MySQL查询使用数组

时间:2009-07-09 03:11:08

标签: php mysql arrays

我正在尝试使用数组查询MySQL数据库,但我遇到了麻烦!

我有一个名为clients的表,我希望能够从'sector'列等于$ sectorlink的所有行中选择'name'。

然后我想将所有名称放入一个数组中,这样我就可以执行下一个查询:从另一个表中选择所有行,其中'client'列等于第一个查询返回的名称之一。我做错了,因为它返回致命的SQL错误。我对所有变量感到困惑!

$ sectorlink和$ connection是在此代码之外定义的唯一变量

有什么建议吗?

$query1 = "SELECT name FROM clients WHERE sector = '$sectorlink'";
$clientresult = mysql_query($query1, $connection) or trigger_error("SQL", E_USER_ERROR);

while($row = mysql_fetch_array($clientresult)){

foreach($row AS $key => $value){$temp[] = '"'.$value.'"';}
$thelist = implode(",",$temp);

$query = "SELECT count(*) FROM studies WHERE client IN ($row) ORDER BY (date) desc";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);

}

4 个答案:

答案 0 :(得分:5)

第二个查询应该使用$thelist而不是$row,它应该在while循环之外。处理单行时不需要foreach循环。您可以使用简单的$row访问$row[0]中的名称。像这样(未经测试):

$query1 = "SELECT name FROM clients WHERE sector = '$sectorlink'";
$clientresult = mysql_query($query1, $connection) or trigger_error("SQL", E_USER_ERROR);

while($row = mysql_fetch_array($clientresult)){
    $temp[] = '"'.$row[0].'"';
}

$thelist = implode(",",$temp);
$query = "SELECT count(*) FROM studies WHERE client IN ($thelist) ORDER BY (date) desc";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);

警告:请注意,您的代码极易受SQL injection attacks攻击。这对于测试或内部开发来说很好,但是如果这个代码将运行Fort Knox网站,那么你将需要修复它。只是一个FYI。 : - )

答案 1 :(得分:0)

一些事情。首先,你有一个不必要的循环。尝试:

while (list($name) = mysql_fetch_row($clientresult)) {

    $temp[] = $name;
}

构建临时数组。

其次,IN子句的部分是字符串,因此当你内爆时,你需要将每个值括在引号中:

$thelist = "'". implode("','", $temp) . "'";

最后,在您的查询中,您将$row传递给IN子句,您应该传递$thelist

$query = "SELECT count(*) FROM studies WHERE client IN ($thelist) ORDER BY date desc";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);

总而言之:

$query1 = "SELECT name FROM clients WHERE sector = '$sectorlink'";
$clientresult = mysql_query($query1, $connection) or trigger_error("SQL", E_USER_ERROR);

while (list($name) = mysql_fetch_row($clientresult)) {

    $temp[] = $name;
}

$thelist = "'". implode("','", $temp) . "'"; 

$query = "SELECT count(*) FROM studies WHERE client IN ($thelist) ORDER BY date desc";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);

答案 2 :(得分:0)

试试这个:

$query1 = "SELECT name FROM clients WHERE sector = '$sectorlink'";
$clientresult = mysql_query($query1, $connection) or trigger_error("SQL", E_USER_ERROR);

while($row = mysql_fetch_array($clientresult)){

$client = $row['name'];

$query = "SELECT * FROM studies WHERE client='$client' ORDER BY date DESC";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);

/* echo results here */

}

答案 3 :(得分:0)

我希望你在一个带有连接的查询中做得更好:

$query = "SELECT COUNT(*)  FROM `studies` INNER JOIN `clients` on studies.client = clients.name WHERE clients.sector = '$sectorlink' ORDER BY studies.date DESC";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);
相关问题
最新问题