PHP查询字符串参数通过链接

时间:2013-04-03 11:08:13

标签: php mysql

我试图在用户点击链接时传递查询字符串。

这样,它指向的下一页将从mysql中检索特定的poduct(查询字符串参数)细节。

以下是我的代码,我该怎么做呢?

当前页面:

<?php

// Write a series of five PHP statements to retrieve the data for all product items in the database
// Write a statement to prepare the SQL SELECT statement
$sql = "SELECT skuCode, brand, model FROM productItem;";
// Write a statement to open a connection to MySQL server
$link = mysql_connect("localhost", "root", "password");
// Write a statement to select the required database
mysql_select_db("is1112t4q3", $link);
// Write a statement to send the SQL statement to the MySQL server for execution and retrieve the resultset
$resultset = mysql_query($sql);
// Write a statement to close the connection
mysql_close($link);

// Write a suitable expression for the while loop to iterate through each data row in the resultset.
// Each data row represents one product item that you need to display
while($row = mysql_fetch_array($resultset))
{
    // Write a echo command to display the summary information for each product item. The required attributes are 
    // indicated in the HTML table header row.
    // The image that is displayed should be the first image of each product item, e.g., MP300001_1.jpg.
    // The Action column should contain a hyperlink to viewProductItem.php where user can view the complete product information
    // of the selected product item.
    // You need to use a query string parameter to pass the SKU Code of the required product item to viewProductItem.php
    echo("<tr><td>".$row[0].
        "</td><td>".$row[1].
        "</td><td>".$row[2].
        "</td><td>"."<img src=images/".$row["skuCode"]."_1.jpg>".
        "</td><td><a href=viewProductItem.php?var=skuCode>View</a>".
        "</td></tr>");

}

?>

下一页,此页面应检索点击链接<a href=viewProductItem.php?var=skuCode>View</a>时从上一页传递的skuCode。

<?php

// Complete the if expression using the isset function to determine whether the query string parameter skuCode has been provided
if(isset($_GET["skuCode"]))
{               
    // Write a series of five PHP statements to retrieve the data for the selected product item from the database
    // Write a statement to prepare the SQL SELECT statement. The SQL statement should have a WHERE condition
    $sql = "SELECT * FROM productItem WHERE skuCode = '".mysql_real_escape_string($_GET["skuCode"])."';";
    // Write a statement to open a connection to MySQL server
    $link = mysql_connect("localhost", "root", "password");
    // Write a statement to select the required database
    mysql_select_db("is1112t4q3", $link);
    // Write a statement to send the SQL statement to the MySQL server for execution and retrieve the resultset
    $resultset = mysql_query($sql);
    // Write a statement to close the connection
    mysql_close($link);

    // The statement below will retrieve the first data row in the resultset. 
    // Note that we are only expecting at most one data row since we are filtering by the primary key skuCode
    // mysql_fetch_array will an array of values corresponding to the fetched data row.
    // If there is no matching data row, mysql_fetch_array will return FALSE
    $row = mysql_fetch_array($resultset);

    if($row)
    {
        // Write a series of echo commands to print out the complete information of the selected product item using a HTML table
        echo("<tr><td>".$row[0].
            "</td><td>".$row[1].
            "</td><td>".$row[2].
            "</td><td>"."<img src=images/".$row["skuCode"]."_1.jpg>".
            "</td><td><a href=viewProductItem.php>View</a>".
            "</td></tr>");

    }
}
else
{
    echo("<h3 style=\"color: red;\">Product item ".$_GET["skuCode"]." does not exist</h3>");
}
}
else
{
    echo("<h3 style=\"color: red;\">No product item has been selected</h3>");
}

3 个答案:

答案 0 :(得分:1)

你必须在第一页重写网址:不是'var'

"<a href=viewProductItem.php?skuCode=".$row["skuCode"].">View</a>"

当你从第一页点击此链接时。您可以通过

在第二页中获得此值
 $skuCode =mysql_real_escape_string($_REQUEST['skuCode']);

