1. 首页
  2. 问答
  3. 变量在MySQL查询

变量在MySQL查询

2011-09-07 164 views
0 
for ($i=0; $i<$count; $i++) { 
    $appid = $chk[$i]; 


    include "dbconnect.php"; 
    $selectquery = mysql_query("SELECT * FROM regform_admin WHERE tid = '$appid'"); 
    $fetch = mysql_fetch_array($selectquery); 
    $tid = $fetch['tid']; $username = $fetch['username']; $c_month = $fetch['month']; $c_day =$fetch['day']; $c_year = $fetch['year']; 
    $c_month2 = $fetch['month2']; $c_day2 =$fetch['day2']; $c_year2 = $fetch['year2']; 
    $pickup = "".$c_month."/".$c_day."/".$c_year.""; 
    $return = "".$c_month2."/".$c_day2."/".$c_year2.""; 
    $pickuploc = "".$fetch['pickupret']." "." ".$fetch['speclocation'].""; 
    $desti = "".$fetch['destination']." "." ".$fetch['location'].""; 
    $vehicle1 = $fetch['vehicle1']; 
    $datesent = date("n j, Y; G:i"); ; 
    $rand = rand(98765432,23456789); 

    include "vehicledbconnect.php"; 
    $vquery = mysql_query("SELECT * FROM vehicletbl WHERE vehicle = '$vehicle1'"); 
      $getvquery = mysql_fetch_array($vquery); 
      $maxcars = $getvquery['maxcars']; 
      $carsleft = $getvquery['carsleft']; 
      if ($carsleft == 0) { 
      echo ' 
     <script language="JavaScript"> 
     alert("Cannot move reservation to Pending for payment status. No available vehicles left for this reservation."); 
     </script>'; 

     echo "$vehicle1"; 

      }

嗨,大家好我这里的问题是,如果它插入到数据库查询$车辆没有返回它的值($ vquery =请求mysql_query(“SELECT * FROM vehicletbl WHERE车辆=“$ vehicle1'“);)但是如果它被回显,它会返回它的值。这里的逻辑是,它将选择车辆1中的所有值,其中“车辆”列中的任何值的值将等于$ vehicle1。谢谢您的帮助!变量在MySQL查询

来源

2011-09-07 glove

+0

什么都不是通过名称$车辆分配给变量? – Tobias

+0

请显示'$ query'输出的内容 –

回答

0

您的查询有零错误处理。尝试添加一些调试查询电话:

$result = mysql_query(...) or die(mysql_error());

的代码的其余部分是丑陋的,但看起来“OK”,于是开始寻找为什么你什么也没有得到来自查询回来。

永不假设查询成功。

来源

2011-09-07 14:19:31

+0

谢谢,是的,其余的代码是丑陋的。那是因为我还是一个noob程序员。 – glove

0

试试这个调试:

$sql = "SELECT * FROM vehicletbl WHERE vehicle = '" . $vehicle1 . "'"; 
$vquery = mysql_query($sql) or die(mysql_error() . "\n<br>$sql");

这就是我做什么找到我的SQL错误。

来源

2011-09-07 14:24:50 Pheonix

-1

Noob程序员?这里有一些事情要知道:

for ($i=0; $i<$count; $i++) { 
    $appid = $chk[$i]; 

// Replaced By ... 
foreach($chk as $appid){

http://php.net/manual/en/control-structures.foreach.php

// Include the file before the loop ! You're including 20 times your file, but you just need to do it once ! Another thing to know: 
include_once("dbconnect.php");

http://php.net/manual/en/function.include-once.php

$desti = "".$fetch['destination']." "." ".$fetch['location'].""; 
// WHY ?? Isn't that easier to do this ? 
$desti = $fetch['destination']." ".$fetch['location'];

和安全性:

// Don't forget to escape your variables before putting it in mysql queries 
$appid = mysql_real_escape_string($appid); 
$selectquery = mysql_query("SELECT * FROM regform_admin WHERE tid = '$appid'");

Best way to defend against mysql injection and cross site scripting

还有其他言论,但先试着改进这些点!

来源

2011-09-07 15:00:23

相关问题

 相关问题