULL, $leadTimeTo = NULL, $soldCount = NULL, $createdDate = NULL, $productVariantHTML = NULL)
    {
        $this->_Con = $Con;
        $this->_productVariantID = $productVariantID;
        $this->_productID = $productID;
        $this->_SKU = $SKU;
        $this->_MPN = $MPN;
        $this->_barcode = $barcode;
        $this->_price = $price;
        $this->_salePrice = $salePrice;
        $this->_finalPrice = $finalPrice;
        $this->_stock = $stock;
        $this->_length = $length;
        $this->_height = $height;
        $this->_width = $width;
        $this->_weight = $weight;
        $this->_leadTimeFrom = $leadTimeFrom;
        $this->_leadTimeTo = $leadTimeTo;
        $this->_soldCount = $soldCount;
        $this->_createdDate = $createdDate;
//Nathan Added 2017
        $this->_productVariantHTML = $productVariantHTML;
    }

    // Properties Get
    public function GetProductVariantID() { return $this->_productVariantID; }
    public function GetProductID() { return $this->_productID; }
    public function GetSKU() { return $this->_SKU; }
    public function GetMPN() { return $this->_MPN; }
    public function GetBarcode() { return $this->_barcode; }
    public function GetPrice() { return $this->_price; }
    public function GetSalePrice() { return $this->_salePrice; }
    public function GetFinalPrice() { return $this->_finalPrice; }
    public function GetStock() { return $this->_stock; }
    public function GetLength() { return $this->_length; }
    public function GetHeight() { return $this->_height; }
    public function GetWidth() { return $this->_width; }
    public function GetWeight() { return $this->_weight; }
    public function GetLeadTimeFrom() { return $this->_leadTimeFrom; }
    public function GetLeadTimeTo() { return $this->_leadTimeTo; }
    public function GetSoldCount() { return $this->_soldCount; }
    public function GetCreatedDate() { return $this->_createdDate; }
//Nathan Added 2017
    public function GetProductVariantHTML() { return $this->_productVariantHTML; }

    // Properties Set
    public function SetProductVariantID($v) { $this->_productVariantID = $v; }
    public function SetProductID($v) { $this->_productID = $v; }
    public function SetSKU($v) { $this->_SKU = $v; }
    public function SetMPN($v) { $this->_MPN = $v; }
    public function SetBarcode($v) { $this->_barcode = $v; }
    public function SetPrice($v) { $this->_price = $v; }
    public function SetSalePrice($v) { $this->_salePrice = $v; }
    public function SetFinalPrice($v) { $this->_finalPrice = $v; }
    public function SetStock($v) { $this->_stock = $v; }
    public function SetLength($v) { $this->_length = $v; }
    public function SetHeight($v) { $this->_height = $v; }
    public function SetWidth($v) { $this->_width = $v; }
    public function SetWeight($v) { $this->_weight = $v; }
    public function SetLeadTimeFrom($v) { $this->_leadTimeFrom = $v; }
    public function SetLeadTimeTo($v) { $this->_leadTimeTo = $v; }
    public function SetSoldCount($v) { $this->_soldCount = $v; }
    public function SetCreatedDate($v) { $this->_createdDate = $v; }
//Nathan Added 2017
    public function SetProductVariantHTML($v) { $this->_productVariantHTML = $v; }
    public function FillProductVariantFromDBByProductID($productID)
    {
        $productID = $this->_Con->real_escape_string($productID);
        $variantSQL = $this->_Con->query("SELECT ProductVariantID, ProductID, SKU FROM product_variant WHERE ProductID = $productID");

        if ($variantSQL == TRUE && $variantSQL->num_rows > 0) {
            while ($variantRow = $variantSQL->fetch_assoc()) {
                $ProductVariants[] = new self(NULL, (int)$variantRow['ProductVariantID'], (int)$variantRow['ProductID'], $variantRow['SKU']);
            }
            return $ProductVariants;
        }
        else {
            return FALSE;
        }
    }

