嗨,我使用此php脚本更新数据库中的某些值,但当我发送电子邮件时,它仅接受数字,它说:无法更新数据:SQL语法有错误;在第1行的“ @ hotmail.com”附近,查看与您的MySQL服务器版本相对应的手册以使用正确的语法
我想通过输入电子邮件和用户名来更新值
并增加值,因为我有5个以上的值需要更新
有什么解决办法吗? :)
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
$email = $_POST['email'];
$gold = $_POST['gold'];
$sql = "UPDATE userdata ". "SET gold = $gold ".
"WHERE email = $email" ;
mysql_select_db('chickenstories');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}else {
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border =" 0" cellspacing = "1"
cellpadding = "2">
<tr>
<td width = "100">Email : </td>
<td><input name = "email" type = "text"
id = "email"></td>
</tr>
<tr>
<td width = "100">Gold : </td>
<td><input name = "gold" type = "text"
id = "gold"></td>
</tr>
<tr>
<td width = "100"> </td>
<td> </td>
</tr>
<tr>
<td width = "100"> </td>
<td>
<input name = "update" type = "submit"
id = "update" value = "Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
答案 0 :(得分:1)
问题是您没有将电子邮件作为字符串,而是在不转义的情况下传递了电子邮件,请更新此行:
$sql = "UPDATE userdata ". "SET gold = $gold ". "WHERE email = $email" ;
成为:
$sql = "UPDATE userdata ". "SET gold = $gold ". "WHERE email = '$email'" ;
我还建议您在将所有变量放入数据库之前先对其进行转义,以避免SQL注入。
答案 1 :(得分:0)
现在它不再起作用了,我的查询中出现语法错误
无法更新数据:您的SQL语法有错误;检查与您的MySQL服务器版本相对应的手册以获取正确的语法,以在第1行的'email ='test@hotmail.com'和username ='TestName'附近使用
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
$email = $_POST['email'];
$username = $_POST['username'];
$gold = $_POST['gold'];
$chickens = $_POST['chickens'];
$sql = "UPDATE userdata ". "SET gold = $gold, chickens = $chickens". "WHERE email = '$email' and username = '$username'" ;
mysql_select_db('chickenstories');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}else {
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border =" 0" cellspacing = "1"
cellpadding = "2">
<tr>
<td width = "100">Email : </td>
<td><input name = "email" type = "text"
id = "email"></td>
</tr>
<tr>
<td width = "100">Username : </td>
<td><input name = "username" type = "text"
id = "username"></td>
</tr>
<tr>
<td width = "100">Gold : </td>
<td><input name = "gold" type = "text"
id = "gold"></td>
</tr>
<tr>
<td width = "100">Chickens : </td>
<td><input name = "chickens" type = "text"
id = "chickens"></td>
</tr>
<tr>
<td width = "100"> </td>
<td> </td>
</tr>
<tr>
<td width = "100"> </td>
<td>
<input name = "update" type = "submit"
id = "update" value = "Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>