如何更新此表？使用PHP/MySQL的

Question

守则 “INC/Q/prof.php”：

<?php 
// Insert Comments into Database that user provides 
$comm = mysql_real_escape_string($_POST['addComment']); 

// following line has changed: 
$pID4 = filter_var($_POST['pID'], FILTER_SANITIZE_STRING); 

$commentDetail = $_POST['addComment']; 
$username = "###"; 
$password = "###"; 
$pdo4 = new PDO('mysql:host=localhost;dbname=####', $username, $password); 
$pdo4->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
$sth4 = $pdo4->prepare(' 
INSERT INTO Comment (info, pID, cID) VALUES(?,?,?) 
SELECT Comm.cID 
FROM Professor P, Comment Comm, Course Cou 
WHERE P.pID = Comm.pID 
AND Cou.cID = Comm.cID; 
'); 
$sth4->execute(array($commentDetail, $pID4, $cID)); 


?> 

HTML

<form action='inc/q/prof.php' method='post'> 
        <input type='text' id='addComment' name='addComment' tabindex='3' value='Enter comment' /> 
       <input type='hidden' name='pID' value='<?php echo $pID4; ?>'> 

       </form> 

表：

仍然收到错误 - 我仍然收到错误：You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT Comm.cID FROM Professor P, Comment Comm, Course Cou WHERE P.pID = Comm.p' at line 2\PDOStatement->execute(Array) #1

Answer 1

您可以将它们作为两个隐藏的输入字段传递。看起来好像你已经拥有了为pID：

<input type="hidden" name="pID" value="<?php echo $pID4 ?>" /> 

另外，还要确保你实际上是发布正确的字段和值。以下内容添加到prof.php的顶部：

print_r($_POST); 

我的猜测是您$_POST['pID']

Answer 2

实际上没有传递任何它无关清除URL;你在回声后遗漏了一个分号，把pID插入隐藏字段。所以你只是传递一个空值，因为PHP不会执行。此外，您没有任何courseinfoDD输入，因此它当然会在您的新行中输入null。