php - 一个字段使 SQL UPDATE 语句无法工作

Question

这消耗了我的星期六。请帮忙。

我有一个大型表单，需要更新托管在 GoDaddy 共享帐户上的 MySQL 数据库表中的记录。提交表单时，我尝试更新 18 条记录，但到目前为止我只更新了 17 条记录。当我将倒数第二个字段“blackTowellCount”包含在 UPDATE 语句中时，它会导致问题。

如果我从 SQL 语句中排除有问题的字段，所有 18 个字段都会成功将数据 POST 到 PHP 文件，并且 SQL 语句中列出的 17 个字段上传就好了。当我包含 blackTowellCount 字段时，更新停止工作，并且表单不再将数据发布到 PHP 表单。 WTF？!

您还会注意到，有一个几乎相同的字段“whiteTowellCount”更新得很好。

表格的一部分:

<div class="well">
               <div class="row">
                 <div class="col-md-1">
                 </div>
                 <div class="col-md-2"> 
                   <label for="blackTowellCount" class="pull-right">Black Towells</label>
                 </div>
                 <div class="col-md-3">
                      <input type="text" class="form-control" id="blackTowellCount" name="blackTowellCount" placeholder="black towell #"/>
                 </div>
                 <div class="col-md-2">
                         <label for="whiteTowellCount" class="pull-right">White Towells</label>
                 </div>
                 <div class="col-md-3">                
                   <input type="text" class="form-control" id="whiteTowellCount" name="whiteTowellCount" placeholder="white towell #"/>
                 </div>
                 <div class="col-md-1">
                 </div>


               </div>       
             </div>

函数式 SQL:

$addIntakeSQL = mysqli_query($link,"UPDATE Act SET w9FilePath='".$w9Upload_destination."', riderFilePath='".$riderUpload_destination."', hospRiderFilePath='".$hospRiderUpload_destination."', inputFilePath='".$inputListUpload_destination."', stageFilePath='".$stagePlotUpload_destination."', backlineFilePath='".$backlineUpload_destination."', bathTowellCount='".$bathTowellCount."', breakfastCount='".$breakfastCount."', lunchCount='".$lunchCount."', dinnerCount='".$dinnerCount."', breakfastRestriction='".$breakfastRestriction."', lunchRestriction='".$lunchRestriction."', dinnerRestriction='".$dinnerRestriction."', arrivalDate='".$arrivalDate."', arrivalTime='".$arrivalTime."', needTransport='".$needTransport."', whiteTowellCount='".$whiteTowellCount."' WHERE actID='".$actID."'") or die (mysqli_error());

损坏的 SQL:

$addIntakeSQL = mysqli_query($link,"UPDATE Act SET w9FilePath='".$w9Upload_destination."', riderFilePath='".$riderUpload_destination."', hospRiderFilePath='".$hospRiderUpload_destination."', inputFilePath='".$inputListUpload_destination."', stageFilePath='".$stagePlotUpload_destination."', backlineFilePath='".$backlineUpload_destination."', bathTowellCount='".$bathTowellCount."', breakfastCount='".$breakfastCount."', lunchCount='".$lunchCount."', dinnerCount='".$dinnerCount."', breakfastRestriction='".$breakfastRestriction."', lunchRestriction='".$lunchRestriction."', dinnerRestriction='".$dinnerRestriction."', arrivalDate='".$arrivalDate."', arrivalTime='".$arrivalTime."', needTransport='".$needTransport."', blackTowellCount='".$blackTowellCount."', whiteTowellCount='".$whiteTowellCount."' WHERE actID='".$actID."'") or die (mysqli_error());

.PHP 文件的一部分:

    $bathTowellCount = $_POST['bathTowellCount'];
    $breakfastCount = $_POST['breakfastCount'];
    $lunchCount = $_POST['lunchCount'];
    $dinnerCount = $_POST['dinnerCount'];
    $breakfastRestriction = $_POST['breakfastRestriction'];
    $lunchRestriction = $_POST['lunchRestriction'];
    $dinnerRestriction = $_POST['dinnerRestriction'];

    $arrivalDate = $_POST['arrivalDate'];
    $arrivalTime = $_POST['arrivalTime'];
    $needTransport = $_POST['needTransport'];

    $blackTowellCount = $_POST['blackTowellCount'];
    $whiteTowellCount = $_POST['whiteTowellCount'];

    $addIntakeSQL = mysqli_query($link,"UPDATE Act SET w9FilePath='".$w9Upload_destination."', riderFilePath='".$riderUpload_destination."', hospRiderFilePath='".$hospRiderUpload_destination."', inputFilePath='".$inputListUpload_destination."', stageFilePath='".$stagePlotUpload_destination."', backlineFilePath='".$backlineUpload_destination."', bathTowellCount='".$bathTowellCount."', breakfastCount='".$breakfastCount."', lunchCount='".$lunchCount."', dinnerCount='".$dinnerCount."', breakfastRestriction='".$breakfastRestriction."', lunchRestriction='".$lunchRestriction."', dinnerRestriction='".$dinnerRestriction."', arrivalDate='".$arrivalDate."', arrivalTime='".$arrivalTime."', needTransport='".$needTransport."', whiteTowellCount='".$whiteTowellCount."' WHERE actID='".$actID."'") or die (mysqli_error());

}       

Answer 1

嗨，首先，正如建议的那样，您的代码对SQL注入(inject)开放，请改用PDO。第二个 php 具有显示错误的功能，如果您无事可做，则包括它们。

将这些行添加到页面顶部

error_reporting(E_ALL);
ini_set('display_errors',1);

您还没有给出mysqli_error()其参数

将 die(mysqli_error()); 替换为 die(mysqli_error($link));