Question

我正在尝试打开与单击的缩略图相对应的视频。但是，当我定向到应该在其中显示视频的页面时，出现错误，

致命错误：mysqli_sql_exception未捕获：SQL语法有错误；检查与您的MySQL服务器版本相对应的手册，以在'\'SELECT v_id FROM video WHERE image_name = \'$ image_name \'\'）？>'
附近使用正确的语法

下面是单击图像的页面，

<?php
$query=mysqli_query($link, "SELECT * FROM video ORDER BY RAND() LIMIT 5");
while($all_video=mysqli_fetch_array($query))
{
?>
<a href="watchScreen.php? $v_id=mysqli_query($link, \'SELECT v_id FROM video WHERE image_name = \'$image_name\'\') ?>" onclick="open()" ><image src="thumbnails/<?php echo $all_video['image_name']; ?>" id="img" width="300" height="200"/></a>

 <script type="text/javascript">
function open() {

  var nameImg = document.getElementById("img").src;

  nameImg = "<?php $image_name ?>";
}
</script>

<?php } ?>

Newxt是watchScreen.php，

<?php
include "config.php";
session_start();
$_SESSION['v_id']=$_GET['$v_id']

$vid_id = $_SESSION['v_id'];
$myquery=mysqli_query($link, "SELECT video_name FROM video WHERE v_id=$vid_id");
while($my_video=mysqli_fetch_array($myquery))
{
?>
<video width="60%" height="60%" style="background-color:#585858; border: 4px solid darkorange; border-radius:20px;" controls>
<source src="uploads/<?php echo $play_vid['video_name']; ?>" type="video/mp4">
</video>
<?php } ?>

下面是mySQL表，

CREATE TABLE video(
v_id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
video_name VARCHAR(225) NOT NULL,
id INT NOT NULL,
FOREIGN KEY user_id(id)
REFERENCES users(id)
ON DELETE CASCADE,
n_views INT,
image_name VARCHAR(225) NOT NULL
);

我现在试图弄清楚如何将单击的图像的名称发送到watchScreen.php。

Answer 1

我建议，如果我理解正确，也许可以尝试以下方法。

因此，您似乎只需要将请求中的vid值发送到在初始查询中获得的watchScreen.php。当查询返回所有列时，您可以轻松地选择并选择要包含在HTML中的列/字段，而无需进行以前的错误查询。

<?php

    $query=mysqli_query($link, "SELECT * FROM video ORDER BY RAND() LIMIT 5");
    while($all_video=mysqli_fetch_array($query)){


        printf('
            <a href="watchScreen.php?$v_id=%d" onclick="open(event)">
                <img src="thumbnails/%s" width=300 height=200 />
            </a>',
            $all_video['v_id'],
            $all_video['image_name']
        );
    }

?>
<script>
    /* 

        The `open` function doesn't actually do anything as it was... 
        Also, every ID MUST be unique... but there is no need to 
        assign an ID in this case as the image is a direct child
        of the `a` so can be accessed in a number of ways.
    */
    function open(e){
        var img = e.target.querySelector('img');
        alert( img.src );
    }

</script>

要处理请求，因为它具有用户输入（GET），所以您确实应该使用准备好的语句来尝试避免SQL注入攻击。

<?php

    session_start();
    include "config.php";

    if( !empty( $_GET['$v_id'] ) ){

        $vid = $_SESSION['v_id'] = $_GET['$v_id'];

        $sql='SELECT video_name FROM video WHERE v_id=?';
        $stmt=$link->prepare( $sql );
        $stmt->bind_param('i', $vid );
        $res=$stmt->execute();
        if( $res ){
            $stmt->store_result();
            $stmt->bind_result( $videoname );
            $stmt->fetch();
            /* a literal `%` in either `printf` or `sprintf` should be escaped with another `%` ... */
            printf('
                <video width="60%%" height="60%%" style="background-color:#585858; border: 4px solid darkorange; border-radius:20px;" controls>
                    <source src="uploads/%s" type="video/mp4">
                </video>
            ', $videoname );
        }
    } else {
        exit('missing ID');
    }

?>

以上内容均未经过测试，因此您可能会发现一些错误（希望不会太多）-希望对您有帮助

如何将单击图像的名称传输到另一个php页面？

1 个答案: