0

请在这里帮助我,我不确定实际错误是什么意思,但我正在寻找任何方法来完成这项工作!请!

    <?php 

//session_start();
include("config.php");
include("auth.php"); 

if($_SESSION['SESS_MEMBER_ID'] != 'true') {
//  header("location:member-index.php");
    }

//connects to database
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link) {
    die("Failed to connect to server: " . mysql_error());
    }

    //selects database
$db = mysql_select_db(DB_DATABASE);
if (!$db) {
    die ("Unable to select database");
    }

这是错误所在

$qry = "UPDATE members set firstname="'.$firstname.'", lastname="'.$lastname.'", location="'.$location.'", email="'.$email.'", cell_number="'.$cell_number.'", home_number="'.$home_number.'", about="'.$about.'" where member_id="'.$_SESSION['SESS_MEMBER_ID'].'" "


$result = @mysql_query($qry);


?>
4

1 回答 1

1

改变

$qry = "UPDATE members set firstname="'.$firstname.'", lastname="'.$lastname.'", location="'.$location.'", email="'.$email.'", cell_number="'.$cell_number.'", home_number="'.$home_number.'", about="'.$about.'" where member_id="'.$_SESSION['SESS_MEMBER_ID'].'" "

$qry = "UPDATE members set firstname='".$firstname."', lastname='".$lastname."', location='".$location."', email='".$email."', cell_number='".$cell_number."', home_number='".$home_number."', about='".$about."' where member_id='".$_SESSION['SESS_MEMBER_ID']."' ";

注意:强烈建议使用 Prepared statements 而不是使用 mysql_* 函数。

于 2012-12-05T06:21:26.307 回答