无法使用mysqli更新MySQL数据库中的数据

时间:2017-11-14 08:34:26

标签: php mysql

你好,有人可以帮助我,我无法更新我的mysql数据库中的数据

<?php
    require "connection.php";

    $item_name = "cheese";
    $item_code = 123;
    $item_description = "cheese is good";
    $item_unit_price  = 235;

    $mysql_query = "UPDATE Stock SET item_code = '$item_code',item_description = '$item_description',item_unit_price = '$item_unit_price' where item_name='$item_name')";

    //execute the query
    $result = mysqli_query($conn,$mysql_query);


    if($conn->query($mysql_query) ===TRUE){


    echo "Stock Item Updated Successfully";


    }else{

        echo 'Error'.$mysql_query."<br>".$conn->error;
    }

    $conn->close();

    ?>

4 个答案:

答案 0 :(得分:1)

您的问题可能就在这一行:

$mysql_query = "UPDATE Stock SET item_code = '$item_code',item_description = 
'$item_description',item_unit_price = '$item_unit_price' where item_name='$item_name')";

特别是')";

当你从未打开支架时,你正在关闭支架。

答案 1 :(得分:1)

除了非常明显的SQL注入风险之外,还有一些问题与您的代码相关。

从查询中删除)括号

$mysql_query = "UPDATE Stock SET item_code = '$item_code',item_description =
'$item_description',item_unit_price = '$item_unit_price' where
item_name='$item_name')";
                    //^ remove the bracket
//execute the query
$result = mysqli_query($conn,$mysql_query);

//Executing the query again?
if($conn->query($mysql_query) ===TRUE){

您正在执行两次查询。删除其中一行:

$result = mysqli_query($conn,$mysql_query);

或者:

if($conn->query($mysql_query) ===TRUE)

警告

如果这些变量是来自用户的输入,请使用prepared statement来反击SQL注入。像:

$mysql_query = "UPDATE Stock SET item_code = ?, item_description =?, item_unit_price = ? where item_name=?";
$stmt = $mysqli->prepare($mysql_query);
$stmt->bind_param("isds", $item_code, $item_description, $item_unit_price, $item_name);
$stmt->execute();

答案 2 :(得分:0)

首先尝试删除结束括号,通过注释//$result = mysqli_query($conn,$mysql_query);来删除其中一个查询执行

答案 3 :(得分:0)

试试这个.. !! 

<?php 
    $item_name = "cheese";
    $item_code = 123;
    $item_description = "cheese is good";
    $item_unit_price  = 235;


    $mysql_query = "UPDATE Stock SET item_code = '$item_code',item_description = '$item_description',item_unit_price = '$item_unit_price' where item_name='$item_name'";
    //execute the query
    $result = mysqli_query($conn , $mysql_query);
    if($result){
    echo "Stock Item Updated Successfully";
    }else{   
        die('Invalid query: ' . mysqli_error($conn));
    }

    $conn->close();

?>
相关问题
最新问题