我有其他人创建的以下代码,虽然似乎传递了变量,但结果集中没有返回任何内容; 这页纸: http://www.libraries.uc.edu/research/subject_resources/art/db/index.php ...然后进行搜索。 以下是下面结果页面上的代码(略微编辑长度)。我有一种感觉它是引用等等,但一直在忽略一些东西!
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
if (isset($_GET['stval'])) {
$stval_Recordset1 = (get_magic_quotes_gpc()) ? $_Get['stval'] : addslashes($_Get['stval']);
}
if (isset($_GET['stval'])) {
$stval_Recordset1 = $_GET['stval'];
}
if (isset($_GET['sq'])) {
$sq_Recordset1 = $_GET['sq'];
}
mysql_select_db($database_daap_photo, $daap_photo);
$query_Recordset1 = sprintf("SELECT * FROM main WHERE %s = %s ", GetSQLValueString($stval_Recordset1, "text"),GetSQLValueString($sq_Recordset1, "text"));
$Recordset1 = mysql_query($query_limit_Recordset1, $daap_photo) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
?>
然后在体内:
<?php print_r($_GET);
if(isset($_GET["stval"])) echo "stval is set\n";
if(isset($_GET["sq"])) echo "sq is set\n";
?>
<table width="100%" border="0" cellpadding="2" cellspacing="2">
<tr bgcolor="#CCCCCC">
<td colspan="4" bgcolor="#FFFFFF"><h1>Art</h1>
<h2>Photography Images Slide Collection -Search Results </h2>
<p align="left" class="style1">Your search returned <strong></strong> records.<br />
|<br />
</p>
<p align="left" class="style1">Your search returned no results. Please
use your browsers back button to search again. </p>
<p> First | Previous | Next | Last<br />
<br />
</p></td>
<td bgcolor="#FFFFFF"> </td>
</tr>
<tr bgcolor="#CCCCCC">
<td bgcolor="#CCCCCC"><p><strong>Last Name </strong></p>
</td>
<td bgcolor="#CCCCCC"><strong>First Name </strong></td>
<td bgcolor="#CCCCCC"><strong>Dates</strong></td>
<td bgcolor="#FFFFFF"> </td>
<td bgcolor="#FFFFFF"> </td>
</tr>
<tr bgcolor="#CCCCCC">
<td bgcolor="#FFFFFF"> </td>
<td><strong>Nationality</strong></td>
<td><strong>Subject</strong></td>
<td><strong>Quantity</strong></td>
<td><strong>Media</strong></td>
</tr>
<?php do { ?>
<tr>
<td class="bold"><?php echo $row_Recordset1['LAST_NAME']; ?></td>
<td><?php echo $row_Recordset1['FIRST_NAME']; ?></td>
<td><?php echo $row_Recordset1['DATES']; ?></td>
<td> </td>
<td> </td>
</tr>
等...
谢谢!
答案 0 :(得分:0)
尝试将查询更改为
SELECT * FROM main WHERE %s = '%s'