1. 首页
  2. 问答
  3. 简单SQL更新语句语法

简单SQL更新语句语法

2017-04-14 92 views
0

试图用PHP更新我的MySQL数据库中的记录。我是一个PHP noob,所以我假设我失去了一些明显的东西。简单SQL更新语句语法

我的新代码(update-task.php) - 它提交并重定向,但记录没有更新。

<?php 
$data = array(
    'id' => $_POST['id'], 
    'TaskName' => $_POST['TaskName'], 
    'ClientName' => $_POST['ClientName'], 
    'AssignedTo' => $_POST['AssignedTo'], 
    'DueDate' => $_POST['DueDate'], 
    'TimeLogged' => $_POST['TimeLogged'], 
    'Notes' => $_POST['Notes'], 
    'Urgent' => $_POST['Urgent'] 
); 

require('mysql.php'); 
$db = new mysql; 
$db->connect('localhost', 'my_user', 'my_pass;', 'my_db'); 
$db->query("UPDATE `my_table` SET TaskName='" . mysql_real_escape_string($data['TaskName']) . "', 
    ClientName='" . mysql_real_escape_string($data['ClientName']) . "', 
    AssignedTo='" . mysql_real_escape_string($data['AssignedTo']) . "', 
    DueDate='" . mysql_real_escape_string($data['DueDate']) . "', 
    TimeLogged='" . mysql_real_escape_string($data['TimeLogged']) . "', 
    Notes='" . mysql_real_escape_string($data['Notes']) . "', 
    Urgent='" . mysql_real_escape_string($data['Urgent']) . "' WHERE id='" . mysql_real_escape_string($data['id']) . "' 
"); 

header('Location:saved.htm');

我的形式看起来像这样(视图task.php)

<?php 
$id = $_GET['id']; 
require('mysql2.php'); 
$db = new mysql; 
$db->connect('localhost', 'my_user', 'my_pass;', 'my_db'); 
$query = $db->query("SELECT * FROM `table_name` WHERE id = '" . $id ."'"); 
while($result = $db->fetch_array($query)) { 
    $data = $result; 
} 
?> 

<form action="update-task.php" method="post" id="form1" name="form1"> 

    <label>Task Name:</label> 
    <input name="TaskName" type="text" id="TaskName" size="30" value="<?php echo $data['TaskName']?>"/> 

    <label>Client</label> 
    <input name="ClientName" type="text" id="ClientName" size="30" value="<?php echo $data['ClientName']?>"/> 

    <label>Assigned To</label> 
    <input name="AssignedTo" type="text" id="AssignedTo" size="30" value="<?php echo $data['AssignedTo']?>"/> 

    <label>Due Date</label> 
    <input name="DueDate" type="text" id="DueDate" size="30" value="<?php echo $data['DueDate']?>"/> 

    <label>Time Logged</label> 
    <input type="button" value="Start Count" onClick="timedCount()"> 
    <input type="text" value="<?php echo $data['TimeLogged']?>" id="TimeLogged" name="TimeLogged"> 
    <input type="button" value="Stop Count" onClick="stopCount()"> 
    <input type="button" value="Clear Timer" onClick="clearTimer()"> 

    <label>Notes</label> 
    <input name="Notes" type="textarea" id="Notes" size="30" value="<?php echo $data['Notes']?>"/> 

    <label>Urgent</label> 
    <input name="Urgent" type="text" id="Urgent" size="30" value="<?php echo $data['Urgent']?>"/> 

    <input type="submit" value="Update" class="AddButton"> 

</form>

mysql.php

<?php 
class mysql { 
    var $querynum = 0; 
    var $querylist = ''; 

    function connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect=0) { 
     $die = false; 

     if($pconnect) { 
      @mysql_pconnect($dbhost, $dbuser, $dbpw) or ($die = true); 
     } else { 
      @mysql_connect($dbhost, $dbuser, $dbpw) or ($die = true); 
     } 

     if($die) { 
      die(mysql_error()); 
     } 

     mysql_select_db($dbname) or die(mysql_error()); 
    } 

    function fetch_array($query, $type=MYSQL_ASSOC) { 
     $query = mysql_fetch_array($query, $type); 
     return $query; 
    } 

    function query($sql) { 
     $query = mysql_query($sql) or die(mysql_error()); 
     $this->querynum++; 
     $this->querylist .= "$sql <br />"; 
     return $query; 
    } 

    function result($query, $row) { 
     $query = mysql_result($query, $row); 
     return $query; 
    } 

    function num_rows($query) { 
     $query = mysql_num_rows($query); 
     return $query; 
    } 

    function insert_id() { 
     $id = mysql_insert_id(); 
     return $id; 
    } 

    function fetch_row($query) { 
     $query = mysql_fetch_row($query); 
     return $query; 
    } 
    function affected_rows() { 
     $query = mysql_affected_rows(); 
     return $query; 
    } 
    function close() { 
     mysql_close(); 
    } 
} 


