duanji5116 2018-02-05 12:08
浏览 38
已采纳

too long

Sorry if the wording in the title is not correct (new to PHP). I'm trying to return results from a mysql db using below php scripts.

php script

<?php

require "conn.php";

$adopt_id = $_GET["adopt_id"];

  $query = "
select *
from temp_table
where adopt_id = $adopt_id
";

....
?>

Now if I run the above in my browser as url below, it returns as expected http://localhost/searchfeed.php?adopt_id=1

Dump of above query:

select *
from temp_table
where adopt_id = 1

Same php script but filtering on a diff field which is of varchar data type.

php script

    <?php

    require "conn.php";

    $GENDER = $_GET["gender"];

      $query = "
    select *
    from temp_table
    where gender = $GENDER
    ";

    ....
    ?>

Now if I run the above in my browser as url below, it returns null because its not getting any results = http://localhost/searchfeed.php?gender=M

I dumped the above query to a log file, seems like it doesn't do anything with the $GENDER. This is what the query looks like

select *
from temp_table
where gender =
  • 写回答

3条回答 默认 最新

  • dongzang5815 2018-02-05 12:20
    关注

    I don't see any problem with your PHP code in your second statement, but as suggested by others, your MySQL query consists of incorrect statement.

    Please, update your MySQL statement to look either like:

    select *
from temp_table
where gender = '$GENDER'

    or 

    select *
from temp_table
where gender like '$GENDER'

    Also consider using any MySQL library, as such usually consists of various security patches (as noted in the previous answer - the SQL injections)

    or at least use mysqli_real_escape_string() function

    Edit: Problem solved most probably by incorrect variable name spelling. GET variables are all stored in $_GET array.

    your value of gender can be accessed by this statement: $gender = $_GET['gender'];

    note: for others - be careful to spell variable like $_GET not $GET

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 c程序不知道为什么得不到结果
  • ¥40 复杂的限制性的商函数处理
  • ¥15 程序不包含适用于入口点的静态Main方法
  • ¥15 素材场景中光线烘焙后灯光失效
  • ¥15 请教一下各位,为什么我这个没有实现模拟点击
  • ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来
  • ¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
  • ¥20 有关区间dp的问题求解
  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置