PHP搜索和编辑数据库 - PHP Search and edit database

PHP Search and edit database

本文关键字：数据库编辑搜索 PHP | 更新日期: 2024-04-18

我有一个搜索数据库的搜索页面。搜索后，它会将结果带到一个页面，该页面有一个表单，用户可以在其中编辑条目。然而，当我试图编辑条目时，它会出现"主题编辑失败"。我看不出我做错了什么。这是edit.php。

 if (isset($_POST['submit']))
 {
 //form was submitted
$First_Name = mysql_real_escape_string($_POST["First_Name"]);
$Last_Name = mysql_real_escape_string($_POST["Last_Name"]);

$message = "Your details have been received";
//Database Query
$query  = "UPDATE subjects SET ";
$query .= "First_Name = '{$First_Name}'";
    $query .= "Last_Name = '{$Last_Name}'";
$query .= "LIMIT 1";
$result = mysqli_query($connect, $query);
if($result && mysqli_affected_rows($connect) == 1)
    {
        //Success
        echo "Subject Edited. ";
    }
else
    {
        //failure
        echo "Subject Editing failed. ";
    }
 }

这是表格：

 <form action="edit.php" method ="post">
 <p>First_Name
 <?php     
 $fquery = $_GET['fquery'];
 $lquery = $_GET['lquery'];
 $fquery = htmlspecialchars($fquery);
 $lquery = htmlspecialchars($lquery);
 $fquery = mysql_real_escape_string($fquery);
 $lquery = mysql_real_escape_string($lquery);
 $raw_results = mysql_query("SELECT * FROM member
 WHERE (`First_Name` = '$fquery') AND (`Last_Name` = '$lquery')") or       die(mysql_error());
 if(mysql_num_rows($raw_results) > 0){
    $string = "";
    while($results = mysql_fetch_array($raw_results)){                 
            $string .= "<p class='"name'">".$results['First_Name']."  "; 
         } 
    } 
else{ 
    $string = "No results"; 
} 
echo $string; ?>            
 <input type="text" name="First_Name" value ="" />
 </p> 
 <p>Last Name: 
 <?php     
 $fquery = $_GET['fquery'];
 $lquery = $_GET['lquery'];
 $fquery = htmlspecialchars($fquery);
 $lquery = htmlspecialchars($lquery);
 $fquery = mysql_real_escape_string($fquery);
 $lquery = mysql_real_escape_string($lquery);
 $raw_results = mysql_query("SELECT * FROM member
 WHERE (`First_Name` = '$fquery') AND (`Last_Name` = '$lquery')") or die(mysql_error());
 if(mysql_num_rows($raw_results) > 0){
    $string = "";
    while($results = mysql_fetch_array($raw_results)){                 
            $string .= "<p class='"name'">".$results['Last_Name']." "; 
         } 
    } 
else{ 
    $string = "No results"; 
} 
echo $string; ?>            
 <input type="text" name="Last_Name" value ="" />
 </p>

提交表单后，数据库将更新查询。谢谢你的帮助！！

您的查询失败，因为您的语句中没有合适的分隔符。

参见此处

$query  = "UPDATE subjects SET ";
$query .= "First_Name = '{$First_Name}'"; 
    $query .= ",Last_Name = '{$Last_Name}'"; //<---------- Comma added (before last name)
$query .= " LIMIT 1";//<----- Space added before LIMIT

我想您的查询中需要一个逗号和额外的空格。现在您的查询如下：

UPDATE subjects SET First_Name = '{$First_Name}'Last_Name = '{$Last_Name}'LIMIT 1

当你需要它看起来像这样时：

UPDATE subjects SET First_Name = '{$First_Name}', Last_Name = '{$Last_Name}' LIMIT 1

您应该始终检查查询结果并记录错误。在这种情况下，您会被明确告知查询中存在语法错误。

您也可能是服务器，不使用一堆字符串来构建查询，甚至可能使用参数化的准备语句。在这种情况下，您可以这样编写SQL：

$query = <<<EOD
UPDATE subjects
SET First_Name = ?, Last_Name = ?
LIMIT 1
EOD;

这在代码中可读性更强。