我是php的新手,我一直在为所有文章制作一个独特的页面而奋斗几个小时。无论我做什么都不会工作。
我知道我应该将mysql转换为mysqli,但首先我只是想让这个工作。
当我去url / video.php?id = 3时,它只是显示一个空白页面,它不会从文章表中打印出“名称”
有什么建议吗?
video.php
<?php
include "connect.php";
$id = mysql_real_escape_string($_GET['id']);
$query = "SELECT `name` FROM `article` WHERE `id` = '.$id.'";
$result = mysql_query($query);
$row = mysql_fetch_array($result);
// Echo page content
echo $row['name'];
?>
我从index.php链接到以下
<a href="/video.php?id=<? echo $row[id]; ?>
有效。
答案 0 :(得分:1)
你正在混合你的引号......
"SELECT `name` FROM `article` WHERE `id` = '.$id.'";
应该是......
"SELECT `name` FROM `article` WHERE `id` = $id";
或
'SELECT `name` FROM `article` WHERE `id` = '.$id;
这对阻止sql注入没有任何作用......
答案 1 :(得分:0)
您是否测试了$ row变量中的值?使用var_dump($row)
查看值。
if (isset($_GET['id']))
{
$id = $_GET['id'];
echo $id;
}
答案 2 :(得分:0)
我看到的另一件事,但我认为如果你这样做了:
尝试:
<强> MySQL的:强>
/**
* Connect and define your connection var
*/
$connection = mysql_connect("localhost","root","");
/**
* Select your database
*/
mysql_select_db("mydatabase",$connection);
/**
* Check if exists "id" in $_GET
*/
if( array_key_exists( "id" , $_GET ) )
{
$id = mysql_real_escape_string( $_GET [ "id" ],$connection );
/**
* Remember use LIMIT
*/
$source = mysql_query("SELECT `name` FROM `article` WHERE `id` = '$id' LIMIT 1",$connection);
/**
* if you need print only name
*/
if( mysql_num_rows( $source ) )
{
// print only name
echo mysql_result( $source );
}
/**
* but if you need retrive array
*/
$row = mysql_fetch_assoc( $source );
echo $row["name"];
}
<强>库MySQLi:强>
/**
* Connect and define your connection var
*/
$connection = mysqli_connect("localhost","root","");
/**
* Check if is connected[ http://us2.php.net/manual/en/mysqli.connect-errno.php ]
*/
if( mysqli_connect_errno() == 0 )
{
/**
* Select your database
*/
mysqli_select_db( $connection , "mydatabase" );
/**
* Check if exists "id" in $_GET
*/
if( array_key_exists( "id" , $_GET ) )
{
$id = mysqli_real_escape_string($connection,$_GET [ "id" ]);
/**
* Remember use LIMIT
*/
$source = mysqli_query($connection,"SELECT `name` FROM `article` WHERE `id` = '$id' LIMIT 1");
/**
* if you need print only name
*/
if( mysqli_num_rows( $source ) )
{
// print only name
$row = mysqli_fetch_array( $source );
echo $row[0];
}
/**
* but if you need retrive array
*/
$row = mysqli_fetch_assoc( $source );
echo $row["name"];
}
}
并阅读关于MySQL的LIMIT
祝你好运!答案 3 :(得分:-1)
如果id是一个数字字段,正如您的问题似乎暗示的那样,那应该是
$id = (int)$_GET['id'];
$query = "SELECT `name` FROM `article` WHERE `id` = $id";
如果id是数字字段。
注意我还删除了查询字符串中的点,这会使查询无效,id
是否为数字字段。