Update Query不更新Mysql中的记录,但始终返回true

时间:2018-04-02 06:06:21

标签: php mysql

我有更新查询总是返回true而不是更新数据库中的记录,我还打印了sql语句&当我尝试在phpmyadmin中运行它时,它执行成功。即使我打印mysql_error()时没有错误。下面是代码: - 

 if (isset($_POST['submit']))
{

    $old_number = stripslashes($_REQUEST['old_number']); // removes backslashes
    //$old_number = mysqli_real_escape_string($con,$old_number); //escapes special characters in a string
    $new_number = stripslashes($_REQUEST['new_number']);
    //$new_number = mysqli_real_escape_string($con,$new_number);


//Checking is user existing in the database or not
    $query= "SELECT * FROM `users` WHERE username='$username' and contact='$old_number'"; 
    $result = mysqli_query($con,$query) or die(mysql_error());

    $rows = mysqli_num_rows($result); 

     if($rows==1)
           {

            echo $num_update = "UPDATE users SET contact=$new_number WHERE username='$username'";

            $result_num = mysqli_query($con,$query) or die(mysql_error()); 


            $rows_num = mysqli_num_rows($result_num); 
            if($rows_num==TRUE)
                {?>
                    <div class='success'>
                    <h3>Your mobile number is updated.</h3>
                    <br/>Click here to <a href='login.php'>Login</a></div>
                    <?php //header("Location: login.php"); // Redirect user to index.php
                }else{
                    echo "<div class='error'><h3>No Records found with entered contact info</h3><br/>Click here to <a href='login.php'>Login</a></div>";
                    }

             }
             else{
                    echo "<div class='error'><h3>No Records found with entered contact info</h3><br/>Click here to <a href='login.php'>Login</a></div>";
                    }
    }

这是我试图更新联系电话的表: - 

 CREATE TABLE IF NOT EXISTS `users` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(50) NOT NULL,
  `email` varchar(50) NOT NULL,
  `contact` varchar(30) DEFAULT NULL,
  `creation_date` date NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=5 DEFAULT CHARSET=latin1;

2 个答案:

答案 0 :(得分:2)

您的查询变量存在执行查询时使用错误变量的问题。

  $num_update = "UPDATE users SET contact=$new_number WHERE 
           username='$username'";

更改以下行

          $result_num = mysqli_query($con,$query) or die(mysql_error()); 


   $result_num = mysqli_query($con, $num_update) or die(mysql_error());

答案 1 :(得分:0)

更改

contact=$new_number


contact='$new_number'

Contactvarchar

像这样直接传递参数可能会导致SQL注入。使用参数绑定使其安全。阅读sql注入。

相关问题
最新问题