我有一个网站,用户可以登录和注册。现在,我希望用户更新其个人资料。我无法更新数据库。我的表名称是“成员”。每当我提交表格时都不会发生任何事情。
<?php
if(isset($_POST["submit"])){
$value1 = $_POST['year'];
$value2 = $_POST['astatus'];
$value3 = $_POST['address'];
$value4 = $_POST['phone'];
$value5 = $_POST['email'];
$newpass = $_POST['pass'];
$newpass2 = $_POST['pass2'];
$user=$_SESSION['sess_user'];
$conn = new mysqli('localhost', 'admin', 'password') or die(mysqli_error());
//Select DB From database
$db = mysqli_select_db($conn, "database") or die("Database Error");
//Selecting database
$update_user="UPDATE '".members."' SET year='".$value1."', astatus='".$value2."', address='".$value3."', phone='".$value4."', email='".$value5."', pass='".$newpass."' WHERE '".user."'='".$user."'";
if(isset($_SESSION["editerror"])){
session_destroy(editerror);
}
session_start(editsuccess);
$_SESSION["editsuccess"] ="Your student profile has been successfully updated.";
header("Location:profile.php");
}
else{
echo "error";
}
?>
注意:始终使用mysqli_real_escape_string —考虑到连接的当前字符集,转义字符串中的特殊字符以用于SQL语句
http://www.w3schools.com/php/func_mysqli_real_escape_string.asp
更新时使用prepare语句
http://php.net/manual/zh/mysqli.prepare.php
你忘了执行查询
$update_user="UPDATE `members` SET `year`='".$value1."', `astatus`='".$value2."', `address`='".$value3."', `phone`='".$value4."', `email`='".$value5."', `pass`='".$newpass."' WHERE `user` ='".$user."'";
if ($conn->query($update_user) === TRUE) {
session_start(editsuccess);
$_SESSION["editsuccess"] ="Your student profile has been successfully updated.";
header("Location:profile.php");
} else {
echo "Error updating record: " . $conn->error;
}
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句