我正在创建一个移动图书馆应用程序,对于该应用程序的一项功能,我正在尝试接收某个用户签出的所有图书的bookID
。我希望能够echo
以string
格式(最好在每个单独的图书ID之间添加空格)来回复查询结果,以便稍后我可以在应用程序中处理数据。
我在网上找到的许多答案都只是简单地展示了如何执行查询,而不是之后如何使用数据。对不起,如果这是一个简单的问题要回答,我是一个很大的新手。
<?php
require "conn.php";
$email = $_POST["email"];
$mysql_qry = "SELECT * FROM user_data WHERE email like '$email'";
$mysql_qry2 = "SELECT DISTINCT(bookID) AS bookID FROM books_checked_out
WHERE userID LIKE $user_id ORDER BY bookID DESC";
$result = mysqli_query($conn, $mysql_qry);
if(mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
$user_id = $row["user_id"];
$result2 = mysqli_query($conn, $mysqlqry2);
}
else
{
echo "Error, user name not found";
}
$conn->close;
?>
答案 0 :(得分:1)
您可以将结果附加到数组中,并使用implode()
显示值:
<?php
require "conn.php";
$email = $_POST["email"]; // You may test here : if (isset($_POST['email']))
$mysql_qry = "SELECT * FROM user_data WHERE email = '$email'";
$result = mysqli_query($conn, $mysql_qry);
if(mysqli_num_rows($result) > 0)
{
$row = mysqli_fetch_assoc($result);
$user_id = $row["user_id"];
$mysql_qry2 = "SELECT DISTINCT(bookID) AS bookID FROM books_checked_out
WHERE userID = $user_id ORDER BY bookID DESC";
$result2 = mysqli_query($conn, $mysql_qry2);
if(mysqli_num_rows($result2) > 0)
{
$ids = [];
while ($row = mysqli_fetch_assoc($result2)) {
$ids[] = $row['bookID'] ;
}
echo implode(" ", $ids) ; // print list of ID
}
else
{
echo "No books checked out!";
}
}
else
{
echo "Error, user name not found";
}
$conn->close;
NB :我在这里使用了您的代码,但您必须查看parameterized queries以防止SQL注入。
您的查询$mysql_qry2
应在之后定义以获取$user_id
。
您的LIKE $user_id
可以由=
替换。
答案 1 :(得分:0)
首先,始终清理您的数据:
$email = filter_var( $_POST['email'], FILTER_SANITIZE_EMAIL );
$user_id = preg_replace( "#[0-9]#", '', $row['user_id'] );
DISTINCT bookID
代替DISTINCT(bookID)
来自您的查询:$mysql_qry2 = "SELECT DISTINCT(bookID) AS bookID FROM books_checked_out WHERE userID LIKE $user_id ORDER BY bookID DESC";
如果您没有得到任何结果或者返回的结果为空但user_id
确实存在,那么我认为查询格式是错误的。
ORDER BY
:查询可能正确,但mysql返回空结果,因为结果顺序不匹配。试试这个
"SELECT DISTINCT bookID AS bookID FROM books_checked_out WHERE userID LIKE $user_id ORDER BY userID DESC";
"SELECT DISTINCT bookID AS bookID FROM books_checked_out WHERE userID LIKE $user_id ORDER BY `primary_key_here` DESC";
Replace <strong>`primary_key_here`</strong> with the primary key name.
运行不带条件的查询并检查结果
$query = mysqli_query( $conn, "SELECT bookID FROM books_checked_out DESC" );
var_dump( $query );
使用结果检查查询的其余部分。
答案 2 :(得分:0)
在您对请求的回复中,不要使用自己的协议/格式,而是使用类似JSON或xml的内容。
从长远来看,这将为您提供更好的可维护性,并允许您使用javascript轻松处理浏览器中的响应,并且大多数浏览器将在开发控制台中为您提供良好的JSON对象显示。
您必须从第一个查询的结果中提取用户ID,或者您可以改为加入查询。
$email = validate($POST['email']); //where validate() will try to prevent sql injection
//joined query
$query =
" SELECT bookID FROM user_data
INNER JOIN books_checked_out on user_data.user_id = books_checked_out.userID
WHERE user_data.email='$email'
";
//not sure whether that should be user_id or userID looks like you have mixed conventions
//books_checked_out.userID vs user_data.user_id ... check your database column names
//loop through results
// may be empty if user email doesn't exist or has nothing checked out
$result = $conn->query($query);
while($row = $result->fetch_assoc()){
$response[] = ['bookID'=>$row['bookID']];
}
echo json_encode($response);
在php中接收结果时,您可以使用json_decode()或在javascript / ajax中自动在结果变量中使用它。
如果事情没有按预期工作,那么回应实际的sql是个好主意。在这种情况下
echo 'SQL IS: '.$query;
并直接对您的数据库进行测试(phpmyadmin / MySQL-Workbench),看看是否有任何结果或错误。