我想在php中找到一种方法,将所有相关的搜索返回结果从mysql数据库连接到一个由逗号分隔的单个字符串中。请参阅下面的DB表格php输出格式和php代码。PHP搜索结果串联
海滩表:
bname length city_name
Beach A 4 City Z
Beach B 3 City X
Beach C 7 City E
Beach_Act_Type表:
bname act_type
Beach A Swimming
Beach A Surfing
Beach B Surfing
Beach C Swimming
Beach C Fishing
Beach C Surfing
输出我在寻找:
`beach`.`bname` `beach_act_type`.`act_type`
Beach C Swimming, Fishing, Surfing
代替此输出格式:
`beach`.`bname` `beach_act_type`.`act_type`
Beach C Swimming
Beach C Fishing
Beach C Surfing
我的PHP代码:
$conn = new mysqli('localhost','test','','beachproject');
if (!$conn) {
die('DB Connection Error');
}
$search = $_POST['search'];
$search_sql="select `beach`.`bname`, `beach_act_type`.`act_type`
from `beach` inner join `beach_act_types`
on `beach`.`bname`=`beach_act_type`.`bname`
where `beach`.`bname`='$search'";
$search_query=$conn->query($search_sql);
if ($search_query->num_rows > 0) {
while($row = $search_query->fetch_assoc()) {
echo "<table border='1' cellpadding='4'>
<tr>
<th>Beach Name</th>
<th>Beach Activity Allowed</th>
</tr>";
echo "<tr>";
echo "<td>" . $row['bname'] . "</td>";
echo "<td>" . $row['act_type'] . "</td>";
echo "</tr>";
echo "</table>";
}
} else {
echo "No Search Results";
}
**警告**:使用'mysqli'时,您应该使用[参数化查询](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)和[' bind_param'](http://php.net/manual/en/mysqli-stmt.bind-param.php)将用户数据添加到您的查询中。 **不要**使用字符串插值或连接来完成此操作,因为您创建了严重的[SQL注入漏洞](http://bobby-tables.com/)。 **不要**将'$ _POST','$ _GET'或**任何**用户数据直接放入查询中,如果有人试图利用您的错误,这可能会非常有害。 – tadman