更新数据库中的数据 - 准备好的语句(PHP)

时间:2018-03-04 19:51:48

标签: php database mysqli prepared-statement

我对php很新,以前刚刚使用mysqli进行查询。但是我总是看到人们说要使用准备好的语句,所以我经历了我的项目,努力将我的所有查询都改成准备好的语句。此特定查询未更新

        $email = $userDetails['email'];
        $token = bin2hex(random_bytes(16));
        $username = $userDetails['username'];
        $timestamp = date('Y/m/d H:i:s');
        $sql = "UPDATE users SET token = ? AND timestamp = ? WHERE email = ?";
        $stmt = mysqli_prepare($connect, $sql);
        mysqli_stmt_bind_param($stmt,"sss",$token,$timestamp,$email);
        mysqli_stmt_execute($stmt);

1 个答案:

答案 0 :(得分:1)

您在AND查询中使用的是,而不是UPDATE

$sql = "UPDATE users SET token = ?, timestamp = ? WHERE email = ?";