Question

我为养蜂人网站设置了登录/注册系统。

我的问题是当用户进入帐户管理页面后尝试更新记录（登录或注册后）。

当我尝试更改其名称但我收到错误时，我的updatedata脚本正在运行：

错误：无法执行UPDATE守护程序SET keeper_name =＆＃39; test2＆＃39;，password =＆＃39;＆＃39;，keeper_email =＆＃39;＆＃39;，shop_name =＆＃ 39;＆＃39;，area =＆＃39;＆＃39;，地址=＆＃39;＆＃39;，城镇=＆＃39;＆＃39;，邮政编码=＆＃39;＆＃39; ，电话号码=＆＃39;＆＃39;，手机号码=＆＃39;＆＃39;，shop_email =＆＃39;＆＃39;，产生=＆＃39;＆＃39; ID =＆＃39; 37＆＃39;。您的SQL语法有错误;检查与您的MySQL服务器版本相对应的手册，以便在＆＃39; number =＆＃39;＆＃39;，mobile number =＆＃39;＆＃39;，shop_email =＆＃39;附近使用正确的语法。＆＃39;，产生=＆＃39;＆＃39; WHER＆＃39;在第2行

以下是我更新数据的脚本：

<?php

session_start();

/* Attempt MySQL server connection. Assuming you are running MySQL
server with default setting (user 'root' with no password) */
$link = mysqli_connect("localhost", "root", "root") or die(mysqli_error($db));
mysqli_select_db($link, "keepers")
or die(mysqli_error($link));

// Check connection
if($link === false)
{
    die("ERROR: Could not connect. " . mysqli_connect_error());
}

// Escape user inputs for security
if (isset($_POST['submit2'])) 
{
  $id = $_SESSION['id'];

  $name = mysqli_real_escape_string($link, $_REQUEST['keepername']);
  $password = mysqli_real_escape_string($link, $_REQUEST['password']);
  $password2 = mysqli_real_escape_string($link, $_REQUEST['password2']);
  $email = mysqli_real_escape_string($link, $_REQUEST['accountemail']);
  $shop = mysqli_real_escape_string($link, $_REQUEST['shopname']);
  $area = mysqli_real_escape_string($link, $_REQUEST['area']);
  $address = mysqli_real_escape_string($link, $_REQUEST['address']);
  $town = mysqli_real_escape_string($link, $_REQUEST['town']);
  $postcode = mysqli_real_escape_string($link, $_REQUEST['postcode']);
  $landline = mysqli_real_escape_string($link, $_REQUEST['landline']);
  $mobile = mysqli_real_escape_string($link, $_REQUEST['mobile']);
  $shopemail = mysqli_real_escape_string($link, $_REQUEST['shopemail']);
  $description = mysqli_real_escape_string($link, $_REQUEST['description']);


   //Error Handler
   if ($password != $password2)
   {
       header("Location: accountmanagement.php?update=passwordnotmatch");
       exit();
   }
   else
   {
       //if (isset($_SESSION['id']))
       //{
           if (!empty($name) || !empty($password) || !empty($email) || !empty($shop) || 
           !empty($area) || !empty($address) || !empty($town) || !empty($postcode) || 
           !empty($landline) || !empty($mobile) || !empty($shopemail) || !empty($description)) 
            {


                                //Insert the user into the database
                                $sqlinsert = "UPDATE keepers SET keeper_name = '$name', password = '$password', keeper_email = '$email',
                                shop_name = '$shop', area = '$area', address = '$address', town = '$town', postcode = '$postcode', phone number = '$landline', 
                                mobile number = '$mobile', shop_email = '$shopemail', produce = '$description' WHERE ID = '$id'";

                                if(mysqli_query($link, $sqlinsert))
                                {
                                    header("Location: accountmanagement.php?update=success");
                                    exit();
                                } 
                                else
                                {
                                    echo "ERROR: Could not able to execute $sqlinsert. " . mysqli_error($link);
                                }



           }
   }

  // close connection
  mysqli_close($link);
}
else
{
    header("Location: accountmanagement.php");
    exit();
}

PHP HTML MYSQL更新数据库时遇到特定ID

0 个答案: