多个mysql查询没有在单页中执行?

时间:2014-12-15 08:50:58

标签: php mysql

我创建了一个脚本,将一些细节插入到表单中,并在其下方显示插入表中的值。有一个mysql连接应该可以工作。广告表中的插入和选择不起作用!我似乎不明白为什么。我的表是正确创建的,没有错误,因为我已经检查过它的另一个代码。只有这段代码不起作用。

有人能告诉我为什么sql语句不起作用?

<?php
include('header.php'); 
session_start();

$user = $_SESSION['username'];
mysql_select_db("ladyjoy_fs", mysql_connect("localhost", "root", ""))or die(mysql_error());
$login=mysql_query("select * from user where user_name='$user'")or die(mysql_error());
$row=mysql_fetch_row($login);
$_SESSION['userid'] = $row[0];


?>
    <body>
    <?php

        $users = mysql_query("select * FROM gcm_users")or die(mysql_error());
        if ($users != false)
            $no_of_users = mysql_num_rows($users);
        else
            $no_of_users = 0;
            ;

        ?>
    <center>
        </br>
        </br>
            <div id="container">
            <div id="header">
                <div class="alert alert-success"><label>Welcome Advertiser</label></div>
            </div>

            <table>
                <thead>
                    <td>
                        <tr><a href="index.php">Home</a>  |  </tr>

                        <tr><a href="reservation.php">My Advertisements</a>  |  </tr>
                        <tr><a href="myaccount.php">My Account</a>  |  </tr>
                        <tr><a href="../logout.php">Logout</a>  |  </tr>
                    </td>
                </thead>
            </table>
            <br/>
            <table class="table table-bordered">
                <div class="alert alert-success">Creating New Notifications</div>
            </table>
            <div style="float:center;">


            <h4>New Advertisement</h4>
            <h5>No of Devices Registered: <?php echo $no_of_users; ?></h5>


            <form id="form1" method="POST" onsubmit="return sendPushNotification()">
            <label class="control-label" for="inputEmail">Title</label>
            <input type="text"  name="ad_title" id="ad_title" class="txt_title" placeholder="Notification Title">

            <label class="control-label" for="inputEmail">Description</label>
            <input type="text"  name="ad_desc" id="ad_desc" class="txt_desc">

            <label class="control-label" for="inputEmail">Picture</label>
            <input type="text"  name="ad_pic" id="ad_pic" placeholder="URL">


            <label class="control-label" for="inputEmail">Location</label>
            <input type="text"  name="ad_location"  id="ad_location" placeholder="Venue"><br/>
            <input type="hidden" name="regId" value="<?php echo $_SESSION['userid'] ?>"/>

            <button type="submit" id="add_supply" name="add_supply" class="btn btn-info">Send Notification</button>

            </div>
            </form>
                <?php
                if (isset($_POST['add_supply'])){
                $title=$_POST['ad_title'];
                $desc=$_POST['ad_desc'];
                $url=$_POST['ad_pic'];
                $location=$_POST['ad_location'];
                $userid=$_POST['regId'];

                $sql2 = "insert into advert (title,description,url,location,user_id) values('$title','$desc','$url','$location','$userid')";
                mysql_query($sql2)or die(mysql_error());

                }

                ?>
            <br/>

            <table cellpadding="0" cellspacing="0" border="0" class="table table-striped table-bordered" >
                <thead>
                    <tr>
                    <th>Advertisement ID</th>
                    <th>Title</th>
                    <th>Description</th>
                    <th>Picture</th>
                    <th>Location</th>
                    </tr>
                </thead>

                <tbody>
                    <?php 
                    $query=mysql_query("select * from advert where user_id = ".$_SESSION['userid']."")or die("Error at query : "+mysql_error());
                    while(($row=mysql_fetch_array($query))){
                    ?>
                    <tr>
                    <td><?php echo $row['id']; ?></td>
                    <td><?php echo $row['title']; ?></td>
                    <td><?php echo $row['description']; ?></td>
                    <td><?php echo $row['url']; ?></td>
                    <td><?php echo $row['location']; ?></td>

                    </tr>
                    <?php } ?>
                </tbody>
            </table>






    </center>
    </body>
</html>

2 个答案:

答案 0 :(得分:1)

$query=mysql_query("select * from advert where user_id = '".$_SESSION['userid']."' ")or die("Error at query : "+mysql_error());

我认为语法错误。请检查一下。

答案 1 :(得分:0)

或者您可以尝试使用此代码 - &gt;

$user = $_SESSION["username"];
$res = "select * from user where user_name='$user'";
$result = mysql_query($res) or die("query fail to execute".mysql_error());
 while($row= mysql_fetch_array($result))
    {
    $ac= $row['id'];
$a= ("select * FROM gcm_users WHERE user_id='$ac'");
$re = mysql_query($a) or die("wrong query".mysql_error());
while($row= mysql_fetch_array($re))
            {
}

}

note-&gt;并且如上所述,您的代码很容易受到sql注入。