在一个JSON中有两个查询?

时间:2018-02-11 20:41:54

标签: php mysql json mysqli

我正在尝试从两个表中选择所有内容并通过JSON显示它们。以下是我尝试的尝试:

 <?php
// Create connection
$conn = new mysqli("localhost", "root", "****", "user");

if ($conn->connect_error) {

 die("Connection failed: " . $conn->connect_error);
} 
 // Getting the received JSON into $json variable.
 $json = file_get_contents('php://input');

 // decoding the received JSON and store into $obj variable.
 $obj = json_decode($json,true);

// Populate Username from JSON $obj array and store into $usnername.
$username = $_GET['username'];

$sql = "SELECT * FROM users  WHERE username = '$username'";
$usql = "SELECT * FROM user_images  WHERE username = '$username'";

$result = $conn->query($sql, $usql);

if ($result->num_rows >0) {


 while($row[] = $result->fetch_assoc()) {

 $tem = $row;

 $json = json_encode($tem);


 }

} else {
 echo  "No Results Found.";
}
 echo $json;
$conn->close();
?>

我不太确定这是否是实现我的任务的正确方法,但我查看了其他问题,没有一个与我的格式相同。此外,我知道这很容易受到SQL注入的攻击,这仅仅是出于示例目的。

用户表:

-id -username -profilepic

1 Bill image.png

2 Sally cats.png

user_images表:

-id -username -posts

1比尔食品

2 Bill Sports

3莎莉咖啡

2 个答案:

答案 0 :(得分:3)

我知道你在你的问题中提到了它,但它有重复 - 这很容易受到SQL注入的影响,因为你直接在SQL查询中引用$_GET数组中的用户输入而没有先清理它,或者更好,使用准备好的陈述。

$result = $conn->query($sql, $usql);
mysqli::query函数只接受一个查询,并通过传递第二个SQL语句MYSQLI_STORE_RESULT错误地指定了一个可选的$usql参数 - 所以这不起作用。

相反,您应该对同一查询中的两个表执行JOIN。因此,组合您的查询将如下所示:

$sql = "SELECT * FROM users 
LEFT JOIN user_images ON user_images.username = user.username 
WHERE username = '$username'";

或者,作为准备好的声明:

$prepared_statement = $conn->prepare("SELECT * FROM users LEFT JOIN user_images ON user_images.username = user.username WHERE username = ?");
$prepared_statement->bind_param("s", $username);
$result = $prepared_statement->execute();

这将合并两个表中包含的信息,以便您可以在一个循环中提取相关信息。此外,您可能会考虑仅收集响应的相关信息,因此您不会通过JSON发回整个用户对象。

编辑在考虑提供的新信息后,最好执行以下操作:

$sql = "SELECT * FROM users  WHERE username = '$username'";
$usql = "SELECT * FROM user_images  WHERE username = '$username'";

$users_result = $conn->query($sql);

if ($users_result->num_rows > 0) {
    while($user = $users_result->fetch_assoc()) {
        $posts_array = array();
        $posts_result = $conn->query($usql);
        if ($posts_result->num_rows > 0) {
            while($post = $posts_result->fetch_assoc()) {
                $posts_array[] = array(
                    "id" => $post['id'],
                    "post" => $post['post']
                );
            }
        }
        $response = array(
            "id" => $user['id'],
            "username" => $user['username'],
            "profilepic" => $user['profilepic'],
            "posts" => $posts_array
        );
        $json = json_encode($response);
        echo $json;
    }
} else {
    echo  "No Results Found.";
}
$conn->close();

答案 1 :(得分:0)

试试这个

<?php

//$conn = ... connect to database

$sql = "SELECT * FROM users  WHERE username = '$username'";
$usql = "SELECT * FROM user_images  WHERE username = '$username'";

$queryTableOne = mysqli_query($conn, $sql);
$queryTableTwo = mysqli_query($conn, $usql);

$json = mysqli_fetch_array($queryTableOne, MYSQLI_ASSOC);

$json2 = array();
while ($row = mysqli_fetch_assoc($queryTableTwo)) {
    $json2[] = array(
        'your_field1' => $row["your_field1"],
        'your_field2' => $row["your_field2"],
        'your_field3' => $row["your_field3"],
        //...etc
    );
}

$json['user_images'] = $json2;
echo json_encode($json);

?>

Reference

但使用JOIN是一种更好的方式。

相关问题
最新问题