if ($_SERVER["REQUEST_METHOD"]=="POST") {
$updatedate=$_POST['date'];
$updateday=$_POST['day'];
$updateplace=$_POST['place'];
$updatehighlight=$_POST['highlight'];
$updatediscription=$_POST['discription'];
$sqlupdate="UPDATE $tableselect SET entrydate='$updatedate',day='$updateday',place='$updateplace',highlight='$updatehighlight',discription='$updatediscription' WHERE id ='$getid'";
$sqlquery=mysqli_query($db,$sqlupdate);
if (!mysqli_query($db,$sqlquery)) {
echo "error " .$sqlquery. "
" . mysqli_error($db);
}
}
它显示此错误:
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘1’ at line 1
解决方法:
真的很简单,你运行查询功能两次,这就是为什么你得到1.
所以
$sqlquery=mysqli_query($db,$sqlupdate);
if (!mysqli_query($db,$sqlquery)) {...}
需要改为公正
$sqlquery=mysqli_query($db,$sqlupdate);
if(!$sqlquery){...}
第一个被执行,而(if)! operator也会触发查询功能,因为它是TRUE,如“(如果)没有失败”.
“For other successful queries mysqli_query() will return TRUE.”
同时参数化您的查询,您可以打开SQL注入.
标签:php,mysql,mysqli
来源: https://codeday.me/bug/20190828/1752509.html