    public function FillProductVariantFromDBByProductVariantID($productVariantID)
    {
        $productVariantID = $this->_Con->real_escape_string($productVariantID);
        $variantSQL = $this->_Con->query("SELECT * FROM product_variant WHERE ProductVariantID = $productVariantID");

        if ($variantSQL == TRUE && $variantSQL->num_rows > 0) {
            $variantRow = $variantSQL->fetch_assoc();
            $this->_productVariantID = (int)$variantRow['ProductVariantID'];
            $this->_productID = (int)$variantRow['ProductID'];
            $this->_SKU = $variantRow['SKU'];
            $this->_MPN = $variantRow['MPN'];
            $this->_barcode = $variantRow['Barcode'];
            $this->_price = (float)$variantRow['Price'];
            $this->_salePrice = ($variantRow['SalePrice'] == NULL) ? NULL : (float)$variantRow['SalePrice'];
            $this->_finalPrice = (float)$variantRow['FinalPrice'];
            $this->_stock = (int)$variantRow['Stock'];
            $this->_length = ($variantRow['Length'] == NULL) ? NULL : (float)$variantRow['Length'];
            $this->_height = ($variantRow['Height'] == NULL) ? NULL : (float)$variantRow['Height'];
            $this->_width = ($variantRow['Width'] == NULL) ? NULL : (float)$variantRow['Width'];
            $this->_weight = ($variantRow['Weight'] == NULL) ? NULL : (float)$variantRow['Weight'];
            $this->_leadTimeFrom = (int)$variantRow['LeadTimeFrom'];
            $this->_leadTimeTo = (int)$variantRow['LeadTimeTo'];
//Nathan Added 2017
            $this->_productVariantHTML = $variantRow['ProductVariantHTML'];

            return TRUE;
        }
        else {
            return FALSE;
        }
    }

    // Create variant
    public function CreateVariant($productID, $SKU, $MPN, $barcode, $price, $stock)
    {
        // Assign variables
        $Con = $this->_Con;
        $productID = $Con->real_escape_string($productID);
        $SKU = $Con->real_escape_string(trim($SKU));
        if (empty($MPN)) {
            $MPN = 'NULL';
        } else {
            $MPN = "'" . $Con->real_escape_string(trim($MPN)) . "'";
        }
        if (empty($barcode)) {
            $barcode = 'NULL';
        } else {
            $barcode = "'" . $Con->real_escape_string(trim($barcode)) . "'";
        }
        $price = $Con->real_escape_string($price);
        $finalPrice = $price;
        $stock = $Con->real_escape_string($stock);

        // Turn off autocommit
        $Con->autocommit(FALSE);
        $Con->query('BEGIN');

        $variantSQL = $Con->query("INSERT INTO product_variant (ProductID, SKU, MPN, Barcode, Price, FinalPrice, Stock, LeadTimeFrom, LeadTimeTo)
        VALUES ($productID, '$SKU', $MPN, $barcode, $price, $finalPrice, $stock, 1, 2)");

        // Update productVariantID
        $productVariantID = $Con->insert_id;
        $this->_productVariantID = $productVariantID;

        $detailSQL = $Con->query("INSERT INTO product_detail (ProductVariantID)
        VALUES ($productVariantID)");

        if ($variantSQL == TRUE && $detailSQL == TRUE) {
            // Commit the data, turn autocommit on
            $Con->commit(); 
            $Con->autocommit(TRUE); 
            return TRUE;
        }
        else {
            // If error inputting ANY data, rollback
            $Con->rollback();
            $Con->autocommit(TRUE);
            return FALSE;
        }
    }

    // Create multi variant
    public function CreateMultiVariant($variant, $productID, $SKU, $MPN, $barcode, $price, $stock, $variantStr)
    {
        // Assign variables
        $Con = $this->_Con;
        $productID = $Con->real_escape_string($productID);
        $success = TRUE;

        // Turn off autocommit
        $Con->autocommit(FALSE);
        $Con->query('BEGIN');

        // Loop through variant types and values
        foreach ($variant as $key => $val)
        {
            // Get variant type and insert into database
            $dbVariant = $Con->real_escape_string($key);
            $variantSQL = $Con->query("INSERT INTO variant (Variant)
            VALUES ('$dbVariant')");

            if ($success == TRUE && $variantSQL == TRUE)
            {
                $variantID = $Con->insert_id;

