我正在尝试从数据库获取数据,但变量$ dept在查询中不起作用。 在result4正常工作时,查询result1,result2和result3没有返回任何结果。 变量$ dept也是正确的,因为当我打印它打印的值(计算机)但在查询中它不起作用。 请帮帮我
<?php
if (isset($_POST['select_course'])) {
$dept = $_POST['department'];
$session = $_POST['session'];
$year = $_POST['year'];
$lab = $_POST['lab'];
$s_type = $_POST['s_type'];
$semester = $_POST['semester'];
$credit_h = $_POST['credit_h'];
$result1 = mysqli_query($con, "SELECT * FROM departments WHERE `name` = '$dept'");
$result2 = mysqli_query($con, "SELECT * FROM departments WHERE `name` = '".$dept."'");
$result3 = mysqli_query($con, "SELECT * FROM departments WHERE `name` =".mysqli_real_escape_string($dept));
$result4 = mysqli_query($con, "SELECT * FROM departments WHERE `name` = 'computer'");
while ($row = mysqli_fetch_array($result1)) {
echo $row['name'];
}
}
?>
答案 0 :(得分:0)
if (isset($_POST['select_course'])) {
if ( !isset($_POST['department']) ) {
trigger_error('missing POST parameter "department"', E_USER_ERROR);
}
$query = sprintf("SELECT * FROM departments WHERE `name`='%s'", mysqli_real_escape_string($con, $_POST['department']));
$result = mysqli_query($con, $query);
if ( !$result ) {
trigger_error('query failed', E_USER_ERROR);
}
else {
while ( $row=mysqli_fetch_array($result) ) {
echo $row['name'], "\r\n";
}
}
}
如果这不会产生任何结果,请尝试
if (isset($_POST['select_course'])) {
if ( !isset($_POST['department']) ) {
trigger_error('missing POST parameter "department"', E_USER_ERROR);
}
$query = sprintf("SELECT Count(*) FROM departments WHERE `name`='%s'", mysqli_real_escape_string($con, $_POST['department']));
$result = mysqli_query($con, $query);
if ( !$result ) {
trigger_error('query failed', E_USER_ERROR);
}
else {
$row = mysqli_fetch_array($result);
echo '# of matching records: ', $row[0], "\r\n";
}
}
小型自足示例:
<?php
$con = new mysqli("localhost", "localonly", "localonly", "test");
if ($con->connect_errno) {
trigger_error('connect failed', E_USER_ERROR);
}
$con->query('CREATE TEMPORARY TABLE soFoo (`name` VARCHAR(32))');
$con->query("INSERT INTO soFoo (`name`) VALUES ('depa'),('depb'),('depc')");
$_POST = ['select_course'=>'1', 'department'=>'depb']; // <- it's only an example
if (isset($_POST['select_course'])) {
if ( !isset($_POST['department']) ) {
trigger_error('missing POST parameter "department"', E_USER_ERROR);
}
$query = sprintf("SELECT * FROM soFoo WHERE `name`='%s'", mysqli_real_escape_string($con, $_POST['department']));
$result = mysqli_query($con, $query);
if ( !$result ) {
trigger_error('query failed', E_USER_ERROR);
}
else {
while ( $row=mysqli_fetch_array($result) ) {
echo $row['name'], "\r\n";
}
}
}