我一直在这里寻找一些答案,但我碰壁了。我找到了一堆代码非常相似的帖子,显然有效。代码是通过我正在寻找的电子邮件中的硬编码进行测试的,并且工作正常。当我通过POST功能发送信息时,由于某种原因它似乎没有翻译。
$Email = $_POST["Email"];
$sql = 'SELECT * FROM DewSweepers WHERE Email = "$Email"';
$result = mysqli_query($conn,$sql) or trigger_error("Query Failed! SQL: $sql - Error: ".mysqli_error(), E_USER_ERROR);
while($row = mysqli_fetch_row($result))
{
echo "<tr>";
echo "<td>$row[1]</td>";
echo "</tr>\n";
}
答案 0 :(得分:-1)
在单引号内部,所有内容都被视为字符串。因此需要正确转义或连接
$sql = 'SELECT * FROM DewSweepers WHERE Email = "'.$Email.'"';
更新1:
您的代码输出将是这样的
SELECT * FROM DewSweepers WHERE Email = "$Email"
警告mysql_query,mysql_fetch_array,mysql_connect等..扩展在PHP 5.5.0中已弃用,并且已在PHP 7.0.0中删除。 相反,应该使用MySQLi或PDO_MySQL扩展。
//db connection
$servername = "localhost"; //host name
$username = "username"; //username
$password = "password"; //password
$mysql_database = "dbname"; //database name
// mysqli准备好的陈述
$conn = mysqli_connect($servername, $username, $password) or die("Connection failed: " . mysqli_connect_error());
mysqli_select_db($conn,$mysql_database) or die("Opps some thing went wrong");
$Email = $_POST["Email"];
$stmt = $conn->prepare("SELECT * FROM DewSweepers WHERE Email =?");
$stmt->bind_param('s',$Email);
$stmt->execute();
$get_result =$stmt->get_result();
$row_count= $get_result->num_rows;
if($row_count>0)
{
echo "row exists";
}
else
{
echo "row not exists";
}