                // Loop through each variant type values
                foreach ($val as $v)
                {
                    $dbVariantValue = $Con->real_escape_string($v);
                    $variantValueSQL = $Con->query("INSERT INTO variant_value (VariantID, VariantValue)
                    VALUES ($variantID, '$dbVariantValue')");

                    if ($variantValueSQL == TRUE) {
                        $variantIDLink[$v] = $Con->insert_id;
                    }
                    else {
                        $success = FALSE;
                        break;
                    }
                }
            }
            else
            {
                $success = FALSE;
                break;
            }
        }

        if ($success == TRUE)
        {
            for ($i = 0; isset($SKU[$i]); $i++)
            {
                $dbSKU = $Con->real_escape_string(trim($SKU[$i]));
                if (empty($MPN[$i])) {
                    $dbMPN = 'NULL';
                } else {
                    $dbMPN = "'" . $Con->real_escape_string(trim($MPN[$i])) . "'";
                }
                if (empty($barcode[$i])) {
                    $dbBarcode = 'NULL';
                } else {
                    $dbBarcode = "'" . $Con->real_escape_string(trim($barcode[$i])) . "'";
                }
                $dbPrice = $Con->real_escape_string($price[$i]);
                $dbFinalPrice = $dbPrice;
                $dbStock = $Con->real_escape_string($stock[$i]);

                // SQL INSERT for Product Variant
                $pVariantSQL = $Con->query("INSERT INTO product_variant (ProductID, SKU, MPN, Barcode, Price, FinalPrice, Stock, LeadTimeFrom, LeadTimeTo)
                VALUES ($productID, '$dbSKU', $dbMPN, $dbBarcode, $dbPrice, $dbFinalPrice, $dbStock, 1, 2)");
                $productVariantID = $Con->insert_id;
                $this->_productVariantID = $productVariantID;

                $dbVariantStrArray = explode('|', $variantStr[$i]);

                foreach ($dbVariantStrArray as $dbVariantStr)
                {
                    // Get ID of variant type
                    $dbVariantID = $variantIDLink[$dbVariantStr];

                    // SQL INSERT for Product Detail
                    $pDetailSQL = $Con->query("INSERT INTO product_detail (ProductVariantID, VariantValueID)
                    VALUES ($productVariantID, $dbVariantID)");

                    if ($pDetailSQL != TRUE) {
                        $success = FALSE;
                        break;
                    }
                }

                if ($success == FALSE || $pVariantSQL == FALSE || $variantSQL == FALSE || $variantValueSQL == FALSE || $pDetailSQL == FALSE) {
                    $success = FALSE;
                    break;
                }
            }
        }

        if ($success == TRUE) {
            // Commit the data, turn autocommit on
            $Con->commit(); 
            $Con->autocommit(TRUE); 
            return TRUE;
        }
        else {
            // If error inputting ANY data, rollback
            $Con->rollback();
            $Con->autocommit(TRUE);
            return FALSE;
        }
    }

    public function UpdatedProductVariant($productVariantID, $SKU, $MPN, $barcode, $price, $salePrice, $stock, $length, $height, $width, $weight, $leadTimeFrom, $leadTimeTo, $productVariantHTML)
    {
        $productVariantID = $this->_Con->real_escape_string($productVariantID);
        $SKU = $this->_Con->real_escape_string($SKU);
        $MPN = $this->_Con->real_escape_string($MPN);
        if (empty($barcode)) {
            $barcode = 'NULL';
        } else {
            $barcode = "'" . $this->_Con->real_escape_string($barcode) . "'";
        }
        $price = $this->_Con->real_escape_string($price);
        if (empty($salePrice)) {
            $salePrice = 'NULL';
            $finalPrice = $price;
        } else {
            $salePrice = $this->_Con->real_escape_string($salePrice);
            $finalPrice = $salePrice;
        }
        $stock = $this->_Con->real_escape_string($stock);
        if (empty($length)) {
            $length = 'NULL';
        } else {
            $length = $this->_Con->real_escape_string($length);
        }
        if (empty($height)) {
            $height = 'NULL';
        } else {
            $height = $this->_Con->real_escape_string($height);
        }
        if (empty($width)) {
            $width = 'NULL';
        } else {
            $width = $this->_Con->real_escape_string($width);
        }
        if (empty($weight)) {
            $weight = 'NULL';
        } else {
            $weight = $this->_Con->real_escape_string($weight);
        }
        if (empty($productVariantHTML)) {
            $productVariantHTML = 'NULL';
        } else {
            $productVariantHTML = $this->_Con->real_escape_string($productVariantHTML);
        }