 $sql = "SELECT * FROM productItem WHERE skuCode = '".$skuCode."';";

你的修改后的代码是:试试这个为你工作.. 第一页:

<?php

// Write a series of five PHP statements to retrieve the data for all product items in the database
// Write a statement to prepare the SQL SELECT statement
$sql = "SELECT skuCode, brand, model FROM productItem;";
// Write a statement to open a connection to MySQL server
$link = mysql_connect("localhost", "root", "password");
// Write a statement to select the required database
mysql_select_db("is1112t4q3", $link);
// Write a statement to send the SQL statement to the MySQL server for execution and retrieve the resultset
$resultset = mysql_query($sql);
// Write a statement to close the connection
mysql_close($link);

// Write a suitable expression for the while loop to iterate through each data row in the resultset.
// Each data row represents one product item that you need to display
while($row = mysql_fetch_array($resultset))
{
    // Write a echo command to display the summary information for each product item. The required attributes are 
    // indicated in the HTML table header row.
    // The image that is displayed should be the first image of each product item, e.g., MP300001_1.jpg.
    // The Action column should contain a hyperlink to viewProductItem.php where user can view the complete product information
    // of the selected product item.
    // You need to use a query string parameter to pass the SKU Code of the required product item to viewProductItem.php
    echo("<tr><td>".$row[0].
        "</td><td>".$row[1].
        "</td><td>".$row[2].
        "</td><td>"."<img src=images/".$row["skuCode"]."_1.jpg>".
        "</td><td><a href=viewProductItem.php?skuCode=".$row['skuCode'].">View</a>".
        "</td></tr>");

}

?>

第二页:

<?php

// Complete the if expression using the isset function to determine whether the query string parameter skuCode has been provided
if(isset($_GET["skuCode"]))
{               
    // Write a series of five PHP statements to retrieve the data for the selected product item from the database
    // Write a statement to prepare the SQL SELECT statement. The SQL statement should have a WHERE condition
    $sql = "SELECT * FROM productItem WHERE skuCode = '".mysql_real_escape_string($_GET["skuCode"])."';";
    // Write a statement to open a connection to MySQL server
    $link = mysql_connect("localhost", "root", "password");
    // Write a statement to select the required database
    mysql_select_db("is1112t4q3", $link);
    // Write a statement to send the SQL statement to the MySQL server for execution and retrieve the resultset
    $resultset = mysql_query($sql);
    // Write a statement to close the connection
    mysql_close($link);

    // The statement below will retrieve the first data row in the resultset. 
    // Note that we are only expecting at most one data row since we are filtering by the primary key skuCode
    // mysql_fetch_array will an array of values corresponding to the fetched data row.
    // If there is no matching data row, mysql_fetch_array will return FALSE
    $row = mysql_fetch_array($resultset);

    if($row)
    {
        // Write a series of echo commands to print out the complete information of the selected product item using a HTML table
        echo("<tr><td>".$row[0].
            "</td><td>".$row[1].
            "</td><td>".$row[2].
            "</td><td>"."<img src=images/".$row["skuCode"]."_1.jpg>".
            "</td><td><a href=viewProductItem.php>View</a>".
            "</td></tr>");

    }
    else
    {
         echo("<h3 style=\"color: red;\">Product item ".$_GET["skuCode"]." does not                        exist</h3>");
    }
}

else
{
    echo("<h3 style=\"color: red;\">No product item has been selected</h3>");
}

答案 1 :(得分:0)

viewProductItem.php?skuCode=123

使用PHP来制作带有这样的参数的网址。

viewProductItem.php?skuCode=123&anotherVariable=yes

..以及后续的论点

答案 2 :(得分:0)

您可以使用杯子描述的GET。但是GET不安全?

另一种方法是使用SESSION变量。它是一种更安全的方法,但并不完全安全。

//第1页(当前页)

$_SESSION['skuCode'] = "xyz";

//第2页(viewProductItem.php)

$var_value = $_SESSION['skuCode'];