dougu1985 2017-01-09 23:31
浏览 91

使用PHP将复选框输入放入MySQL表列

<?php
session_start();
$servername = "localhost";
$username = "_admin";
$password = "";
$dbname = "_users";

$value = $_POST['userTel'];
$sesh = $_SESSION['userSession'];
$checkbox1=$_POST['site'];  
$chk="";  
foreach($checkbox1 as $chk1)
{  
    $chk .= $chk1.",";  
}  

try {
    $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
    // set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

    // begin the transaction
    $conn->beginTransaction();
    // our SQL statements
    $conn->exec("UPDATE tbl_users SET userTel = '$value' WHERE userID = '$sesh'");
    $conn->exec("UPDATE tbl_sites SET siteName ('$chk')");

    // commit the transaction
    $conn->commit();
    echo "all's good ^.^";
}
catch(PDOException $e)
{
    // roll back the transaction if something failed
    $conn->rollback();
    echo "Error: " . $e->getMessage();
}

$conn = null;
?>

That's my code, and this is the error that's returned to me:

Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '('kith,')' at line 1

(kith is 1 of the input values)

What am I doing wrong here?

  • 写回答

2条回答 默认 最新

  • dongxiaoshe0737 2017-01-10 00:48
    关注

    A more traditional prepared stmt possible way ?

    session_start();
    $servername = "localhost";
    $username = "_admin";
    $password = "";
    $dbname = "_users";
    
    $value = $_POST['userTel'];
    $sesh = $_SESSION['userSession'];
    $checkbox1 = $_POST['site'];
    $chk = "";
    
    foreach ($checkbox1 as $chk1) {
        $chk .= $chk1 . ",";
    }
    /* making sure there not the last , anyway */
    $chk = rtrim($chk, ",");
    
    /* setting conn */
    try {
        $conn = new PDO('mysql:host=' . $servername . ';dbname=' . $dbname . ';charset=UTF8', $username, $password);
        $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    } catch (PDOException $e) {
        echo 'Connection failed: ' . $e->getMessage();
    }
    
    /* prepared stmts */
    $sql1 = "UPDATE tbl_users SET userTel = ? WHERE userID = ?";
    $sql2 = "UPDATE tbl_sites SET siteName = ?";
    $stmt1 = $conn->prepare($sql1);
    $stmt2 = $conn->prepare($sql2);
    
    /* bindings */
    $stmt1->bindParam(1, $value, PDO::PARAM_STR);
    $stmt1->bindParam(2, $sesh, PDO::PARAM_STR);
    $stmt2->bindParam(1, $chk, PDO::PARAM_STR);
    
    /*exec*/
    $sql1->execute();
    $sql2->execute();
    
    评论

报告相同问题?

悬赏问题

  • ¥15 数学的三元一次方程求解
  • ¥20 iqoo11 如何下载安装工程模式
  • ¥15 本题的答案是不是有问题
  • ¥15 关于#r语言#的问题:(svydesign)为什么在一个大的数据集中抽取了一个小数据集
  • ¥15 C++使用Gunplot
  • ¥15 这个电路是如何实现路灯控制器的,原理是什么,怎么求解灯亮起后熄灭的时间如图?
  • ¥15 matlab数字图像处理频率域滤波
  • ¥15 在abaqus做了二维正交切削模型,给刀具添加了超声振动条件后输出切削力为什么比普通切削增大这么多
  • ¥15 ELGamal和paillier计算效率谁快?
  • ¥15 蓝桥杯单片机第十三届第一场,整点继电器吸合,5s后断开出现了问题