【发布时间】:2019-12-03 15:50:18
【问题描述】:
有一个注册界面,您必须在登录后输入您的账单信息。 目标是在 MySQL 数据库中记录输入的数据并将“计费”值更新为“1”,但是出现语法错误。
代码是(PhP 7.3):
<?php
session_start();
if(!isset($_SESSION['username'])) {
header('location: login.php');
exit();
}
include_once('dbconnect.php');
$username = $_SESSION["username"];
$result = mysqli_query($conn, "SELECT * FROM users WHERE username = '$username'");
while($row = mysqli_fetch_array($result)) {
if ($row['billable'] == 0) {
$error = false;
if(isset($_POST['btn-updatedetails'])) {
$firstname = mysqli_real_escape_string($conn, $_REQUEST['firstname']);
$lastname = mysqli_real_escape_string($conn, $_REQUEST['lastname']);
$phone = mysqli_real_escape_string($conn, $_REQUEST['phone']);
$company = mysqli_real_escape_string($conn, $_REQUEST['company']);
$country = mysqli_real_escape_string($conn, $_REQUEST['country']);
$county = mysqli_real_escape_string($conn, $_REQUEST['county']);
$city = mysqli_real_escape_string($conn, $_REQUEST['city']);
$street = mysqli_real_escape_string($conn, $_REQUEST['street']);
$postcode = mysqli_real_escape_string($conn, $_REQUEST['postcode']);
if(empty($firstname)) {
$error = true;
$errorFirstname = 'This field cannot be left blank.';
}
if(empty($lastname)) {
$error = true;
$errorLastname = 'This field cannot be left blank.';
}
if(empty($phone)) {
$error = true;
$errorPhone = 'This field cannot be left blank.';
}
if(empty($country)) {
$error = true;
$errorCountry = 'This field cannot be left blank.';
}
if(empty($county)) {
$error = true;
$errorCounty = 'This field cannot be left blank.';
}
if(empty($city)) {
$error = true;
$errorCity = 'This field cannot be left blank.';
}
if(empty($street)) {
$error = true;
$errorStreet = 'This field cannot be left blank.';
}
if(empty($postcode)) {
$error = true;
$errorPostcode = 'This field cannot be left blank.';
}
if(!$error){
$sql = "INSERT INTO users (firstname, lastname, phone, company, country, county, city, street, postcode) VALUES ('$firstname', '$lastname', '$phone', '$company', '$country', '$county', '$city', '$street', '$postcode') WHERE username = '$username' AND UPDATE users SET billable='1' WHERE username = '$username'";
if(mysqli_query($conn, $sql)){
$successMsg = 'Success!';
}else{
echo 'Error '.mysqli_error($conn);
}
}
}
?>
<form method="POST" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" autocomplete="off">
Firstname:
<input type="text" name="firstname" id="firstname"><br>
Lastname:
<input type="text" name="lastname" id="lastname"><br>
Phone:
<input type="text" name="phone" id="phone"><br>
Company (optional):
<input type="text" name="company" id="company"><br>
Country:
<input type="text" name="country" id="country"><br>
County:
<input type="text" name="county" id="county"><br>
City:
<input type="text" name="city" id="city"><br>
Street:
<input type="text" name="street" id="street"><br>
Postcode:
<input type="text" name="postcode" id="postcode"><br>
<input type="submit" name="btn-updatedetails">
</form>
<?php
} else {
echo "<3";
}
}
mysqli_close($conn);
此页面返回以下错误:
Error You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE username = 'Erik' AND UPDATE users SET billable='1' WHERE username = 'Erik' at line 1
MySQL 数据库:
我在哪里做错了?
提前感谢您的回答!
祝你有美好的一天!
【问题讨论】:
-
你为什么要这样做?
UPDATE users SET billable='1' WHERE username = '$username'" -
@Regolith 同样的问题。
-
插入语句中不需要
where -
好的。我删除了第一个 WHERE。当前代码:
$sql = "INSERT INTO users (firstname, lastname, phone, company, country, county, city, street, postcode) VALUES ('$firstname', '$lastname', '$phone', '$company', '$country', '$county', '$city', '$street', '$postcode') AND UPDATE users SET billable='1' WHERE username = '$username'";现在我收到以下错误:“错误您的 SQL 语法有错误;请查看与您的 MariaDB 服务器版本相对应的手册以获取正确的语法以在 'AND UPDATE users SET billable 附近使用='1' WHERE 用户名 = 'Erik'' 在第 1 行“ -
我想你明白你可以直接在 1 处插入计费属性?或者在您的架构中使用默认值。为什么之后更新?