我正在制作一个供我自己使用的个人脚本,我需要知道如何回应mysqli_query的结果。我的代码如下:
$conn = mysqli_connect($servername, $username, $password, $dbname);
if(isset($_POST['commercial'])){
if (isset($_POST['0'])){
$sql = "SELECT email FROM CommercialEmails WHERE articleid = '$_POST[article]' AND dripid = 1 AND sent='a'";
$resultsd1 = mysqli_query($conn, $sql);
echo $resultsd1;
}
if (isset ($_POST['1'])){
$sql = "SELECT email FROM CommercialEmails WHERE articleid = '$_POST[article]' AND dripid = 2 AND sent='a'";
$resultsd2 = mysqli_query($conn, $sql);
echo $resultsd2;
}
if (isset($_POST['2'])){
$sql = "SELECT email FROM CommercialEmails WHERE articleid = '$_POST[article]' AND dripid = 3 AND sent='a'";
$resultsd3 = mysqli_query($conn, $sql);
echo $resultsd3;
}
if (isset ($_POST['3'])){
$sql = "SELECT email FROM CommercialEmails WHERE articleid = '$_POST[article]' AND dripid = 4 AND sent='a'";
$resultsd4 = mysqli_query($conn, $sql);
echo $resultsd4;
}
if (isset ($_POST['4'])){
$sql = "SELECT email FROM CommercialEmails WHERE articleid = '$_POST[article]' AND dripid = 5 AND sent='a'";
$resultsd5 = mysqli_query($conn, $sql);
echo $resultsd5;
}
}
?>
答案 0 :(得分:10)
如果你想要返回多行
if (isset($_POST['0'])) {
$sql = "SELECT email FROM CommercialEmails WHERE articleid = '$_POST[article]' AND dripid = 1 AND sent='a'";
$resultsd1 = mysqli_query($conn, $sql);
while ($row = mysqli_fetch_assoc($resultsd1))
{
echo $row['email'];
}
}
如果只有1行
if (isset($_POST['0'])){
$sql = "SELECT email FROM CommercialEmails WHERE articleid = '$_POST[article]' AND dripid = 1 AND sent='a' LIMIT 1";
$resultsd1 = mysqli_query($conn, $sql);
$row = mysqli_fetch_assoc($resultsd1);
echo $row['email'];
}
答案 1 :(得分:1)
首先,@ fred-ii说,逃避你的帖子,你的$ _POST访问中也有一个错误,你缺少文章键的引号,最后使用mysqli_fetch_assoc来访问你的结果:
...
if (isset($_POST['0'])) {
$article = mysqli_real_escape_string($conn, $_POST['article']);
$sql = "SELECT email FROM CommercialEmails WHERE articleid = '$article' AND dripid = 1 AND sent='a'";
if ($resultsd1 = mysqli_query($conn, $sql)) {
if ($row = mysqli_fetch_assoc($resultsd1)) {
echo $row['email'];
}
}
}
...
答案 2 :(得分:0)
您可以简单地使用foreach
循环在结果对象上循环。如果要将所有行提取到PHP变量中,则可以使用fetch_all()
。
$result = mysqli_query($conn, 'SELECT ...');
foreach($result as $row) {
print_r($row);
// do something with each row
}
// or
$result = $conn->('SELECT ...')->fetch_all(MYSQLI_ASSOC);
foreach($result as $row) {
print_r($row);
// do something with each row
}
但是,就您而言,您根本不应该使用mysqli_query()
!这使您容易受到SQL注入的攻击。您必须使用参数绑定,这在准备好的语句中可用。
例如,您的固定查询将如下所示:
$stmt = $con->prepare("SELECT email FROM CommercialEmails WHERE articleid = ? AND dripid = 1 AND sent = 'a' ");
$stmt->bind_param('s', $_POST['article']);
$stmt->execute();
$result = $stmt->get_result();
foreach ($result as $row) {
print_r($row);
}
区别在于我的变量没有与SQL分开,因此没有注入的风险。您绝对不应在SQL查询中直接允许任何变量输入。正确地做到这一点并不难。
此外,您实际上不需要重复太多代码。您也可以参数化dripid
并减少代码中的行数。