        $leadTimeFrom = $this->_Con->real_escape_string($leadTimeFrom);
        $leadTimeTo = $this->_Con->real_escape_string($leadTimeTo);

        $variantSQL = $this->_Con->query("UPDATE product_variant SET SKU = '$SKU', MPN = '$MPN', Barcode = $barcode, Price = $price, SalePrice = $salePrice, FinalPrice = $finalPrice, Stock = $stock, Length = $length, Height = $height, Width = $width, Weight = $weight, LeadTimeFrom = $leadTimeFrom, LeadTimeTo = $leadTimeTo, ProductVariantHTML = $productVariantHTML WHERE ProductVariantID = $productVariantID");

        if ($variantSQL == TRUE) {
            return TRUE;
        }
        else {
            return FALSE;
        }
    }

    // Delete variant
    public function DeleteVariant()
    {
        // Assign variables
        $Con = $this->_Con;
        $productVariantID = $this->_productVariantID;

        $deleteSQL = $Con->query("DELETE FROM product_variant WHERE ProductVariantID = $productVariantID");

        if ($deleteSQL == TRUE) {
            return TRUE;
        }
        else {
            return FALSE;
        }
    }

    // Destructor
    public function __destruct()
    {
    }
}
?>

这是edit-product-variants.php 

<?php
include ('includes/site-define.php');
include ('includes/connection-open.php');
include ('includes/checks.php');
$metaTitle = 'Edit Product Variant';
$ConsoleMessage = new ConsoleMessage();
$productVariantID = (isset($_GET['product_variant_id'])) ? $_GET['product_variant_id'] : NULL;
$productID = NULL;
$SKU = NULL;
$MPN = NULL;
$barcode = NULL;
$price = NULL;
$salePrice = NULL;
$finalPrice = NULL;
$stock = NULL;
$length = NULL;
$height = NULL;
$width = NULL;
$weight = NULL;
$leadTimeFrom = NULL;
$leadTimeTo = NULL;
$soldCount = NULL;
$createdDate = NULL;
//Nathan 2017
$productVariantHTML = NULL;

$ProductVariant = new ProductVariant($Con);
$ProductVariant->FillProductVariantFromDBByProductVariantID($productVariantID);
$productVariantID = $ProductVariant->GetProductVariantID();
$productID = $ProductVariant->GetProductID();
$SKU = $ProductVariant->GetSKU();
$MPN = $ProductVariant->GetMPN();
$barcode = $ProductVariant->GetBarcode();
$price = $ProductVariant->GetPrice();
$salePrice = $ProductVariant->GetSalePrice();
$stock = $ProductVariant->GetStock();
$length = $ProductVariant->GetLength();
$height = $ProductVariant->GetHeight();
$width = $ProductVariant->GetWidth();
$weight = $ProductVariant->GetWeight();
$leadTimeFrom = $ProductVariant->GetLeadTimeFrom();
$leadTimeTo = $ProductVariant->GetLeadTimeTo();
//Nathan 2017
$productVariantHTML = $ProductVariant->GetProductVariantHTML();

if (isset($_POST['Save']))
{
    $SKU = $_POST['SKU'];
    $MPN = $_POST['MPN'];
    $barcode = $_POST['Barcode'];
    $price = $_POST['Price'];
    $salePrice = $_POST['SalePrice'];
    $stock = (isset($_POST['Stock'])) ? 1 : 0;
    $length = $_POST['Length'];
    $height = $_POST['Height'];
    $width = $_POST['Width'];
    $weight = $_POST['Weight'];
    $leadTimeFrom = $_POST['LeadTimeFrom'];
    $leadTimeTo = $_POST['LeadTimeTo'];
//Nathan 2017
    $productVariantHTML = $_POST['ProductVariantHTML'];