?>

来源

2017-04-14 josefresco

+0

Call类为'$ DB =新的MySQL();'< - – Saty

+0

@Saty我试过,但仍然得到错误“您在你的SQL语法中有一个错误;查看与你的MySQL服务器版本相对应的手册,在'VALUES(0,'任务2','客户端测试','人','04/14/2017' ','0','第一行'在第一行“ – josefresco

+0

了解准备好的语句以防止sql注入,并且使语句更具可读性 – Jens

回答

0

你的语法是错误的内容。您需要使用SETWHERE子句来确定实际更新的内容。

SQL语法更新:

UPDATE table_name 
SET column1 = value1, column2 = value2, ... 
WHERE condition;

来源

2017-04-14 13:52:58 Pwntus

+0

我见过这个参考,但是我不知道如何修改我的代码。你能让我开始吗? – josefresco

1

如果要更新数据,所以后来你有uniq的ID,发布从mysql.php 的MySQL更新查询代码工作"UPDATE MY_TABLE SET WHERE id='1'"它看起来你有一个查询错误

<?php 

$data = array(
    'id' => $_POST['id'] 
    'TaskName' => $_POST['TaskName'], 
    'ClientName' => $_POST['ClientName'], 
    'AssignedTo' => $_POST['AssignedTo'], 
    'DueDate' => $_POST['DueDate'], 
    'TimeLogged' => $_POST['TimeLogged'], 
    'Notes' => $_POST['Notes'], 
    'Urgent' => $_POST['Urgent'] 
); 

require('mysql.php'); 
$db = new mysql(); 
$db->connect('localhost', 'my_user', 'my_pass;', 'my_db'); 
$db->query("UPDATE `my_table` SET TaskName='" . mysql_real_escape_string($data['TaskName']) . "', 
    ClientName='" . mysql_real_escape_string($data['ClientName']) . "', 
    AssignedTo='" . mysql_real_escape_string($data['AssignedTo']) . "', 
    DueDate='" . mysql_real_escape_string($data['DueDate']) . "', 
    TimeLogged='" . mysql_real_escape_string($data['TimeLogged']) . "', 
    Notes='" . mysql_real_escape_string($data['Notes']) . "', 
    Urgent='" . mysql_real_escape_string($data['Urgent']) . "' WHERE id='" . mysql_real_escape_string($data['id']) . "' 
)"); 
header('Location:saved.htm'); 

?>

形式

<?php 
$data['id'] = $_GET['id']; 
require('mysql.php'); 
$db = new mysql(); 
$db->connect('localhost', 'my_user', 'my_pass;', 'my_db'); 
$query = $db->query("SELECT * FROM `my_table` WHERE id = '" . $data['id'] ."'"); 
while($result = $db->fetch_array($query)) { 
    $data = array_merge($data, $result); 
} 
?> 


<form action="update-task.php" method="post"> 

    <label>Task Name:</label> 
    <input name="TaskName" type="text" id="TaskName" size="30" value="<?= $data['TaskName']?>"/> 

    <label>Client</label> 
    <input name="ClientName" type="text" id="ClientName" size="30" value="<?= $data['ClientName']?>"/> 

    <label>Assigned To</label> 
    <input name="AssignedTo" type="text" id="AssignedTo" size="30" value="<?= $data['AssignedTo']?>"/> 

    <label>Due Date</label> 
    <input name="DueDate" type="text" id="DueDate" size="30" value="<?= $data['DueDate']?>"/> 

    <input name="id" type="hidden" id="id" value="<?= $data['id']?>"/> 

    <label>Time Logged</label> 
    <input type="button" value="Start Count" onClick="timedCount()"> 
    <input type="text" value="<?= $data['TimeLogged']?>" id="TimeLogged" name="TimeLogged"> 
    <input type="button" value="Stop Count" onClick="stopCount()"> 
    <input type="button" value="Clear Timer" onClick="clearTimer()"> 

    <label>Notes</label> 
    <input name="Notes" type="textarea" id="Notes" size="30" value="<?= $data['Notes']?>"/> 

    <label>Urgent</label> 
    <input name="Urgent" type="text" id="Urgent" size="30" value="<?= $data['Urgent']?>"/> 

    <input type="submit" value="Update" class="AddButton"> 

</form>

来源

2017-04-14 13:54:46

+0

mysql.php的内容我如何获取当前记录的ID? – josefresco

+0

你可以通过url传递你的id或发布$ _GET $ _POST,如果你想更新,那么你有一个你可以更新的uniq密钥。查询如何,你可以在这里阅读https://www.w3schools.com/php/php_mysql_update.asp –

+0

$ _GET $ _POST教程在这里https://www.tutorialspoint.com/php/php_get_post.htm –

相关问题

 相关问题