【发布时间】:2013-06-11 20:51:55
【问题描述】:
我正在尝试为内部的编辑页面准备一个 SQL UPDATE 命令(是的,我知道我不是在当前版本的 PHP 中编码 - 工作需要快速修复及其内部系统 - 请不要'不要评判我!)数据库,无论我似乎在做什么,我都会不断面临一个错误,我被告知我有一个额外的;在我的声明中。
但是,我即将发布的 UPDATE 命令与我为其他地方的数据库几乎相同部分准备的另一个几乎相同(除了几个字段),而且效果很好!
我实际上会发布整个代码块,而不仅仅是 UPDATE 语句,以防万一。
<?php
require("header.php");
$error_feat_id = "";
$valid_feature = "";
$error_feat_id = "";
$refferal_feat_id = $_GET['feat_id'];
if(isset($refferal_feat_id) == TRUE) {
if(is_numeric($refferal_feat_id) == FALSE) {
$error_feat_id = 1;
}
if($error_feat_id == 1) {
header("Location: ".$config_basedir);
}
else {
$valid_feature = $refferal_feat_id;
}
}
else {
$valid_feature = 0;
}
if($_POST['submit']) {
$datereceived = $_POST['calendaryear']."-".$_POST['calendarmonth']."-".$_POST['calendarday'];
$director1dob = $_POST['director1year']."-".$_POST['director1month']."-".$_POST['director1day'];
$director2dob = $_POST['director2year']."-".$_POST['director2month']."-".$_POST['director2day'];
$update_feature_sql = "UPDATE features SET Title = '".mysql_real_escape_string($_POST['title'])."',
DateReceived = STR_TO_DATE(".$datereceived.", '%Y-%m-%d'),
Synopsis = '".mysql_real_escape_string($_POST['synopsis'])."',
LogLine = '".mysql_real_escape_string($_POST['logline']."',
StrandID = ".$_POST['programstrand'].",
CompCatID = ".$_POST['compcat'].",
PremiereID = ".$_POST['premierestatus'].",
FirstFeatureID = ".$_POST['firstfeature'].",
OriginID = ".$_POST['origin'].",
RoughtCutID = ".$_POST['roughcut'].",
ScreenerID = ".$_POST['screener'].",
Director1 = '".mysql_real_escape_string($_POST['director1'])."',
Director1Bio = '".mysql_real_escape_string($_POST['director1bio'])."',
Director1Nationality = '".mysql_real_escape_string($_POST['director1nation'])."',
Director1DOB = STR_TO_DATE(".$director1dob.", '%Y-%m-%d'),
Director2 = '".mysql_real_escape_string($_POST['director2'])."',
Director2Bio = '".mysql_real_escape_string($_POST['director2bio'])."',
Director2Nationality = '".mysql_real_escape_string($_POST['director2nation'])."',
Director2DOB = STR_TO_DATE(".$director2dob.", '%Y-%m-%d'),
Country1 = '".mysql_real_escape_string($_POST['country1'])."',
Country2 = '".mysql_real_escape_string($_POST['country2'])."',
Country3 = '".mysql_real_escape_string($_POST['country3'])."',
Country4 = '".mysql_real_escape_string($_POST['country4'])."',
Country5 = '".mysql_real_escape_string($_POST['country5'])."',
Country6 = '".mysql_real_escape_string($_POST['country6'])."',
Country7 = '".mysql_real_escape_string($_POST['country7'])."',
Country8 = '".mysql_real_escape_string($_POST['country8'])."',
Country9 = '".mysql_real_escape_string($_POST['country9'])."',
Country10 = '".mysql_real_escape_string($_POST['country10'])."',
Cast1 = '".mysql_real_escape_string($_POST['cast1'])."',
Cast2 = '".mysql_real_escape_string($_POST['cast2'])."',
Cast3 = '".mysql_real_escape_string($_POST['cast3'])."',
Cast4 = '".mysql_real_escape_string($_POST['cast4'])."',
AdditionalComments = '".mysql_real_escape_string($_POST['additionalcomments'])."',
DurationHours = '".mysql_real_escape_string($_POST['durationhours'])."',
DurationMins = '".mysql_real_escape_string($_POST['durationmins'])."',
ScreeningFormat1 = ".$_POST['screeningformat1'].",
ScreeningFormat2 = ".$_POST['screeningformat2'].",
