PHP MYSQL 无法执行查询:未知列 [英] PHP MYSQL Couldn't execute query: Unknown column
本文介绍了PHP MYSQL 无法执行查询:未知列的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
请帮我解决这个问题.第一个查询将返回一条消息,说明
Please help me to figure out this. The first query would return a message saying that
Couldn't execute query: Unknown column 'ssd23' in 'where clause.
ssd23
是 $_POST
将从 html 表单中获取的 pnumber 值.但是,如果只有数字,它会起作用.
ssd23
is the value the $_POST
will get for the pnumber from a html form. However, it would work if there are only digits.
$result = mysqli_query($con, "DELETE FROM Tools WHERE PartNumber = {'$_POST['pnumber']'}") or die ("Couldn't execute query: " .mysqli_error($con));
下面的第二个查询在使用变量后可以处理数字和字符.
This second query below would work with both digits and characters after using a variable.
$test = $_POST['pnumber'];
$result = mysqli_query($con, "DELETE FROM Tools WHERE PartNumber = '$test'") or die ("Couldn't execute query: " .mysqli_error($con));
推荐答案
替换为:
$result = mysqli_query($con, "DELETE FROM Tools WHERE PartNumber = {'$_POST['pnumber']'}") or die ("Couldn't execute query: " .mysqli_error($con));
有了这个:
$result = mysqli_query($con, "DELETE FROM Tools WHERE PartNumber = '" . $_POST['pnumber'] ."'") or die ("Couldn't execute query: " .mysqli_error($con));
注意我没有处理上面的sql注入
更好的是使用可以保护您的查询的准备语句,在您的情况下,它将是这样的:
Even better is to use prepare statements that will secure your querys, in your case it will be something like this:
$sql= 'DELETE FROM Tools WHERE PartNumber= ?';
$stmt = $con->prepare($sql);
$stmt->bind_param('i', $_POST['pnumber']);
$stmt->execute();
这篇关于PHP MYSQL 无法执行查询:未知列的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文