I am basically just trying to update multiple values in my table. What would be the best way to go about this? Here is the current code:
我只是在尝试更新表中的多个值。最好的办法是什么?这是当前的代码:
$postsPerPage = $_POST['postsPerPage'];
$style = $_POST['style'];
mysql_connect ("localhost", "user", "pass") or die ('Error: ' . mysql_error());
mysql_select_db ("db");
mysql_query("UPDATE settings SET postsPerPage = $postsPerPage WHERE id = '1'") or die(mysql_error());
The other update I want to include is:
我想补充的另一个更新是:
mysql_query("UPDATE settings SET style = $style WHERE id = '1'") or die(mysql_error());
Thanks!
谢谢!
4 个解决方案
#1
46
Add your multiple columns with comma separations:
用逗号分隔添加多个列:
UPDATE settings SET postsPerPage = $postsPerPage, style= $style WHERE id = '1'
However, you're not sanitizing your inputs?? This would mean any random hacker could destroy your database. See this question: What's the best method for sanitizing user input with PHP?
但是,你没有消毒你的输入?这意味着任何随机的黑客都可能破坏你的数据库。请参见这个问题:使用PHP清除用户输入的最佳方法是什么?
Also, is style a number or a string? I'm assuming a string, so it would need to be quoted.
另外,样式是数字还是字符串?我假设有一个字符串,所以它需要被引用。
#2
6
Comma separate the values:
逗号分隔值:
UPDATE settings SET postsPerPage = $postsPerPage, style = $style WHERE id = '1'"
#3
1
If you are using pdo, it will look like
如果您正在使用pdo,它将看起来像
$sql = "UPDATE users SET firstname = :firstname, lastname = :lastname WHERE id= :id";
$query = $this->pdo->prepare($sql);
$result = $query->execute(array(':firstname' => $firstname, ':lastname' => $lastname, ':id' => $id));
#4
0
I guess you can use:
我想你可以用:
$con = new mysqli("localhost", "my_user", "my_password", "world");
$sql = "UPDATE `some_table` SET `txid`= '$txid', `data` = '$data' WHERE `wallet` = '$wallet'";
if ($mysqli->query($sql, $con)) {
print "wallet $wallet updated";
}else{
printf("Errormessage: %s\n", $con->error);
}
$con->close();
#1
46
Add your multiple columns with comma separations:
用逗号分隔添加多个列:
UPDATE settings SET postsPerPage = $postsPerPage, style= $style WHERE id = '1'
However, you're not sanitizing your inputs?? This would mean any random hacker could destroy your database. See this question: What's the best method for sanitizing user input with PHP?
但是,你没有消毒你的输入?这意味着任何随机的黑客都可能破坏你的数据库。请参见这个问题:使用PHP清除用户输入的最佳方法是什么?
Also, is style a number or a string? I'm assuming a string, so it would need to be quoted.
另外,样式是数字还是字符串?我假设有一个字符串,所以它需要被引用。
#2
6
Comma separate the values:
逗号分隔值:
UPDATE settings SET postsPerPage = $postsPerPage, style = $style WHERE id = '1'"
#3
1
If you are using pdo, it will look like
如果您正在使用pdo,它将看起来像
$sql = "UPDATE users SET firstname = :firstname, lastname = :lastname WHERE id= :id";
$query = $this->pdo->prepare($sql);
$result = $query->execute(array(':firstname' => $firstname, ':lastname' => $lastname, ':id' => $id));
#4
0
I guess you can use:
我想你可以用:
$con = new mysqli("localhost", "my_user", "my_password", "world");
$sql = "UPDATE `some_table` SET `txid`= '$txid', `data` = '$data' WHERE `wallet` = '$wallet'";
if ($mysqli->query($sql, $con)) {
print "wallet $wallet updated";
}else{
printf("Errormessage: %s\n", $con->error);
}
$con->close();