I got error on line 16 in myphp page which is;
$result = mysql_query("update Users set lat='$lat',lon='$lng' where username=$_SESSION['username']");
问问题
264 次
4 回答
0
You need curly braces {} inside of the string to return array parts:
$result = mysql_query("update Users set lat='$lat',lon='$lng' where username={$_SESSION['username']}");
Note: As has already been mentioned, you shouldn't be using mysql_query.
于 2012-11-28T20:26:05.373 回答
0
Although mysql_* functions are being deprecated here is the error on your query:
$result = mysql_query("update Users set lat='$lat',lon='$lng' where username=".$_SESSION['username']);
Also make sure your inputs are sanitized before being used in your query:
于 2012-11-28T20:27:44.877 回答
0
You lost track of all needed ' and additionally forgot to quote username value. So instead of
$result = mysql_query("update Users set lat='$lat',lon='$lng' where username=$_SESSION['username']");
do this in more clean manner:
$result = mysql_query( "update Users set lat='$lat',lon='$lng' where username='" . $_SESSION['username'] . "'");
or even better:
$query = sprintf("update Users set lat='%s',lon='%s' where username=%s"),
$lat, $lng, $_SESSION['username']);
$result = mysql_query($query);
BTW: switch to MYSQLi or PDO as MYSQL extension is deprecated, no new code should touch it.
于 2012-11-28T20:28:27.077 回答
0
You have multiple problems, but the error relates to variable expansion with your double quoted string.
Error:
echo "$_SESSION['username']";
No Error:
echo "{$_SESSION['username']}";
Alternatives:
echo "..." . $_SESSION['username'] . "...";
echo '...' . $_SESSION['username'] . '...';
Read the documentation on Strings to determine how you want do handle variable expansion in strings.
I'd also recommend reading about SQL Injection and PDO.
于 2012-11-28T20:29:09.920 回答