这是完整的错误
更新记录时出错:您的SQL语法出错;检查 与您的MariaDB服务器版本对应的手册 语法使用附近' desc ='它的惊人之处 好',量=' 100000',日期=&#39 12/01/18 39#;其中id =' 5''在第1行
<?php
session_start();
include('../dbConfig.php');
if (!isset($_SESSION["loginid"]))
{
header('LOCATION:index.php');
exit();
}
include('header.php');
include('../dbConfig.php');
$id=$_GET['id'];
$Q2="SELECT * FROM `package` where id='$id' ";
$exe2=mysqli_query($con,$Q2);
$fetch2=mysqli_fetch_array($exe2);
?>
<style>
body {
background-color: #eee;
}
*[role="form"] {
max-width: 530px;
padding: 15px;
margin: 0 auto;
background-color: #fff;
border-radius: 0.3em;
}
*[role="form"] h2 {
margin-left: 5em;
margin-bottom: 1em;
}
</style>
<!--===============Image View Css And Javascript================--->
<style>
.btn-file {
position: relative;
overflow: hidden;
}
.btn-file input[type=file] {
position: absolute;
top: 0;
right: 0;
min-width: 100%;
min-height: 100%;
font-size: 100px;
text-align: right;
filter: alpha(opacity=0);
opacity: 0;
outline: none;
background: white;
cursor: inherit;
display: block;
}
#img-upload{
width: 100%;
}
</style>
<br><br>
<br><br>
<br><br>
<div class="container">
<form class="form-horizontal" role="form" method="post" enctype="multipart/form-data">
<h2>Add Tour Package</h2>
<div class = "form-group">
<label for="course" class="col-sm-3 control-label">Place/City*</label>
<div class="col-sm-9">
<select class="form-control input-sm" name="city" >
<option value=""><?php echo $fetch2['city'] ?></option>
<?php
include('../dbConfig.php');
$qry = "SELECT * FROM `city` order by city";
$rec = mysqli_query($con,$qry );
if( mysqli_num_rows($rec) > 0)
{
while($res = mysqli_fetch_array($rec))
{
echo "<option value=".$res['city'].">".$res['city']."</option>";
}
}
?>
</select>
</div>
</div>
<div class="form-group">
<label for="package" class="col-sm-3 control-label">Package Name</label>
<div class="col-sm-9">
<input type="text" id="package" value='<?php echo $fetch2['package'] ?>' name="package" class="form-control">
</div>
</div>
<div class="form-group">
<label for="birthDate" class="col-sm-3 control-label">Amount</label>
<div class="col-sm-9">
<input type="number" id="amount" class="form-control" name="amount" value='<?php echo $fetch2['amount'] ?>'>
</div>
</div>
<div class="form-group">
<label for="day" class="col-sm-3 control-label">Days</label>
<div class="col-sm-9">
<select id="day" class="form-control input-sm" name="day">
<option value="<?php $fetch2['day'] ?>"><?php echo $fetch2['day'] ?></option>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
<option value="13">13</option>
<option value="14">14</option>
<option value="15">15</option>
<option value="16">16</option>
<option value="17">17</option>
<option value="18">18</option>
<option value="19">19</option>
<option value="20">20</option>
</select>
</div>
</div>
<div class="form-group">
<label for="night" class="col-sm-3 control-label">Night</label>
<div class="col-sm-9">
<select id="night" class="form-control input-sm" name="night">
<option value="<?php $fetch2['night'] ?>"><?php echo $fetch2['night'] ?></option>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
<option value="13">13</option>
<option value="14">14</option>
<option value="15">15</option>
<option value="16">16</option>
<option value="17">17</option>
<option value="18">18</option>
<option value="19">19</option>
<option value="20">20</option>
</select>
</div>
</div>
<div class="form-group">
<label for="comment" class="col-sm-3 control-label">Description:</label>
<div class="col-sm-9">
<textarea name="desc" class="form-control" rows="5" id="comment"><?php echo $fetch2['desc'] ?></textarea>
</div>
</div>
<!-- /.form-group -->
<button type="submit" class="btn btn-primary btn-block" name="submit">Add Place/City</button>
</form> <!-- /form -->
</div> <!-- ./container -->
<br><br>
<?php
include('../dbConfig.php');
if(isset($_POST['submit']))
{
$city = $_POST['city'];
$amount = $_POST['amount'];
$day = $_POST['day'];
$night = $_POST['night'];
$desc = $_POST['desc'];
$package=$_POST['package'];
$date=date('d/m/y');
$sql=mysqli_query($con,"update `package` set package='$package',city='$city',day='$day',night='$night',desc='$desc',amount='$amount',date='$date' where id='$id'");
if($sql)
{
echo "<script type='text/javascript'> alert('Package has been Updated.');window.location.href='createTour.php' </script>";
}
else{
echo "Error updating record: " . mysqli_error($con);
}
mysqli_close($con);
}
?>
答案 0 :(得分:1)
desc是保留关键字,因此您必须在更新查询中将其放在引号中。请查看SQL注入的可能性,因为您的代码非常容易受到攻击
答案 1 :(得分:0)
你应该试试
$sql=mysqli_query($con,"UPDATE `package` SET `package`='$package',`city`='$city',`day`='$day',`night`='$night',`desc`='$desc',`amount`='$amount',`date`='$date' WHERE `id`='$id'");