duanpenpan5796 2013-01-13 03:33
浏览 50
已采纳

内部加入Where子句?

$InnerJoinQuery = $STD->query("
        SELECT Users.ID, Users.Username, Users.Password, UserInformation.LastName, UserInformation.Firstname, UserInformation.DOB
        FROM Users AS Users 
        INNER JOIN UserInformation AS UserInformation 
        ON Users.ID = UserInformation.UserID WHERE Users.Username=".$_SESSION['real_name']."");
        $InnerJoinArray = $InnerJoinQuery->fetch_array(MYSQLI_ASSOC);

My Above code is causing an error. It works up to the point of my WHERE Clause.

WHERE Users.Username=".$_SESSION['real_name']."

How can i Impliment this into my innerjoin?

Update: 

$InnerJoinQuery = $STD->query("
        SELECT Users.ID, Users.Username, Users.Password, UserInformation.LastName, UserInformation.Firstname, UserInformation.DOB
        FROM Users
        INNER JOIN UserInformation
        ON Users.ID = UserInformation.UserID WHERE Users.Username = '".$_SESSION['real_name']."'");
        $InnerJoinArray = $InnerJoinQuery->fetch_array(MYSQLI_ASSOC);



        $_SESSION['UID'] = $InnerJoinArray['ID'];
        $_SESSION['Password'] = $InnerJoinArray['Password'];
        $_SESSION['Firstname'] = $InnerJoinArray['Firstname'];
        $_SESSION['LastName'] = $InnerJoinArray['LastName'];
        $_SESSION['DOB'] = $InnerJoinArray['DOB'];
            print_r($_SESSION);

This returns:

Array ( [real_name] => inhumaneslayer [Password] => [UID] => [Firstname] => [LastName] => [DOB] => )

Which is not expected.

When I change my Query To: 

$InnerJoinQuery = $STD->query("
        SELECT Users.ID, Users.Username, Users.Password, UserInformation.LastName, UserInformation.Firstname, UserInformation.DOB
        FROM Users
        INNER JOIN UserInformation
        ON Users.ID = UserInformation.UserID WHERE Users.Username = 'inhumaneslayer'");

I get the expected result:

Array ( [real_name] => inhumaneslayer [Password] => PASSWORDHIDDEN [UID] => 5 [Firstname] => xx [LastName] => xx [DOB] => DOBHIDDEN )

Which is expected.

I am unsetting session by unset($_SESSION); prior to changing the SQL

  • 写回答

2条回答 默认 最新

  • dongliang2058 2013-01-13 03:36
    关注

    You have to enclose the string in quotes:

    ... Users.Username='".$_SESSION['real_name']."'")

    Also - you need to escape the variable properly. How exactly you would do that - depends on the DB library you use. In your case it's http://php.net/manual/en/mysqli.real-escape-string.php

    ... Users.Username='". $STD->real_escape_string($_SESSION['real_name']) ."'")

    But better - learn how to use prepared statements http://php.net/manual/en/mysqli.prepare.php

    $stmt = $STD->query("
        SELECT Users.ID, Users.Username, Users.Password, UserInformation.LastName, UserInformation.Firstname, UserInformation.DOB
        FROM Users AS Users 
        INNER JOIN UserInformation AS UserInformation 
        ON Users.ID = UserInformation.UserID WHERE Users.Username=?");

$stmt->bind_param("s", $_SESSION['real_name']);

$stmt->execute();
$result = $stmt->get_result();

$InnerJoinArray = $result->fetch_array();
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 基于FOC驱动器,如何实现卡丁车下坡无阻力的遛坡的效果
  • ¥15 IAR程序莫名变量多重定义
  • ¥15 (标签-UDP|关键词-client)
  • ¥15 关于库卡officelite无法与虚拟机通讯的问题
  • ¥100 已有python代码,要求做成可执行程序,程序设计内容不多
  • ¥15 目标检测项目无法读取视频
  • ¥15 GEO datasets中基因芯片数据仅仅提供了normalized signal如何进行差异分析
  • ¥100 求采集电商背景音乐的方法
  • ¥15 数学建模竞赛求指导帮助
  • ¥15 STM32控制MAX7219问题求解答