我正忙着一个简单的html / php脚本,我想要做的就是以表格形式显示我从数据库中搜索的结果,但没有显示任何内容。 这是我的代码:
<html>
<head>
<title>product sales for a specific customer</title>
<link rel="stylesheet" type="text/css" href="css/style.css" />
</head>
<body>
<h3 align="center"> Please Search for a specific customer you want to see sales for: </h3>
<br />
<input type="text" name="txtNameSearch" />
<input class="src_btn" type="submit" name="btnSearch" value="Search" />
<table width="800" border="1" cellpadding="1" cellspacing="1">
<tr>
<th>Order Details Id</th>
<th>Order ID</th>
<th>Product Id</th>
<th>Login ID</th>
<th>Quantity</th>
<th>Product Price per unit</th>
<th>Product Name</th>
<th>Product Descrp</th>
<th>Genre</th>
<th>Price</th>
<th>Quantity Sold</th>
</tr>
<?php
if(isset($_POST["btnSearch"]))
{
$connection = mysqli_connect('localhost', 'root', '', 'bookstore');
$sql="SELECT * FROM order_details right join tblproduct on order_details.prod_id=tblproduct.prod_id WHERE id_login = $search";
$Joined_records=mysqli_query($connection,$sql);
if (isset($_POST['txtNameSearch'])){
$search = $_POST['txtNameSearch'];
}
while ($row=mysqli_fetch_assoc($Joined_records)){
echo"<tr>";
echo"<td>".$row["order_details_id"]."</td>";
echo"<td>".$row["order_id"]."</td>";
echo"<td>".$row["prod_id"]."</td>";
echo"<td>".$row["id_login"]."</td>";
echo"<td>".$row["quantity"]."</td>";
echo"<td>".$row["price_per_unit"]."</td>";
echo"<td>".$row["prod_name"]."</td>";
echo"<td>".$row["prod_descr"]."</td>";
echo"<td>".$row["prod_cat"]."</td>";
echo"<td>".$row["prod_price"]."</td>";
echo"<td>".$row["prod_quan"]."</td>";
echo"</tr>";
}
}
?>
</body>
</html>
所以我要做的是例如我在搜索栏中输入“3”并点击提交我希望我数据库中与该3对应的所有值以表格形式显示。
答案 0 :(得分:1)
我在你的代码中看到了:
$sql="SELECT *
FROM order_details
right join tblproduct
on order_details.prod_id=tblproduct.prod_id
WHERE id_login = $search";
不考虑此SQL的问题,您尚未在代码中稍后定义$search。这需要之前创建包含嵌入式保管库的查询字符串,必须才能正确转义,并且必须在查询中引用:
$search = "'" . mysqli_real_escape_string(
$connection, $_POST['txtNameSearch']
) . "'";
您还应该为(至少)mysqli_query()调用添加适当的错误检查和处理。