我有一个名为'objectID'的javascript数组。它有几个不同的id。
Example: objectID = ['465723', '654221, '632876', '102435', '320111', ...]
(includes just 3-6 character numbers, not sure if entered as string or int)
我需要使用'objectID'来查询数据库。
JS
jQuery.ajax({
type: "POST",
url: "filter.php",
data: { objectsArray : objectID },
success: function(result) {
console.log("Object Names:" + result);
}
});
filter.php
...
$myArray = $_REQUEST['objectsArray'];
$qstring = "SELECT Name FROM objectlist WHERE ObjectID IN ($myArray)";
$result = mysql_query($qstring);
$results = array();
while ($row = mysql_fetch_assoc($result,MYSQL_ASSOC))
{
$results[] = $row;
}
...
我需要过滤器脚本来返回包含对象名称的javascript数组:
Example: objectNames = ['Chair', 'Console', 'Lamp', 'Ball', 'TV', ...]
请求数组时出现以下错误:
"mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in"
查询本身似乎存在问题。
答案 0 :(得分:0)
将$ results数组编码为json并打印出来:
$myArray = $_REQUEST['objectsArray'];
//you must escape the array elements to prevent SQL injection
$n = count($myArray);
for ($i = 0; $i < $n; ++$i)
{
$myArray[$i] = mysql_real_escape_string($myArray[$i]);
}
//join them with comma separator
$myArray = implode(',', $myArray);
$qstring = "SELECT Name FROM objectlist WHERE ObjectID IN ($myArray)";
while ($row = mysql_fetch_assoc($result,MYSQL_ASSOC))
{
$results[] = $row["Name"];
}
$result = json_encode($results);
print $result;
在javascript中,您将获得一系列名称。 注意:
您的代码容易受到SQL注入攻击。在SQL请求中使用它们之前引用$myArray的元素。
不推荐使用mysql_ *函数。