Question

我正在使用此代码从数据库中获取数据，我正在正确获取$data，但我没有在此变量中正确获取数据$seldata为什么会这样？

<?php
    include_once("includes/connection.php");
    include_once("includes/session.php");
    //echo $_SESSION['uid'];
    $sql="SELECT * FROM employee WHERE eid = '{$_GET['id']}'";
    $result=mysql_query($sql);
    $data=mysql_fetch_array($result);
    echo "data".$data;
    $sel_valsql="select * FROM selected_candidate WHERE eid = '{$_GET['id']}'";
    $sresult=mysql_query($sel_valsql);
    $seldata=mysql_fetch_array($sresult);
    echo "seledata".$seldata;       
?>

Answer 1

试试这个，

$sql = "SELECT * FROM employee WHERE eid = '" . $_GET['id'] . "'";

作为旁注，如果值（ s ）来自外部，则查询容易被SQL Injection攻击。请查看下面的文章，了解如何防止它。通过使用PreparedStatements，您可以摆脱在值周围使用单引号。

How to prevent SQL injection in PHP?

Answer 2

<?php
include_once("includes/connection.php");
include_once("includes/session.php");
//echo $_SESSION['uid'];
$sql="SELECT * FROM employee WHERE eid = '".$_GET['id']."'";
$result=mysql_query($sql);
$data=mysql_fetch_array($result);
echo "data".$data;
$sel_valsql="select * FROM selected_candidate WHERE eid = '".$_GET['id']."'";
$sresult=mysql_query($sel_valsql);
$seldata=mysql_fetch_array($sresult);
echo "seledata".$seldata;       
?>

注意：mysql_fetch_array（）返回一个结果数组，因此您需要执行print_r（$ seldata）才能查看结果。

Answer 3

从where条件i.n。

中删除单引号

$sql="SELECT * FROM employee WHERE eid = {$_GET['id']}";

或者这样做：

$sql = "SELECT * FROM employee WHERE eid = '" . $_GET['id'] . "'";

数据无法获取

3 个答案: