categories.php页面不从DATABASE收集数据

时间:2017-02-28 11:00:31

标签: php mysql database

我的类别名称是我的导航栏。我想显示" categoryname"在categories.php页面上,而我点击任何导航项目。

  1. 页面与数据库连接
  2. 正在创建动态链接
  3. 我检查了SQL查询,其工作

    4. 
    
 
    //this is categories.php file

<?php require ('includes/dbconnect.php');?>
    
<?php
if (!isset($_GET['categoryid'])){

header ("location:index.php");
}


$cat_sqli ="SELECT products.productid,products.productname,products.unit,products.price,products.brand,products.productdetails,categories.categoryid,categories.categoryname 
FROM products 
INNER JOIN categories ON (products.categoryid=categories.categoryid)
FROM products
INNER JOIN categories
ON (products.categoryid=categories.categoryid)
WHERE products.categoryid=".$_GET['categoryid'];
if ($cat_query = mysqli_query ($dbconnect,$cat_sqli)){

$cat_rs=mysqli_fetch_assoc($cat_query);

}

?>

<body>
<h1>Selected category | <?php echo $cat_rs['categoryname'];?></h1>


</body>
    &#13;
    &#13;
    &#13;

2 个答案:

答案 0 :(得分:1)

除了scaisEdge回答之外,我想修复sql注入漏洞中的查询并使用预编译语句如下:

//this is categories.php file

<?php require ('includes/dbconnect.php');?>

<?php
if (!isset($_GET['categoryid'])){
    header ("location:index.php");
}

$array_of_result = [];

$cat_sqli ="SELECT 
 products.productid
,products.productname
,products.unit
,products.price
,products.brand
,products.productdetails
,categories.categoryid
,categories.categoryname 
FROM products 
INNER JOIN categories ON products.categoryid=categories.categoryid
WHERE products.categoryid=?";

$stmt = $dbconnect->prepare($cat_sqli);

if($stmt){
    $stmt->bind_param('i', filter_input(INPUT_GET, 'categoryid', FILTER_VALIDATE_INT));
    if($stmt->execute()){
        $result = $stmt->get_result();
        $num_of_rows = $result->num_rows;

        if($num_of_rows>0){
            while ($row = $result->fetch_assoc()) {
                $array_of_result[] = $row;
           }
        }
        $stmt->free_result();
        $stmt->close();
    }
}
?>

<body>
<h1>Selected category | 
<?php
if(!empty($array_of_result)){
    foreach($array_of_result as $r){
        echo $r['categoryname'];
        break;
    }
}
</h1>
</body>

答案 1 :(得分:0)

你错过了两次加入桌子 (删除第二个和join子句和条件)

$cat_sqli ="SELECT 
     products.productid
    ,products.productname
    ,products.unit
    ,products.price
    ,products.brand
    ,products.productdetails
    ,categories.categoryid
    ,categories.categoryname 
FROM products 
INNER JOIN categories ON products.categoryid=categories.categoryid
WHERE products.categoryid=".$_GET['categoryid'];
相关问题
最新问题