dsfw2154 2014-07-28 11:25
浏览 8
已采纳

用PHP更新MYSQl会导致空白页面

i am trying to update mysql table with php grabbing data from a form.

When i run the script with this

$query="UPDATE customers SET background='$_GET['background']',font='$_GET['font']',fontcolour='$_GET['fontcolour']',fontsize='$_GET['fontsize']',title='$_GET['title']' WHERE client='$_GET['client']'";

i get a black screen but if i do the below script

$background=$_GET['background'];
$client=$_GET['client'];
$query="UPDATE customers SET background='$background' WHERE client='$client'";

it goes through fine

although i can do it this way i am trying to understand why i can not just put the get right into the query rather than having more lines of code than necessary.

NOTE: all other code stripped can post if required.

  • 写回答

2条回答 默认 最新

  • dtch60248 2014-07-28 11:31
    关注

    Change your code to this

    $query="UPDATE customers SET background='" . $_GET['background'] . "',font='" . $_GET['font'] . "',fontcolour='" . $_GET['fontcolour'] . "',fontsize='" . $_GET['fontsize'] . "',title='" . $_GET['title'] . "' WHERE client='" . $_GET['client']."'";

    Also, your code is vulnerable to SQL injection

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 在不同的执行界面调用同一个页面
  • ¥20 基于51单片机的数字频率计
  • ¥50 M3T长焦相机如何标定以及正射影像拼接问题
  • ¥15 keepalived的虚拟VIP地址 ping -s 发包测试,只能通过1472字节以下的数据包(相关搜索:静态路由)
  • ¥20 关于#stm32#的问题:STM32串口发送问题,偶校验(even),发送5A 41 FB 20.烧录程序后发现串口助手读到的是5A 41 7B A0
  • ¥15 C++map释放不掉
  • ¥15 Mabatis查询数据
  • ¥15 想知道lingo目标函数中求和公式上标是变量情况如何求解
  • ¥15 关于E22-400T22S的LORA模块的通信问题
  • ¥15 求用二阶有源低通滤波将3khz方波转为正弦波的电路