ScreeningFormat3 = ".$_POST['screeningformat3'].",
ScreeningFormat4 = ".$_POST['screeningformat4'].",
ScreeningFormat5 = ".$_POST['screeningformat5'].",
DCPEID = ".$_POST['dcpe'].",
DCPCPL = '".mysql_real_escape_string($_POST['dcpcpl'])."',
SubTypeID = ".$_POST['subtype'].",
AspectID = ".$_POST['aspect'].",
LanguageID = ".$_POST['language'].",
SubtitlesID = ".$_POST['subtitles'].",
AudioID = ".$_POST['audio'].",
PubRecID = ".$_POST['pubrec'].",
TypeOfMaterials = '".mysql_real_escape_string($_POST['typeofmaterials'])."',
ContactName = '".mysql_real_escape_string($_POST['contactname'])."',
ContactEmail = '".mysql_real_escape_string($_POST['contactemail'])."',
ContactPhone1 = '".mysql_real_escape_string($_POST['contactphone1'])."',
ContactPhone2 = '".mysql_real_escape_string($_POST['contactphone2'])."',
ContactAddress = '".mysql_real_escape_string($_POST['contactaddress'])."',
HomeAddressID = ".$_POST['homeaddress'].",
ContactWebsite = '".mysql_real_escape_string($_POST['contactwebsite'])."',
SAERecID = ".$_POST['saerec'].",
SAERetID = ".$_POST['saeret'].",
FeeStatusID = ".$_POST['feestatus'].",
EntryFeeID = ".$_POST['entryfee'].",
ProdYearID = '".mysql_real_escape_string($_POST['prodyear'])."',
ProdCo1 = '".mysql_real_escape_string($_POST['prodco1'])."',
ProdWebsite1 = '".mysql_real_escape_string($_POST['prodwebsite1'])."',
ProdCo1Nation = '".mysql_real_escape_string($_POST['prodco1nation'])."',
ProdCo2 = '".mysql_real_escape_string($_POST['prodco2'])."',
ProdWebsite2 = '".mysql_real_escape_string($_POST['prodwebsite2'])."',
ProdCo2Nation = '".mysql_real_escape_string($_POST['prodco2nation'])."',
Producer1 = '".mysql_real_escape_string($_POST['producer1'])."',
Producer1Nation = '".mysql_real_escape_string($_POST['producer1nation'])."',
Producer2 = '".mysql_real_escape_string($_POST['producer2'])."',
Producer2Nation = '".mysql_real_escape_string($_POST['producer2nation'])."',
Producer3 = '".mysql_real_escape_string($_POST['producer3'])."',
Producer3Nation = '".mysql_real_escape_string($_POST['producer3nation'])."',
Producer4 = '".mysql_real_escape_string($_POST['producer4'])."',
Producer4Nation = '".mysql_real_escape_string($_POST['producer4nation'])."',
SalesAgent = '".mysql_real_escape_string($_POST['salesagent'])."',
Distributor = '".mysql_real_escape_string($_POST['distributor'])."',
TalentAttached = '".mysql_real_escape_string($_POST['talentattached'])."',
PreviouslyScreenedAt = '".mysql_real_escape_string($_POST['prevscreenat'])."',
ScreeningFeesID = ".$_POST['screeningfees'].",
ScreeningFeesAmt = '".mysql_real_escape_string($_POST['screeningfeesamt'])."',
KidsID = ".$_POST['kids'].",
此行显示错误的代码
ConfirmID = ".$_POST['confirm']." WHERE ID = ".$refferral_feat_id.";";
mysql_query($update_feature_sql) or die(mysql_error());
header("Location: ".$config_basedir."feat_show.php?feat_id=".$refferal_feat_id);
}
else {
$sql_get_feature = "SELECT * FROM features WHERE ID = ".$refferal_feat_id.";";
$query_get_feature = mysql_query($sql_get_feature);
$rows_get_feature = mysql_fetch_assoc($query_get_feature);
?>
【问题讨论】:
-
那里的语法突出显示相当具有启发性,你不觉得吗? :)
-
ConfirmID 的值应该是多少?
-
您遇到的是 PHP 语法错误还是 SQL 错误?
-
@JonnyS - ConfirmID 是由下拉 MarcB 传递的 int 值 - 我收到 PHP 错误 - 特别是第 109 行(ConfirmID)行的语法错误。我尝试了以下更正,但似乎没有任何效果。如果有的话,它似乎只是将错误转移到第 111 行及以后。