可以从QUERY_STRING INSERT但不能从MySQL中选择相同的值！

As you can see, there's probably no reason why it shouldn't be working. I don't know what else I can do, any ideas? Any help is appreciated!

All I am trying to do, is view check if the value entered at the end of the url, matches one that is in the database (and yes, it IS in the database. :) Thank you

The code:

<?php

$keyword = substr($_SERVER['REQUEST_URI'],11); 
    if($_REQUEST['action'] == "link")
    {
        $keyword = $_POST['keyword'];
        $link    = $_POST['link'];

        $connection =
               mysql_connect("my01..com","h","h") or die(mysql_error());

        if($connection)
        {
         mysql_select_db("mysql_17902_h", $connection);

         mysql_query(
                 "INSERT INTO mysql_17902_h.links (
                   link,
                   keyword) VALUES (
                    '".$link."',
                      '".$keyword."')") or die(mysql_error());

            $state = true;
        }
    }
    else
    {
        if(!empty($_POST))
        {
            print_r($keyword);
            $connection =
                   mysql_connect("my01.h.com","h","h") or die(mysql_error());


            if($connection)
            {


                mysql_select_db("mysql_17902_h") or die(mysql_error());
           $result = mysql_query("SELECT link FROM links WHERE keyword = $keyword")
           or die(mysql_error());

           $row = mysql_fetch_array($result);
               $outsy = $row['link'];

           }
           $state = true;
           }

    }
?>

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douken1726 2010-12-31 05:54
关注
Try rewriting your code so it's more legible:

$link = mysql_real_escape_string($_POST['link']); $keyword = mysql_real_escape_string($_POST['keyword']); $sql = <<<EOL; INSERT INTO mysql_17902_h.links (link, keyword) VALUES ('$link', '$keyword') EOL; mysql_query($sql) or die(mysql_error());

Note the use of mysql_real_escape_string() to prevent SQL injection attacks, and surrounding the variables with single quotes within the SQL string. You've neglected to do so here:

$result = mysql_query("SELECT link FROM links WHERE keyword = $keyword") or ... ^^^^^^^^

No quotes around a text-type field is a syntax error. As well, at that point in the code, $keyword contains whatever the substr() call at the top of the script returned, so make sure that substr call actually does what you're intending.
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

可以从QUERY_STRING INSERT但不能从MySQL中选择相同的值！ database mysql php
2010-12-31 04:15

回答 1 已采纳 Try rewriting your code so it's more legible: $link = mysql_real_escape_string($_POST['link']); $
PHP在表名中从mysql_real_escape_string更改为PDO [duplicate] mysql php sql
2014-01-24 13:15

回答 1 已采纳 You won't be able to escape the table name (I hope that $tablename isn't coming from an outside so
未捕获的错误：调用未定义的函数mysql_escape_string（） mysql php
2016-01-05 14:30

回答 4 已采纳 To help you out here... (too long for a comment) Your require("config.php"); should contain the f
mysql怎么insert变量_如何在MySQL INSERT语句中包含PHP变量
2021-01-18 21:03

書淺的博客因此，这些引号应该在数据中转义，以及一些其他字符，使用mysql_real_escape_string()所以，您的代码变成$type='testing';$type=mysql_real_escape_string($type);$reporter="JohnO'Hara";$repor...
mysqli_real_escape_string不会插入到db中 database html mysql php
2019-03-04 10:58

回答 5 已采纳 You are wrong to pass parameters to the mysqli_real_escape_string () function before inserting the
在mysql中使用mysql_real_escape_string或addslashes时，字符串不会被转义 mysql php
2011-11-29 06:45

回答 2 已采纳 This is exactly what is supposed to happen. You want to insert the string O'reilly into the databa
警告：mysql_real_escape_string（），是什么意思？ [关闭] database html mysql php
2014-09-03 16:28

回答 1 已采纳 Need to connect before real_escape. I suggest you to use mysqli. You can try this. $connect = mys
mysql db query返回值_官方对mysql_query函数和mysql_db_query函数
2021-01-27 13:23

沈蓁蓁的博客 1.看mysql_query函数定义 resourcemysql_query(string$query[,resource$link_identifier] )功能：发送唯一查询请求(不支持多个查询)到当前活动的和link_identifier关联的数据库服务器。参数：a.query 一个sql查询，...
插入从HTML中选择到mysql mysql php
2017-06-07 13:44

回答 3 已采纳 Got it working now, just moved the ifs and elses from the deadline to the foreach
MySQL中的INSERT不起作用 mysql php
2014-11-04 19:13

回答 1 已采纳 You have to specify the column names: $quer1y = mysql_query("INSERT INTO fruitandvegetable(column
从行中获取MySQL数据库的另一个值 database html mysql php
2016-06-16 15:43

回答 1 已采纳 It is not clear what the requirement is: but i hope, you want every value from db row as session..
mysql query语句_使用mysql_query()函数执行SQL语句
2021-01-19 03:26

很圆的方块的博客 mysql_query()函数PHP MySQL 函数库中，mysql_query() 函数用于向 MySQL 发送并执行 SQL 语句。对于没有数据返回结果集的 SQL ，如 UPDATE、DELETE 等在执行成功时返回 TRUE，出错时返回 FALSE；对于 SELECT，SHOW，...
mysql_query不起作用并给出错误 mysql php
2016-02-09 20:34

回答 1 已采纳 Since rol is a VARCHAR, you need quotes around the value. rol = {$rols[$x]} should be: rol = '
MySQL主从不一致问题相关处理
2022-09-26 08:52

羌俊恩的博客某业务采取mysql的主从架构，但因为存储的问题，导致备库一直无法存储，数据同步一致性问题一直也未恢复，某次安全检查要求完成主备倒换演练，必须限期恢复主备，但是在恢复过程中，同步显示正常一段时间后，便会...
mysql_real_escape_string()--mysql数据库
2015-10-13 23:57

li先生的家的博客 unsigned long mysql_real_escape_string(MYSQL *mysql, char *to, const char *from, unsigned long length)
没有解决我的问题, 去提问

悬赏问题

¥15 2020长安杯与连接网探
¥15 关于#matlab#的问题：在模糊控制器中选出线路信息，在simulink中根据线路信息生成速度时间目标曲线（初速度为20m/s，15秒后减为0的速度时间图像）我想问线路信息是什么
¥15 banner广告展示设置多少时间不怎么会消耗用户价值
¥16 mybatis的代理对象无法通过@Autowired装填
¥15 可见光定位matlab仿真
¥15 arduino 四自由度机械臂
¥15 wordpress 产品图片 GIF 没法显示
¥15 求三国群英传pl国战时间的修改方法
¥15 matlab代码代写，需写出详细代码，代价私
¥15 ROS系统搭建请教（跨境电商用途）

可以从QUERY_STRING INSERT但不能从MySQL中选择相同的值！

1条回答 默认 最新

悬赏问题

1条回答默认最新