无法更新数据:SQL 语法有误; - Could not update data: You have an error in your SQL syntax;

Could not update data: You have an error in your SQL syntax;

本文关键字：语法 SQL 更新数据 | 更新日期: 2023-09-27

我有这个问题

错误

Could not update data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ..... line 1.

这是代码

<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$db     = 'catalog';
$conn = mysql_connect($dbhost, $dbuser, $dbpass,$db);
if(! $conn )
{
 die('Could not connect: ' . mysql_error());
}
$adresa_e = $_POST['ADRESAE'];
$nr_matricol = $_POST['NR_MATRICOL'];
$sql = "UPDATE elevi ".
      "SET ADRESAE = $adresa_e ".
      "WHERE NR_MATRICOL = $nr_matricol" ;
mysql_select_db('catalog');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
 die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully'n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
  <table width="400" border="0" cellspacing="1" cellpadding="2">
    <tr>
      <td width="100">ADRESA ELEV</td>
      <td><input name="ADRESAE" type="text" id="ADRESAE"></td>
    </tr>
    <tr>
      <td width="100">NR MATRICOL</td>
      <td><input name="NR_MATRICOL" type="text" id="NR_MATRICOL"></td>
    </tr>
    <tr>
      <td width="100"></td>
      <td></td>
    </tr>
    <tr>
      <td width="100"></td>
      <td><input name="update" type="submit" id="update" value="Update"></td>
    </tr>
  </table>
</form>
<?php
}
?>
</body>
</html>

更改

$sql = "UPDATE elevi ".
      "SET ADRESAE = $adresa_e ".
      "WHERE NR_MATRICOL = $nr_matricol" ;

自

$sql = "UPDATE elevi SET ADRESAE = '$adresa_e' WHERE NR_MATRICOL = '$nr_matricol'" ;

变量在您的请求中被视为简单文本：

试试这个

$sql = "UPDATE elevi SET ADRESAE = '".$adresa_e."' WHERE NR_MATRICOL = '".$nr_matricol."'" ;

代码：

$conn = mysql_connect($dbhost, $dbuser, $dbpass,$db);
if(! $conn )
{
 die('Could not connect: ' . mysql_error());
}

将此代码更改为：

$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
 die('Could not connect: ' . mysql_error());
}
mysql_select_db($db);

守则：

$sql = "UPDATE elevi ".
      "SET ADRESAE = $adresa_e ".
      "WHERE NR_MATRICOL = $nr_matricol" ;

将此代码更改为：

$sql = "UPDATE elevi ".
      "SET ADRESAE = '$adresa_e' ".
      "WHERE NR_MATRICOL = '$nr_matricol'" ;

您需要改为运行以下内容

"UPDATE elevi SET ADRESAE = '$adresa_e' WHERE NR_MATRICOL = '$nr_matricol'" ;

当您使用mysql_connect记住转义字符串时，我可以从您的代码中拥有您的网站并获取您的用户列表。

mysql_real_escape_string

附带说明一下，标准mysql_connect即将达到其生命周期的终点（打开严格的PHP以查看有关此的所有警告）使用mysqli或PDO。

一个有用的例子可以在这里找到