无法显示一个用户数据

Question

这是一个管理页面，应显示的所有数据，为所选用户 我想仅显示一个用户的数据，却得到一个空白页：

<?php 
    if (isset($_POST['user'])) 
    { 
     $user = $_POST['user']; 

     //if username has been selected 
     if($user == "none") 
      { 
       echo '<div class="error"><p>No user has been selected</p></div>'; 
       echo '<meta HTTP-EQUIV="REFRESH" content="1; url=adminPanel.php">'; 
      } 
      else 
      { 

      //form query 
     $query = "SELECT * FROM User WHERE user = '$user'"; 

     //Execute query 
     $query_result = mysql_query($query) 
      or die(mysql_error()); 
     echo '<table>'; 
     while($user_data = mysql_fetch_array($query_result)) 
       { 

        echo '<tr>'; 
        echo '<td>'.$user_data['user'].'</td>'; 
        echo '<td>'.$user_data['email'].'</td>'; 
        echo '<td>'.$user_data['added'].'</td>'; 
        echo '<td>'.$user_data['admin'].'</td>'; 
        echo '<td>'.$user_data['type'].'</td>'; 
        echo '</tr>'; 

       } 
     echo '</table>';   
      } 
} 
?> 

这里可能是什么问题？

Answer 1

您应该先尝试： echo“ROW COUNT：”.mysql_num_rows（$ query）; 或者你可以抛出一个var_dump（$ user_data）;

Answer 2

你可能会尝试这样的事情。正如其他人所说，使用PDO会更好，但至少与mysql_real_escape_string()相比，您会比将数据直接输入查询更安全。

<?php 
    if (empty($_POST['user']) || $_POST['user'] == 'none') { 
     exit('No user was selected set.'); 
    } 

    $user = (string) mysql_real_escape_string($_POST['user']); 

    $sql = " 
     SELECT user, email, added, admin, type 
     FROM User 
     WHERE user = '%s'"; 
    $query_string = sprintf($sql, $user); 

    $result = mysql_query($query_string); 

    if (empty($result)) { 
     exit('Failed to retrieve user data.'); 
    } 

    echo ' 
     <table>'; 
    while ($user = mysql_fetch_assoc($result)) 
    { 
     echo ' 
      <tr> 
       <td>', $user['user'], '</td> 
       <td>', $user['email'], '</td> 
       <td>', $user['added'], '</td> 
       <td>', $user['admin'], '</td> 
       <td>', $user['type'], '</td> 
      </tr>'; 
    } 
    echo ' 
     </table>';