mysql 更新不更新?
我想弄清楚为什么这个 mysql 更新查询实际上没有更新 mysql 数据库!
I am trying to figure out why this mysql update query doesn't actually update the mysql database!
我找不到原因!
页面从 add.php 文件中获取一个 ID,与该 ID 相关的值在表单中正确地得到回显,但由于某种原因它根本不更新 mysql !
The page gets an ID from add.php file and the values related to that ID get echo-ed in the form properly but for some reason it doesn't update the mysql at all!!
如果我遗漏了什么,有人可以告诉我吗?
could someone please let me know if I am missing something?
这是我的代码:
<?php
// Script Error Reporting
error_reporting(E_ALL);
ini_set('display_errors', '1');
?>
<?php
// Parse the form data and add inventory item to the system
if (isset($_POST['title'])) {
$pid = mysqli_real_escape_string($db_conx, $_POST['thisID']);
$title = mysqli_real_escape_string($db_conx, $_POST['title']);
$details = mysqli_real_escape_string($db_conx, $_POST['details']);
// See if that product name is an identical match to another product in the system
$sql = "UPDATE pages SET title='$title', details='$details', WHERE id='$pid'";
$query = mysqli_query($db_conx, $sql);
header("location: add.php");
exit();
}
?>
<?php
// Gather this product's full information for inserting automatically into the edit form below on page
if (isset($_GET['pid'])) {
$targetID = $_GET['pid'];
$sql = "SELECT * FROM pages WHERE id='$targetID' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$productCount = mysqli_num_rows($query); // count the output amount
if ($productCount > 0) {
while($row = mysqli_fetch_array($query, MYSQLI_ASSOC)){
$title = $row["title"];
$details = $row["details"];
$date_added = strftime("%b %d, %Y", strtotime($row["date_added"]));
}
} else {
echo "Sorry, that don't exist.";
exit();
}
}
?>
这是页面中的 HTML 表单:
and here is the HTML form in the page:
<form action="pages_edit.php" enctype="multipart/form-data" name="myForm" id="myform" method="post">
<table width="90%" border="0" cellspacing="0" cellpadding="6">
<tr>
<td width="20%" align="right">Page Tile</td>
<td width="80%"><label>
<input name="title" type="text" id="title" size="64" value="<?php echo $title; ?>" />
</label></td>
</tr>
<tr>
<td align="right">Page Body</td>
<td><label>
<textarea name="details" id="details" cols="64" rows="5"><?php echo $details; ?></textarea>
</label></td>
</tr>
<tr>
<td> </td>
<td><label>
<input name="thisID" type="text" value="<?php echo $targetID; ?>" />
<input type="submit" name="button" id="button" value="Make Changes" />
</label></td>
</tr>
</table>
</form>
您可能从数据库服务器获取错误并忽略它们.使用mysqli_error()检查错误.
You're probably getting errors from the database server and ignoring them. Use mysqli_error() to inspect the errors.
首先,您的查询中有一个额外的逗号.WHERE 子句前不需要逗号,因此更改为:
For starters, you have an extra comma in your query. You don't need a comma before the WHERE clause, so change to:
UPDATE pages SET title='$title', details='$details' WHERE id='$pid'
另外,id 列真的是一个字符串吗?它更有可能是一个整数.(当然,除非您将其设为字符串.请检查表模式以确保确定.)如果是这种情况,那么您将不想用单引号将值括起来.所以改为:
Additionally, is the id column really a string? It's more likely that it's an integer. (Unless, of course, you made it a string. Check the table schema to know for certain.) If that's the case then you wouldn't want to surround the value with single-quotes. So change to:
UPDATE pages SET title='$title', details='$details' WHERE id=$pid
很可能还有其他错误.检查数据库响应(如前所述)是否有错误,并检查 PHP 日志是否有错误.你需要调试你的代码,不要只是看着它就猜测可能是什么问题.
There could very well be other errors. Check the database response (as mentioned before) for errors, and check the PHP logs for errors. You need to debug your code, don't just look at it and guess what the problems might be.
此外,值得注意的是,您的代码目前高度脆弱SQL 注入攻击.幸运的是,PHP 文档彻底解释了这个概念,并且有替代示例.
Furthermore, it's worth noting that your code is currently highly vulnerable to SQL injection attacks. Luckily, the PHP documentation explains the concept thoroughly, and has examples of alternatives.