这个脚本有什么问题?我无法弄清楚问题!
function editAccount() {
$id = $_POST['id'];
$rep = $_POST['rep'];
$lastchange = date('mdY');
$account = $_POST['account'];
$areacode = $_POST['areacode'];
$number = $_POST['number'];
$address1 = $_POST['address1'];
$address2 = $_POST['address2'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$country = $_POST['country'];
$fax = $_POST['fax'];
$descmaker1 = $_POST['descmaker1'];
$descmaker2 = $_POST['descmaker2'];
$title = $_POST['title'];
$email = $_POST['email'];
$cvendor = $_POST['cvendor'];
$cequipment = $_POST['cequipment'];
$leaseexp1 = $_POST['leaseexp1'];
$leaseexp2 = $_POST['leaseexp2'];
$leaseexp3 = $_POST['leaseexp3'];
$leaseexp4 = $_POST['leaseexp4'];
$leaseexp5 = $_POST['leaseexp5'];
$leaseexp6 = $_POST['leaseexp6'];
$volume = $_POST['volume'];
$notes = $_POST['notes'];
mysql_db_query("UPDATE accounts
SET (lastchange = '$lastchange',
account = '$account',
areacode = '$areacode',
number = '$number',
address1 = '$address1',
address2 = '$address2',
city = '$city',
state = '$state',
zip = '$zip',
fax = '$fax',
descmaker1 = '$descmaker1',
descmaker2 = '$descmaker2',
title = '$title',
email = '$email',
cvendor = '$cvendor',
cequipment = '$cequipment',
leaseexp1 = '$leaseexp1',
leaseexp2 = '$leaseexp2',
leaseexp3 = '$leaseexp3',
leaseexp4 = '$leaseexp4',
leaseexp5 = '$leaseexp5',
leaseexp6 = '$leaseexp6',
volume = '$volume',
notes = '$notes')
WHERE id = $id");
}
错误:
警告:第 83 行/home/content/53/7311353/html/cca/accounts/include/processAct.php 中的 mysql_db_query() 参数计数错误
行为:WHERE id=$id");
在 UPDATE
命令中,删除括号。就是这样。
另外,请注意SQL注入。
更新
最终代码应如下所示:
function editAccount() {
$id = $_POST['id'];
$rep = $_POST['rep'];
$lastchange = date('mdY');
$account = $_POST['account'];
$areacode = $_POST['areacode'];
$number = $_POST['number'];
$address1 = $_POST['address1'];
$address2 = $_POST['address2'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$country = $_POST['country'];
$fax = $_POST['fax'];
$descmaker1 = $_POST['descmaker1'];
$descmaker2 = $_POST['descmaker2'];
$title = $_POST['title'];
$email = $_POST['email'];
$cvendor = $_POST['cvendor'];
$cequipment = $_POST['cequipment'];
$leaseexp1 = $_POST['leaseexp1'];
$leaseexp2 = $_POST['leaseexp2'];
$leaseexp3 = $_POST['leaseexp3'];
$leaseexp4 = $_POST['leaseexp4'];
$leaseexp5 = $_POST['leaseexp5'];
$leaseexp6 = $_POST['leaseexp6'];
$volume = $_POST['volume'];
$notes = $_POST['notes'];
mysql_query("UPDATE accounts
SET lastchange = '$lastchange',
account = '$account',
areacode = '$areacode',
number = '$number',
address1 = '$address1',
address2 = '$address2',
city = '$city',
state = '$state',
zip = '$zip',
fax = '$fax',
descmaker1 = '$descmaker1',
descmaker2 = '$descmaker2',
title = '$title',
email = '$email',
cvendor = '$cvendor',
cequipment = '$cequipment',
leaseexp1 = '$leaseexp1',
leaseexp2 = '$leaseexp2',
leaseexp3 = '$leaseexp3',
leaseexp4 = '$leaseexp4',
leaseexp5 = '$leaseexp5',
leaseexp6 = '$leaseexp6',
volume = '$volume',
notes = '$notes'
WHERE id = $id");
}
这里的问题是你调用了错误的函数。 mysql_db_query
应该是mysql_query
.
您也不需要 SET
后面的括号。
关于sql注入,我建议你用mysql_real_escape_string
转义所有$_POST
变量。
根据 PHP 文档,已弃用的函数mysql_db_query()
至少需要两个参数。 第一个是数据库名称,第二个是 SQL 查询。 您只指定了 SQL 查询。
resource mysql_db_query ( string $database , string $query [, resource $link_identifier ] )
所以在你的情况下:
mysql_db_query('yourdatabasename', "UPDATE accounts set....");
现在更常见的是使用 mysql_query()
,它将利用先前选择的数据库 mysql_select_db()
。
检查 mysql 连接是否已建立。有时这也可能是个问题
mysql_query("UPDATE accounts
SET (lastchange = '$lastchange',
account = '$account',
areacode = '$areacode',
number = '$number',
address1 = '$address1',
address2 = '$address2',
city = '$city',
state = '$state',
zip = '$zip',
fax = '$fax',
descmaker1 = '$descmaker1',
descmaker2 = '$descmaker2',
title = '$title',
email = '$email',
cvendor = '$cvendor',
cequipment = '$cequipment',
leaseexp1 = '$leaseexp1',
leaseexp2 = '$leaseexp2',
leaseexp3 = '$leaseexp3',
leaseexp4 = '$leaseexp4',
leaseexp5 = '$leaseexp5',
leaseexp6 = '$leaseexp6',
volume = '$volume',
notes = '$notes')
WHERE id = $id")
这是更新查询的语法,使用 mysql_query 而不是mysql_db_query