0

我一直在逐行通过我的代码试图找到一个错误,但是我还没有成功。

下面显示的是我的输入和更新文件的片段。

修改form.php

                    <li id="li_1" >
        <label class="description" for="servername">Server Name </label>
        <div>
            <input id="element_1" name="Servername" class="element text medium" type="text" maxlength="255" value="<?php echo $person['servername']; ?>"/> 
        </div><p class="guidelines" id="guide_1"><small>Enter your server name here NOT your server address.</small></p> 
        </li>       <li id="li_2" >
        <label class="description" for="Serveraddress">Server Address </label>
        <div>
            <input id="element_2" name="Serveraddress" class="element text medium" type="text" maxlength="255" value="<?php echo $person['serveraddress']; ?>"/> 
        </div><p class="guidelines" id="guide_2"><small>This will the DNS name of your server</small></p> 
        </li>       <li id="li_3" >
        <label class="description" for="Portnumber">PortNumber </label>
        <div>
            <input id="element_3" name="Portnumber" class="element text medium" type="text" maxlength="255" value="<?php echo $person['portnumber']; ?>"/> 
        </div><p class="guidelines" id="guide_3"><small>This will be the port your server is using.</small></p> 

        <label class="description" for="Status">Server Status </label>
               <div>
            <input id="element_4" name="Status" class="element text medium" type="text" maxlength="255" value="<?php echo $person['status']; ?>"/> 
        </div><p class="guidelines" id="guide_4"><small> Display your Server Status</small></p> 

        </li>       <li id="li_4" >
        <label class="description" for="Description">Server Description </label>
        <div>
            <textarea id="element_5" name="Description" class="element textarea medium" value ="<?php echo $person['description']; ?>"></textarea> 
        </div><p class="guidelines" id="guide_5"><small>Enter server description/rules here.</small></p> 
        </li>

                    <li class="buttons">
                <input type="hidden" name="id" value="<?php echo $_GET['id']; ?>" />

                <input id="saveForm" class="button_text" type="submit" name="submit" value="Modify" />
        </li>
            </ul>
        </form> 
        <div id="footer">
        </div>
    </div>

    </body>-
</html>

修改名称.php

<?php


mysql_connect("localhost", "user", "password") or die (mysql_error());
#echo "Connected to MYSQL ";
mysql_select_db("starforg_search") or die (mysql_error());
#echo "Connected to Data Base";
/*$query = "SELECT * FROM table WHERE userId='{$user_id}'";
$result = mysql_query ($query) or die (mysql_error());*/

    if(!isset($_POST['submit'])) {
    $q = "SELECT * FROM addserverame WHERE ID = $_GET[id] AND userId='{$user_id}'";
    $result = mysql_query ($q);
    $person = mysql_fetch_array ($result);
    }

    ?>



<?

if(isset($_POST['submit'])) {
    $u = "UPDATE addserverame SET `servername`='$_POST[Servername]', `serveraddress`='$_POST[Serveraddress]', `portnumber`='$_POST[Portnumber]', `status`='$_POST[Status]', `description`='$_POST[Description]', WHERE ID = $_POST[id] AND userId='{$user_id}'";
    mysql_query($u) or die (mysql_error());
    echo "Server Info Has Been Modified";
}
?>

问题区域 更新和回显服务器名称、服务器地址和端口号字段很好,但是回显/更新描述和状态字段不起作用。

我已经多次查看表名,我承认它们是正确的。

这让我相信语法错误可能是罪魁祸首。

谢谢你的时间

4

1 回答 1

4

UPDATE您的语句存在语法错误。您在应该删除,的子句之前有额外的内容。WHERE

UPDATE  addserverame 
SET  `servername`='$_POST[Servername]', 
     `serveraddress`='$_POST[Serveraddress]', 
     `portnumber`='$_POST[Portnumber]', 
     `status`='$_POST[Status]', 
     `description`='$_POST[Description]', -- <<=== REMOVE extra comma HERE
WHERE ID = $_POST[id] AND 
      userId='{$user_id}'

养成对齐代码的习惯,以便轻松发现语法错误。

作为旁注,SQL Injection如果变量的值(s)来自外部,则查询很容易受到攻击。请看下面的文章,了解如何预防。通过使用PreparedStatements,您可以摆脱在值周围使用单引号。

于 2013-04-16T01:27:47.127 回答