我已经在数据库中创建了一个表,用户可以在其中存储有关自身的日常信息,数据已成功保存到表中,但是如果我尝试更新表中已有的数据就会出错(如果用户已经在当天输入了信息,而不是创建新行)。
$sql = "SELECT * FROM $username WHERE day=?;";
// Here we initialize a new statement by connecting to the database (dbh.php file)
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
// If there is an error the user is sent to the enter data page again
header("Location: ../enterTodaysData.php?error=sqlerror");
exit();
}
else { //if there are no errors...
mysqli_stmt_bind_param($stmt, "s", $day); //binds the parameters to the statement
mysqli_stmt_execute($stmt); //executes the statement
$result = mysqli_stmt_get_result($stmt); //saves the result of the statement into the result variable
if ($row = mysqli_fetch_assoc($result)) { //if the user HAS already made an entry that day
$sql = "UPDATE $username (SET peakflow1 = $peakflow1 WHERE day=$day);";
$sql = "UPDATE $username (SET peakflow2 = $peakflow2 WHERE day=$day);";
$sql = "UPDATE $username (SET coughing = $coughing WHERE day=$day);";
$sql = "UPDATE $username (SET tightChest = $tightChest WHERE day=$day);";
$sql = "UPDATE $username (SET shortBreath = $shortBreath WHERE day=$day);";
$sql = "UPDATE $username (SET wheezing = $wheezing WHERE day=$day);";
$sql = "UPDATE $username (SET symptomOne = $symptomOne WHERE day=$day);";
$sql = "UPDATE $username (SET symptomTwo = $symptomTwo WHERE day=$day);";
$sql = "UPDATE $username (SET medication = $medication WHERE day=$day);";
$sql = "UPDATE $username (SET mood = $mood WHERE day=$day);";
$sql = "UPDATE $username (SET comments = $comments WHERE day=$day);";
$sql = "UPDATE $username (SET overall = $overall WHERE day=$day);";
header("Location: ../home.php?sql=success");
exit();
}
else{ //if the user has not
$sql = "INSERT INTO $username (day, peakflow1, peakflow2, medication, mood, coughing, tightChest, shortBreath, wheezing, symptomOne, symptomTwo, overall, comments) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);"; //the question marks are placeholders
$stmt = mysqli_stmt_init($conn);
//an sql statement is prepared and the database is connected to
if (!mysqli_stmt_prepare($stmt, $sql)) {
// If there is an error the user is sent back to the signup page
header("Location: ../enterTodaysdata.php?error=sqlerror");
exit();
}
else {
//binds the paramaters and data to the statement
mysqli_stmt_bind_param($stmt, "siisiiiiiiiis", $day, $peakflow1, $peakflow2, $medication, $mood, $coughing, $tightChest, $shortBreath, $wheezing, $symptomOne, $symptomTwo, $overall, $comments);
//this executes the prepared statement and send it to the database, this registers the user.
mysqli_stmt_execute($stmt);
//sends the user back to the signup page, with a message confirming that it was a success
header("Location: ../home.php?sql=success");
exit();
}
}
}
}
导致该问题的代码部分从$sql = "UPDATE $username (SET peakflow1 = $peakflow1 WHERE day=$day);";行开始。
除了屏幕顶部的“ sqlerror”错误消息外,屏幕上没有显示任何结果,但是表不会更新。
答案 0 :(得分:1)
我发现更新存在一些问题。 (在运行时可能还会出现其他问题,但这就是我在您发布的代码中看到的。)
在此部分:
if ($row = mysqli_fetch_assoc($result)) { //if the user HAS already made an entry that day
$sql = "UPDATE $username (SET peakflow1 = $peakflow1 WHERE day=$day);";
$sql = "UPDATE $username (SET peakflow2 = $peakflow2 WHERE day=$day);";
...
这些$sql = "UPDATE ...表达式中的每一个都将覆盖$sql变量,因此在该部分的结尾$sql仅保留最后一个查询。
SET peakflow1 ...等括号最多是不必要的,我认为它们会导致SQL语法错误。
这些SQL字符串中的任何变量都没有引号,并且其中一些包含字符串。这将导致SQL语法错误。 (请参见When to use single quotes, double quotes, and backticks in MySQL。)应通过与执行插入操作相同的方式执行更新,并通过将变量绑定到预准备语句中的占位符来避免此问题。顺便说一句,您可以使用单个查询来完成所有更新,例如:
"UPDATE $username SET peakflow1 = ?, peakflow2 = ?, ... WHERE day = ?"
您没有执行该SQL。您可以将SQL字符串分配给$sql变量,然后立即exit()对其进行任何操作。
使用此处的操作,您可以通过执行“ UPSERT”来简化代码,基本上不必运行三个查询(检查是否存在,如果不存在则进行插入,如果是则进行更新),则可以运行一个将插入或更新的查询。在MySQL中,只要day列定义为唯一,就可以使用INSERT... ON DUPLICATE KEY UPDATE语法。