使用两个SQL表中的标题创建一个HTML表

I am trying to create a simple file upload system using PHP and MySQL. I have created a database with two tables in, structure below:

File Table

+---+------------------+--------------+
| # |       Name       |     Type     |
+---+------------------+--------------+
| 1 | file_id          | int          |
| 2 | file_name        | varchar      |
| 3 | file_size        | int          |
| 4 | file_type        | varchar      |
| 5 | folder           | int          |Foreign Key to folders.folder_id
| 6 | user_Id          | int          |
| 7 | upload_time      | timestamp    |
| 8 | modify_time      | timestamp    |
+---+------------------+--------------+

Folders Table

+---+------------------+--------------+
| # |       Name       |     Type     |
+---+------------------+--------------+
| 1 | folder_id        | int          |
| 2 | name             | varchar      |
| 3 | subfolder        | int          |
+---+------------------+--------------+

Files Query

    SELECT * 
FROM   files 
       JOIN folders 
         ON folders.folder_id = files.folder 
ORDER  BY folders.subfolder ASC, 
          folders.folder_id ASC

Folders Query

SELECT * FROM folders

The tables both echoed into a HTML table. To do this, I have two query runs happening separately, one which echoes the folders and displays them on the table, and the other echoes the files and lists them below the list of folders.

Rather than listing all the folders and then all the files I want the files to be listed below their relevant folders.

This is how my table is currently displayed:

Table Heading
-------------
folder
folder2
folder3
file1
file2
file3
file4

This is how I want it to be:

Table Heading
-------------
folder
file1
file2
folder2
file3
folder3
file4

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

duandu8892 2017-03-03 21:27

关注

Prepared statements are designed to be executed multiple times in a loop, this is a good example of where to use one:

<?php
// prepare the statement for use later
$folderId = 0;
$stmt = $connectionUploads->prepare("SELECT * FROM files WHERE folder = ?");
$stmt->bind_param("i", $folderId);

$queryGetFolders = "SELECT * FROM folders";
$resultGetFolders = mysqli_query($connectionUploads, $queryGetFolders);

if ($resultGetFolders->num_rows != 0) {
    // loop through the folder list
    while ($rowFolders = $resultGetFolders->fetch_assoc()) {
        $folderName = ucwords($rowFolders['name']);
        echo "<h1>$folderName</h1>";

        // put the new value in $folderId
        $folderId = $rowFolders['folder_id'];
        // execute the query
        $stmt->execute();
        $resultGetFiles = $stmt->get_result();
        if ($resultGetFiles->num_rows == 0) {
            echo "<p>No files</p>";
        else {
            // loop through the results as normal
            while ($rowFiles = $resultGetFiles->fetch_assoc()) {
                echo "<p>$rowFiles[file_name]</p>";
            }
        }
    }
}

Note there are no inherent security concerns with using "plain" database queries. The problems arise when you're adding user-supplied inputs to the query string. Then prepared statements are a must. In addition to reducing overhead when querying in a loop (as above) they also sanitize user input automatically.

本回答被题主选为最佳回答 , 对您是否有帮助呢?