我该怎么做?我试过各种不同的方法,但我不能这样做!
基本上,我试图从“初学者表”中提取信息并仅显示登录的用户数据。
这是代码,它给出了一条我无法解决的错误消息:
<?php
session_start();
require_once '../database.php';
if (isset($_SESSION['myusername'])){
echo "Welcome ".$_SESSION['myusername'];
}
?>
<?php
include '../database.php';
$userid = $_SESSION["myusername"];
#the where clause is where im stuck at the moment!
Line 50:
$result = mysql_query("SELECT Recipename, Ingredients, Method, Time FROM starters WHERE username = $_SESSION['myusername']");
echo "<table border='0'><table border width=65%> <tr><th>Recipie Name</th><th>Ingredients</th><th>Method</th><th>Time</th></tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['Recipename']. "</td>";
echo "<td>" . $row['Ingredients']. "</td>";
echo "<td>" . $row['Method']. "</td>";
echo "<td>" . $row['Time']. 'minutes'."</td>";
echo "</tr>";
}
echo "</table>";
?>
</table>
我得到的错误信息如下:
Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/jahedhus/public_html/cook/usersloggedin/starters.php on line 50
第50行是select语句! 我将衷心感谢您的帮助, 非常感谢!
答案 0 :(得分:2)
您需要将用户名包装在引号中:
$result = mysql_query("SELECT Recipename, Ingredients, Method, Time FROM starters WHERE username = '{$_SESSION['myusername']}'");
此外,您相信$_SESSION['myusername']是有效的用户名(不是某些附加SQL字符串)。如果您不知道数据是安全的,则至少需要escape the data。
答案 1 :(得分:0)
更改行:
$result = mysql_query("SELECT Recipename, Ingredients, Method, Time FROM starters WHERE username = $_SESSION['myusername']");
这一个:
$result = mysql_query("SELECT Recipename, Ingredients, Method, Time FROM starters WHERE username = '" . $_SESSION['myusername'] . "'");
答案 2 :(得分:0)
引号的问题在于它们会全部搞砸了,我会将它们分开:
$result = mysql_query("SELECT Recipename, Ingredients, Method, Time FROM starters WHERE username = ".$_SESSION['myusername']);
OR
$result = mysql_query("SELECT Recipename, Ingredients, Method, Time FROM starters WHERE username = '$_SESSION[myusername]'");