    if (empty($SKU) || strlen($SKU) > 100) {
        $ConsoleMessage->AddError('SKU', NULL);
    }
    if (empty($MPN) || strlen($MPN) > 100) {
        $ConsoleMessage->AddError('MPN', NULL);
    }
    if (strlen($barcode) > 100) {
        $ConsoleMessage->AddError('Barcode', NULL);
    }
    if (empty($price) || !is_numeric($price)) {
        $ConsoleMessage->AddError('Price', NULL);
    }
    if (!empty($salePrice)) {
        if (!is_numeric($salePrice)) {
            $ConsoleMessage->AddError('Sale Price', NULL);
        }
    }
    if (!empty($length)) {
        if (!is_numeric($length)) {
            $ConsoleMessage->AddError('Length', NULL);
        }
    }
    if (!empty($height)) {
        if (!is_numeric($height)) {
            $ConsoleMessage->AddError('Height', NULL);
        }
    }
    if (!empty($width)) {
        if (!is_numeric($width)) {
            $ConsoleMessage->AddError('Width', NULL);
        }
    }
    if (!empty($weight)) {
        if (!is_numeric($weight)) {
            $ConsoleMessage->AddError('Weight', NULL);
        }
    }
    if (empty($leadTimeFrom) || !is_numeric($leadTimeFrom)) {
        $ConsoleMessage->AddError('Lead Time From', NULL);
    }
    if (empty($leadTimeTo) || !is_numeric($leadTimeTo)) {
        $ConsoleMessage->AddError('Lead Time To', NULL);
    }

    if ($ConsoleMessage->GetErrorCount() === 0) {
        $UpdatedProductVariant = new ProductVariant($Con);
        $updatedProductVariant = $UpdatedProductVariant->UpdatedProductVariant($productVariantID, $SKU, $MPN, $barcode, $price, $salePrice, $stock, $length, $height, $width, $weight, $leadTimeFrom, $leadTimeTo, $productVariantHTML);

