遇到$ id_get ['id']函数的问题

时间:2011-01-11 04:53:16

标签: php

我希望能够在与pic相同的页面上调用用户对该图片发表的评论。当出现不同的页面时,也会显示该图片的评论。我能够做到这一点,但我似乎无法在不改变实际代码的情况下调用该图片的URL。

<?
include.....

$picid = $_GET['picid'];
$query = mysql_query("SELECT * FROM pic_info WHERE picid = 'picid1' ");// problem

while($rows = mysql_fetch_assoc($query)):
$picid = $rows['picid'];
$title = $rows['title'];
$link = $rows['link'];
$description = $rows['description'];
$movie_pic = $rows['movie_pic'];
$source = $rows['source'];

endwhile;

$get_comment = mysql_query("SELECT * FROM comment WHERE picid ='$picid'");// work partially
$comment_count = mysql_num_rows($get_comment);
if ($comment_count>0)
{
while ($com = mysql_fetch_array($get_comment)){
$comment_id = $com['comment_id'];
$name = $com['name'];
$message = $com['message'];
$time_post= $com['time_post'];
$messages .= '<em> on ' .$time_post.'</em><b>   '.$name.'   said.....</b><br/> '.$message.'<hr/>';
}
?>

问题:只有当我将picid1更改为picid2或3或4之类的其他内容时才有效... 部分工作::当我将picid1更改为picid2或3或4等其他东西时工作... 除此之外,它说没有评论。

我不确定问题是否排在最前面,无法弄明白。

1 个答案:

答案 0 :(得分:1)

你错过了一个$ ...

  

WHERE picid = '$ picid'

这样的事情:

$picid = $_GET['picid'];
$query = mysql_query("SELECT * FROM pic_info WHERE picid = '$picid' ");

为了安全起见......我实际上会这样做

$picid = mysql_real_escape_string($_GET['picid']);
$query = mysql_query("SELECT * FROM pic_info WHERE picid = '$picid' ");

Why? Read here

顺便说一下,如果picid是数字类型,我会省略引号...... 

 WHERE picid = $picid

----编辑------ 

if ($comment_count>0)
{
  $messages = ""; //added this
  while ($com = mysql_fetch_array($get_comment)){
    $comment_id = $com['comment_id'];
    $name = $com['name'];
    $message = $com['message'];
    $time_post= $com['time_post'];
    $messages .= '<em> on ' .$time_post.'</em><b>   '.$name.'   said.....</b><br/>'.$message.'<hr/>';
  }
} // added this...
?>
相关问题
最新问题