dongsi1954 2012-01-29 16:46
浏览 59
已采纳

MySQL UPDATE查询语法错误?

I am relatively new to MySQL and PHP and I have been trying to UPDATE a table for a very long time now, I've searched Google and SO and I still can't figure it out.

Here is the php:

$info = array('about_me' => NULL, 'profile_pic' => NULL, 'political_party' => NULL,         'econ_views' => NULL, 'religious_views' => NULL, 
'abortion_view' =>NULL,'gay_marraige' => NULL, 'other' => NULL);

foreach ($_POST as $key => $value) {
    $info[$key] = mysql_escape_string($value);
}

$about_me = $info['about_me'];
$profile_pic = $info['profile_pic'];
$econ_views = $info['econ_views'];
$religious_views = $info['religious_views'];
$abortion_view = $info['abortion_view'];
$gay_marraige = $info['gay_marraige'];
$other = $info['other'];
$political_party = $info['political_party'];

//Connect to database
require 'db.php';

$query = "UPDATE `users` SET `about_me`=$about_me, `profile_pic`=$profile_pic,   `econ_views`=$econ_views,
       `religious_views`=$religious_views,`abortion_view`=$abortion_view,`gay_marriage`=$gay_marraige, 
    `other`=$other, `political_party`=$political_party WHERE `username`=emoore24";

echo "$query"."<br /><br />";
$result = mysql_query($query) or die(mysql_error());

echo "success"

This is run on a form with many text areas and one select element. I ran everything with simple strings as data and got this:

UPDATE users SET about_me=test about, profile_pic=, econ_views=test econ, religious_views=test rel,abortion_view=test abortion,gay_marriage=test gay marraige, other=test other, political_party=democrat WHERE username=emoore24

You have an error in your SQL syntax; check the manual that corresponds to your MySQL >server version for the right syntax to use near ' econ_views=test econ, >religious_views=test rel,abortion_view=test abor' at line 1

I'm assuming that it's something small, but I can't see it. Could anyone help?

  • 写回答

4条回答 默认 最新

  • doz95923 2012-01-29 16:47
    关注

    You haven't put quotes around any of your string literals.

    UPDATE `users` SET 
  `about_me`=about_me, 
  `profile_pic`=, 
  `econ_views`=test econ,  
  `religious_views`=test rel,
  `abortion_view`=test abortion,
  `gay_marriage`=test gay marraige, 
  `other`=test other, 
  `political_party`=democrat 
WHERE `username`=emoore24

    Should be:

    UPDATE `users` SET 
  `about_me`='about_me', 
  `profile_pic`=NULL, 
  `econ_views`='test econ',  
  `religious_views`='test rel',
  `abortion_view`='test abortion',
  `gay_marriage`='test gay marraige', 
  `other`='test other', 
  `political_party`='democrat' 
WHERE `username`='emoore24'

    If you use PDO with prepared statements, it would be a lot simpler and safer, and you won't have to worry about quoting or escaping literals. For example, here's how I might write that code:

    $info = array(
  'about_me' => NULL, 
  'profile_pic' => NULL, 
  'political_party' => NULL,
  'econ_views' => NULL, 
  'religious_views' => NULL, 
  'abortion_view' => NULL,
  'gay_marriage' => NULL, 
  'other' => NULL
);

$query = "UPDATE `users` SET 
      `about_me`=:about_me, 
      `profile_pic`=:profile_pic, 
      `econ_views`=:econ_views,  
      `religious_views`=:religious_views,
      `abortion_view`=:abortion_view,
      `gay_marriage`=:gay_marriage, 
      `other`=:other, 
      `political_party`=:political_party 
    WHERE `username`=:username";

if (($stmt = $pdo->prepare($query)) == FALSE) {
  $err = $pdo->errorInfo(); die($err[2]);
}

$values = array_intersect_key($_POST, $info);
$values['username'] = 'emoore24';

if ($stmt->execute( $values ) == FALSE) {
  $err = $stmt->errorInfo(); die($err[2]);
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥50 安装pyaudiokits失败
  • ¥15 计组这些题应该咋做呀
  • ¥60 更换迈创SOL6M4AE卡的时候,驱动要重新装才能使用,怎么解决?
  • ¥15 让node服务器有自动加载文件的功能
  • ¥15 jmeter脚本回放有的是对的有的是错的
  • ¥15 r语言蛋白组学相关问题
  • ¥15 Python时间序列如何拟合疏系数模型
  • ¥15 求学软件的前人们指明方向🥺
  • ¥50 如何增强飞上天的树莓派的热点信号强度,以使得笔记本可以在地面实现远程桌面连接
  • ¥20 双层网络上信息-疾病传播