我在这里遇到一些问题。我正在为我的公司开发一个闪存数据库管理器,并且我已经拥有插入和“搜索”功能。尝试使UPDATE工作时出现问题。生病后两码的位置:无法使用Flash应用程序更新php数据库
PHP(修订版)
<?php
//connect to the local MySQL
$connect=mysql_connect("localhost", "****", "****");
//select your database
mysql_select_db("****");
//Variables
$ID=$_POST[IDPost];
$Nome=$_POST[Nome];
$Tipo=$_POST[Tipo];
$Empresa=$_POST[Empresa];
$Morada=$_POST[Morada];
$CodPostal=$_POST[CodPostal];
$Email=$_POST[Email];
$Contacto1=$_POST[Contacto1];
$Contacto2=$_POST[Contacto2];
$DataNascimento=$_POST[DataNascimento];
$Profissao=$_POST[Profissao];
$Notas1=$_POST[Notas1];
$Notas2=$_POST[Notas2];
//query the database
$query="
UPDATE
GestaoClientes
SET
Nome = '$Nome',
Tipo = '$Tipo',
Empresa = '$Empresa',
Morada = '$Morada',
CodPostal = '$CodPostal',
Email = '$Email',
Contacto1 = '$Contacto1',
Contacto2 = '$Contacto2',
DataNascimento = '$DataNascimento',
Profissao = '$Profissao',
Notas1 = '$Notas1',
Notas2 = '$Notas2'
WHERE
ID = '$ID'";
$result=mysql_query($query);
if (!mysql_query($query,$connect))
{
die('Error: ' . mysql_error());
echo "Result=NotOk";
}else{
echo "Result=Ok";
}
mysql_close($connect);
?>
闪存
public function editInfo(MouseEvent):void
{
var request:URLRequest = new URLRequest ("link.php");
request.method = URLRequestMethod.POST;
trace("called");
var variables:URLVariables = new URLVariables();
variables.IDPost = NField.text;
variables.Nome = NomeField.text;
variables.Email = NomeField.text;
variables.Morada = MoradaField.text;
variables.CodPostal = CodPostalField.text;
variables.Tipo = TipoField.text;
variables.Empresa = EmpresaField.text;
variables.Profissao = ProfissaoField.text
variables.DataNascimento = DataNascimentoField.text;
variables.Notas1 = Notas1Field.text;
variables.Notas2 = Notas2Field.text;
request.data = variables;
var loader:URLLoader = new URLLoader (request);
loader.addEventListener(Event.COMPLETE, onComplete);
loader.dataFormat = URLLoaderDataFormat.VARIABLES;
loader.load(request);
function onComplete(e:Event):void
{
trace("ok");
}
}
当我尝试在浏览器中去的PHP,如果只是给我错误:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''Nome' = '', 'Tipo' = '', 'Empresa' = '', 'Morada' = '', 'CodPostal' = '', 'Emai' at line 4
这虽然可能是正常的,因为我没有通过浏览器传递任何“POST”变量。
闪存doesent在尝试这段代码时会返回任何错误,所以我假设连接本身没问题,但是它还没有进行更新。这段代码有什么问题吗?谢谢。
更新:我现在更改了我的代码,它不显示语法错误,但仍在闪存中进行更新。任何意识为什么? :/感谢
在尝试对它们执行SQL quey之前,您应该转义所有$ _POST变量。 – Twelve47 2011-04-12 14:15:07
什么是“PHP数据库”?您的SQL注入预防在哪里? – 2011-04-12 14:15:52
@Marco,你的PHP很可怕。您可以随时随地进行大量攻击,并且可能有些粗略的数据正在破坏您的查询。您应该为您的数据库工作实施PDO。请参阅http://www.phpro.org/tutorials/Introduction-to-PHP-PDO.html – Brad 2011-04-12 14:17:30