我的编辑用户有问题。单击提交按钮后,它将显示错误:"您的SQL语法有错误;请查看与您的MySQL服务器版本对应的手册,以在第1行的"附近使用正确的语法"这是它的错误代码。我不知道我的代码发生了什么。我确实试过很多次调试它。
<?php
//set session start
session_start();
function renderForm($UID,$Username,$Unitno,$Cont,$PW,$UEmail,$UPay,$JD,$PD)
{?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><link href="styles/style1.css" media="screen" rel="stylesheet" title="CSS" type="text/css" /></head><body><!-- Begin Container -->
<div id="container">
<!-- Begin Masthead -->
<div id="masthead">
</div>
<!-- End Masthead -->
<!-- Begin Navigation -->
<div id="navigation">
<ul>
<li><a href="homepage.php">Home Page</a></li>
<li><a href="notice.php">Notice</a></li>
<li><a href="feedback.php">Feedback</a></li>
<li><a href="user.php">User</a></li>
<li><a href="logout.php">Logout</a></li>
</ul>
</div>
<!-- End Navigation -->
<!-- Begin Content -->
<div id="content">
<!-- #BeginEditable "content" -->
<h1>Edit User</h1>
<hr/>
You are on:
<a href="user.php">User</a>
<br/>
<form action="" method="post">
<table align="center">
<tr>
<p align = "center"><strong>User ID: </strong> <?php echo $UID?></p><br/>
<td align = "right">
<strong>User Name: </strong> <input type="text" name="UserName" value = "<?php echo $Username; ?>" /><br/>
<strong>Unit No: </strong> <input type="text" name="UnitNo" value = "<?php echo $Unitno; ?>" /><br/>
<strong>Contact: </strong> <input type="text" name="Contact" value = "<?php echo $Cont; ?>" /><br/>
<strong>Password: </strong> <input type="text" name="Password" value = "<?php echo $PW; ?>" /><br/>
<strong>Email: </strong> <input type="text" name="UserEmail" value = "<?php echo $UEmail; ?>" /><br/>
<strong>User Pay: </strong> <input type="text" name="UPayment" value = "<?php echo $UPay; ?>" /><br/>
<strong>Join Date: </strong> <input type="text" name="JoinDate" value = "<?php echo $JD; ?>" /><br/>
<strong>Pay Date: </strong> <input type="text" name="PayDate" value = "<?php echo $PD; ?>" /><br/>
<input type="submit" name="submit" value="Submit">
</td>
</tr></table>
<br/>
<hr/>
</div>
<!-- End Content -->
<!-- Begin Footer -->
<div id="footer">
<p>
Copyright © 2012 Condominium Management. All Rights Reserved.
</p>
</div>
<!-- End Footer -->
</div>
<!-- End Container -->
</body>
</html><?php
include ("connection_db.php");
if(isset($_POST['submit']))
{
if (is_numeric($_POST['UID']))
{
$UserID = $_POST['UserID'];
$UserName= mysql_real_escape_string(htmlspecialchars($_POST['UserName']));
$UnitNo = mysql_real_escape_string(htmlspecialchars($_POST['UnitNo']));
$Contact = mysql_real_escape_string(htmlspecialchars($_POST['Contact']));
$Password= mysql_real_escape_string(htmlspecialchars($_POST['Password']));
$UEmail = mysql_real_escape_string(htmlspecialchars($_POST['UserEmail']));
$UPayment = mysql_real_escape_string(htmlspecialchars($_POST['UPayment']));
$JoinDate= mysql_real_escape_string(htmlspecialchars($_POST['JoinDate']));
$PayDate = mysql_real_escape_string(htmlspecialchars($_POST['PayDate']));
}
else
{
$sql = "UPDATE User SET UserName='$UserName', UnitNo='$UnitNo', Contact='$Contact', Password='$Password', UserEmail='$UEmail', UPayment='$UPayment', JoinDate='$JoinDate', PayDate='$PayDate' where UserID = $UserID";
mysql_query($sql) or die(mysql_error());
header("Location:user.php");
}
}
else
{
if(isset($_GET['UserID']) && is_numeric($_GET['UserID']) && $_GET['UserID']>0)
{
$uid = $_GET['UserID'];
$result = mysql_query("SELECT * FROM User Where UserID = $uid") or die (mysql_error());
$row = mysql_fetch_array($result);
if($row)
{
$UID = $row['UserID'];
$Username = $row['UserName'];
$Unitno = $row['UnitNo'];
$Cont = $row['Contact'];
$PW = $row['Password'];
$UEmail = $row['UserEmail'];
$UPay = $row['UPayment'];
$JD = $row['JoinDate'];
$PD = $row['PayDate'];
renderForm($UID, $Username, $Unitno, $Cont, $PW, $UEmail, $UPay, $JD, $PD, '');
}
else
{
echo "No result";
}
}
else
{
echo 'Error';
}
}?>
我看到两个错误。
- 您引用了
$_POST['UserID']
,但没有名为UserID的字段,只有UID - 您在UPDATE语句中使用了一个名为
$UserID
的变量,但该变量只能由其他代码路径设置,因此当UPDATE运行时,它还没有初始化,因此可能是一个空字符串
我认为是第二个原因导致了你的问题。您的UPDATE语句可能以where UserID =
结尾。但是,正如其他人所说,唯一可以确定的方法是打印出你的查询,看看它出了什么问题
一般来说,要调试SQL问题,您应该:
- 修改代码以打印出所有SQL查询
- 检查查询,看看你是否能判断出哪一个有问题以及错误在哪里
- 如果没有,试着手动运行它们,看看哪些有效,哪些无效
- 一旦您在查询字符串中发现了错误,请查看创建该错误的原因
- 修复它
您确实应该打印出sql语句:
$sql = "UPDATE User SET UserName='$UserName', UnitNo='$UnitNo', Contact='$Contact', Password='$Password', UserEmail='$UEmail', UPayment='$UPayment', JoinDate='$JoinDate', PayDate='$PayDate' where UserID = $UserID";
echo "MY QUERY: ".$sql;
mysql_query($sql) or die(mysql_error());
header("Location:user.php");
请公布你的结果,我想我们可以很容易地发现错误。
更新:确保$UserID
已定义(不为空)并添加分号:
$sql = "UPDATE User SET UserName='$UserName', UnitNo='$UnitNo', Contact='$Contact', Password='$Password', UserEmail='$UEmail', UPayment='$UPayment', JoinDate='$JoinDate', PayDate='$PayDate' where UserID = '$UserID' ;";
用where UserID = '$UserID';"
替换where UserID = $UserID"
不要忘记那些引号和分号