这是我的代码:
$international_categories = $_GET['international_categories'];
$query = "SELECT *
FROM
tourDB
WHERE
categories LIKE '$international_categories'";
$result = mysql_query( $query ) or die ( mysql_error() );
if ( $result !== false && mysql_num_rows($result) > 0 ) {
while ( $ilist = mysql_num_rows( $result ) > 0) {
$tour_id = stripslashes( $ilist[ 'tour_id' ] );
$tour_type = stripslashes( $ilist[ 'tour_type' ] );
$tour_name = stripslashes( $ilist[ 'tour_name' ] );
$day = stripslashes( $ilist[ 'day' ] );
$nights = stripslashes( $ilist[ 'nights' ] );
$tour_price = stripslashes( $ilist[ 'tour_price' ] );
$overview = stripslashes( $ilist[ 'overview' ] );
$itinerary = stripslashes( $ilist[ 'itinerary' ] );
$terms_conditons = stripslashes( $ilist[ 'terms_conditons' ] );
$inclusions = stripslashes( $ilist[ 'inclusions' ] );
$exclusions = stripslashes( $ilist[ 'exclusions' ] );
$twin_triple_sharing = stripslashes( $ilist[ 'twin_triple_sharing' ] );
$single_occcupancy = stripslashes( $ilist[ 'single_occcupancy' ] );
$child_with_no_bed = stripslashes( $ilist[ 'child_with_no_bed' ] );
$inf_below = stripslashes( $ilist[ 'inf_below' ] );
$pricing_details = stripslashes( $ilist[ 'pricing_details' ] );
$url = stripslashes( $ilist[ 'url' ] );
$international_list_cat .= <<<INTERNATIONAL_LIST_CAT
<!-- html output -->
INTERNATIONAL_LIST_CAT;
}
else {
$international_list_cat = <<<INTERNATIONAL_LIST_CAT
<!-- html output -->
INTERNATIONAL_LIST_CAT;
}
我试图缩短列“类别”的值为“$ international_categories”的行
$international_categories = $_GET['international_categories']
的值也有空格,虽然我在这里得到$_GET['international_categories']
但MySQL没有在其“类别”列中整理出$_GET['international_categories']
值的行。
答案 0 :(得分:2)
转换
while ( $ilist = mysql_num_rows( $result ) > 0) {
到
while ( $ilist = mysql_fetch_array( $result )) {
感谢Barmar警告我。
但正如其他一些用户所评论的那样,MySQL已被弃用,并且极易受到SQL注入攻击。您可以使用PDO或MySQLi。我更喜欢MySQLi,我会将你的代码转换成:
//Define a mysqli variable to use for database connections
$mysqli->new mysqli(host, user, password, dbname);
$international_categories = $_GET['international_categories'];
//Add other columns into query or use *
$query = $mysqli->prepare("SELECT tour_id, tour_type FROM tourDB WHERE categories=?");
//Now we are inserting our external variable into our query
$query->bind_param("i", $international_categories);
$query->execute();
//Now we are declaring variables in order to fetched columns in our SELECT query.
//Add other columns into next line.
$query->bind_result($tour_id, $tour_type);
while($query->fetch())
{
$international_list_cat .= <<<INTERNATIONAL_LIST_CAT
<input type="text" value="$tour_type" />
<!-- html output -->
INTERNATIONAL_LIST_CAT;
}
//Now close connection
$query->close();
答案 1 :(得分:1)
while ($ilist = mysql_num_rows($result) > 0) {
应该是:
while ($ilist = mysql_fetch_assoc($result)) {