这是用php和$ _POST变量查询2个mysql表的正确方法吗?

时间:2012-01-20 21:40:58

标签: php mysql

我一直试图找出从数据库返回订单的最佳方法。我想出了这个,它按照我想要的方式工作(我认为)它给了我正在寻找的结果,但我想知道它是否正确或者是否有更好的方法。

<?php

$conn = mysql_connect('', '', ''); 
if (!$conn) 
{ 
die('Could not connect: ' . mysql_error()); 
} 
mysql_select_db($dbs, $conn);

$Order_ID = $_POST['Order_ID'];
//$Order_ID = '1001';

    $queryOrderHead = "SELECT * FROM Orders WHERE Order_ID = '$Order_ID' ";

    $queryOrderLines = "SELECT *

    FROM Order_LineDetails 
    WHERE Order_LineDetails.Order_ID = '$Order_ID'

";
        if ($queryRunHead = mysql_query($queryOrderHead)){

                while ($info_HEAD = mysql_fetch_array($queryRunHead))       
                {
                    $OrderID_HEAD = $info_HEAD['Order_ID'];         
                    $User_ID_HEAD = $info_HEAD['User_ID'];  
                    $Customer_ID_HEAD = $info_HEAD['Customer_ID'];                          
                    echo $OrderID_HEAD.' '.$User_ID_HEAD.' '.$Customer_ID_HEAD.'<br>';
                }

                $queryRunLines = mysql_query($queryOrderLines);
                while ($info = mysql_fetch_array($queryRunLines))       
                {
                    $OrderID = $info['Order_ID'];           
                    $OrderLineID = $info['OrderLineItem_ID'];           
                    echo $OrderID.' '.$OrderLineID.'<br>';
                }

        } else {
        echo mysql_error();         
        }

mysql_close($conn);
?>

它的作用是,它使用来自$ _POST的Order_ID val并运行第一个查询然后成功时它使用相同的Order_ID并循环第二个查询并获取所有{{} 1}}来自不同的表格。

除了Order_LineDetails标签....

任何指针或想法???

1 个答案:

答案 0 :(得分:0)

  

任何指针或想法???

首先选择订单,然后选择其项目没有任何问题。但是,您可以将数据组织到数组结构中,并遵循更好的命名约定(包括变量和数据库模式):

$orderId = $_POST['order_id'];

// order_id should be an INT, so no quotes. 
// Also look into parameterized queries with PDO as the mysql_* functions are archaic!
$sqlOrder = "SELECT * 
             FROM orders 
             WHERE order_id = ".mysql_real_escape_string($orderId);

$order = array();
if ($resOrder = mysql_query($sqlOrder)) {

    if ($rowOrder = mysql_fetch_array($resOrder)) {
        $order = $rowOrder;
        // echo $rowOrder['order_id'].' '.$rowOrder['user_id'].' '.$rowOrder['customer_id']."<br />\n";

        $sqlOrderLines = "SELECT * 
                  FROM order_lines
                  WHERE order_lines.order_id = ".mysql_real_escape_string($orderId);

        if ($resOrderLines = mysql_query($sqlOrderLines)) {
            $order['order_lines'] = array();
            while ($rowOrderLines = mysql_fetch_array($resOrderLines)) {
                $order['order_lines'][] = $rowOrderLines;                 
                // echo $rowOrderLines['order_id'].' '.$rowOrderLines['order_line_id']."<br />\n";
            }
        }
    } else {
        echo 'Order not found'.
    }



} else {
    echo mysql_error();         
}

// debug
print_r($order);
相关问题
最新问题