        if ($updatedProductVariant == TRUE) {
            header("Location: product-variants.php?product_id=$productID");
            exit();
        }
        else {
            $ConsoleMessage->AddError('Updating Product Variant', NULL);
        }
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title><?=$metaTitle . ' | ' . SITE_NAME?></title>
<?php include ('includes/header-tags.php'); ?>
</head>
<body>
<div id="wrapper">
    <?php
    // Print header
    $HeaderMenu = new HeaderMenu();
    $HeaderMenu->PrintHeader();
    ?>
    <div id="main">
        <div class="h-wrapper">
            <h1>Edit Product Variant</h1>
            <div class="menu-bar">
            </div>
        </div>
        <?php $ConsoleMessage->PrintMessages(); ?>
        <form id="form" method="post" action="">
            <table class="input-table" cellpadding="0" cellspacing="0" border="0">
                <tr>
                    <th colspan="3">Product Variant Details</th>
                </tr>
                <tr>
                    <td><label for="sku">SKU:</label></td>
                    <td><input type="text" id="sku" size="10" name="SKU" value="<?=htmlspecialchars($SKU)?>" maxlength=""></td>
                    <td><span class="input-help"></span></td>
                </tr>
                <tr>
                    <td><label for="mpn">MPN:</label></td>
                    <td><input type="text" id="mpn" size="10" name="MPN" value="<?=htmlspecialchars($MPN)?>" maxlength="" /></td>
                    <td><span class="input-help"></span></td>
                </tr>
                <tr>
                    <td><label for="barcode">Barcode:</label></td>
                    <td><input type="text" id="barcode" size="10" name="Barcode" value="<?=htmlspecialchars($barcode)?>" maxlength="" /></td>
                    <td><span class="input-help"></span></td>
                </tr>
                <tr>
                    <td><label for="price">Price:</label></td>
                    <td><input type="text" id="price" size="10" name="Price" value="<?=htmlspecialchars($price)?>" maxlength=""></td>
                    <td><span class="input-help"></span></td>
                </tr>
                <tr>
                    <td><label for="sale-price">Sale Price:</label></td>
                    <td><input type="text" id="sale-price" size="10" name="SalePrice" value="<?=htmlspecialchars($salePrice)?>" maxlength=""></td>
                    <td><span class="input-help"></span></td>
                </tr>
                <tr>
                    <td><label for="stock">Stock:</label></td>
                    <td>
                    <input type="checkbox" id="stock" name="Stock" <?php if ($stock == 1) { echo 'checked="checked"'; } ?> />
                    </td>
                    <td><span class="input-help"></span></td>
                </tr>
                <tr>
                    <td><label for="length">Length:</label></td>
                    <td><input type="text" id="length" size="10" name="Length" value="<?=htmlspecialchars($length)?>" maxlength=""></td>
                    <td><span class="input-help"></span></td>
                </tr>
                <tr>
                    <td><label for="height">Height:</label></td>
                    <td><input type="text" id="height" size="10" name="Height" value="<?=htmlspecialchars($height)?>" maxlength=""></td>
                    <td><span class="input-help"></span></td>
                </tr>
                <tr>
                    <td><label for="width">Width:</label></td>
                    <td><input type="text" id="width" size="10" name="Width" value="<?=htmlspecialchars($width)?>" maxlength=""></td>
                    <td><span class="input-help"></span></td>
                </tr>
                <tr>
                    <td><label for="weight">Weight:</label></td>
                    <td><input type="text" id="weight" size="10" name="Weight" value="<?=htmlspecialchars($weight)?>" maxlength=""></td>
                    <td><span class="input-help"></span></td>
                </tr>
<!--Nathan 2017-->
                <tr>
                    <td><label for="product-variant-html-description">Variant HTML Description:</label></td>
                    <td><textarea id="product-variant-html-description" name="ProductVariantHTML" maxlength=""><?=htmlspecialchars($productVariantHTML)?></textarea></td>
                    <td><span class="input-help"></span></td>
                </tr>

                <tr>
                    <td><label for="lead-time-from">Lead Time:</label></td>
                    <td>
                        <input type="text" id="lead-time-from" size="5" name="LeadTimeFrom" value="<?=htmlspecialchars($leadTimeFrom)?>" maxlength=""> to 
                        <input type="text" id="lead-time-to" size="5" name="LeadTimeTo" value="<?=htmlspecialchars($leadTimeTo)?>" maxlength="">
                    </td>
                    <td><span class="input-help"></span></td>
                </tr>
                <tr>
                    <td colspan="3">
                        <button id="proceed-btn" type="submit" name="Save">Save</button>
                        <img class="btn-load-left" src="images/btn-load.gif">
                    </td>
                </tr>
            </table>
        </form>
    </div>
    <div style="clear:both;"></div>
</div>
<?php include('includes/footer.php') ?>
</body>
</html>
<?php include ('includes/connection-close.php'); ?>

错误消息

Error

1 个答案:

答案 0 :(得分:1)

在以&#34开头的SQL语句中;&#34; UPDATE product_variant SET SKU ...&#34;:

ProductVariantHTML = $productVariantHTML

应该是

ProductVariantHTML = '$productVariantHTML'

我猜想$ productVariantHTML不是数值,也不是要表示表中的另一列。因此它需要它周围的报价。否则,由于您创建了该变量&#34; nathan&#34;,它将尝试将ProductVariantHTML列的值设置为名为nathan的列的值,因为SQL解释器按字面意思处理它,而不是作为数据字符串处理它

NB。正如其他人在评论中所说,你可以通过首先使用适当的参数化查询来避免这种语法错误,而不是脆弱的字符串连接。这样做还可以更好地保护您免受SQL注入攻击的真正危险。您的数据可能会被破坏,删除或泄露给任何拥有操纵它所需的相对平凡技能的人。

相关问题
最新问题