【发布时间】:2019-06-04 04:00:13
【问题描述】:
我不明白为什么我的查询不能正常工作
$sql = "UPDATE rezepte Set namerecipe =" .$namerecipe .",ingredient1 =" . $ingredient1 . ",ingredient2 =" . $ingredient2 . ",ingredient3 =" . $ingredient3 . ",ingredient4 =" . $ingredient4 . ",ingredient5 =" . $ingredient5 . ",ingredient6 =" . $ingredient6 . ",ingredient7 =" . $ingredient7 . ",ingredient8 =" . $ingredient8 . ",ingredient9 =" . $ingredient9 . ",ingredient10 =" . $ingredient10 . ", preparation =" . $preparation . ", cathegory1 =" . $cathegory1 . ", cathegory2 = " . $cathegory2 . ", cathegory3 = " . $cathegory3 . ", difficulty = " . $difficulty . ",time = " . $time . ", amount = " .$amount . ", source =" . $source . " WHERE ID=" . $id ."";
我知道有些变量的英文不正确 D:
PHP 给出以下错误信息:
"错误:无法执行 UPDATE rezepte Set namerecipe =,成分1 =,成分2 =,成分3 =,成分4 =,成分5 =,成分6 =,成分7 =,成分8 =,成分9 =,成分10 =,准备=,主题1 =,主题2 =,主题3 =,难度=,时间=,金额 = ,来源 =Tom WHERE ID=18。你有一个 SQL 语法错误;检查与您对应的手册 MariaDB 服务器版本,用于在 'ingredient1 附近使用正确的语法 =,ingredient2 =,ingredient3 =,ingredient4 =,ingredient5 =,ingredient' 在第 1 行"
但我没有发现错误
【问题讨论】:
-
SQL 不允许
column =没有值。您的变量似乎为空。理想情况下,无论如何您都应该使用准备好的语句。 -
检查所有变量是否不为空。你必须设置这样的东西 namerecipe =' " .$namerecipe 。" '
-
此外,此查询生成极易受到 SQL 注入的攻击
-
您应该将变量值括在单引号中,即
$sql = "UPDATE rezepte Set namerecipe ='" .$namerecipe ."',ingredient1 ='" . $ingredient1 ."',等 -
除了递增的列名
ingredient1、ingredient2end 等等都是规范化的绝佳候选者。