1. 首頁
  2. 問答
  3. 與WHERE子句失敗

與WHERE子句失敗

2011-02-05 76 views
1

簡單的mysql_query這裏是我的代碼:與WHERE子句失敗

<p>Select application status to view.</p> 

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> 
    <select name="type" style="width:100px;"> 
     <option name="New">New</option> 
     <option name="Approved">Approved</option> 
     <option name="Denied">Denied</option> 
     <option name="In Training">In Training</option> 
     <option name="Passed">Passed</option> 
     <option name="Retrained">Retrained</option> 
     <option name="Failed">Failed</option> 
     <option name="Placed">Placed</option> 
    </select> 
    <input type="submit" value="Go" /> 
</form> 

<?php if (!isset($_POST['type'])): 
    $newapps = mysql_query('SELECT aid, status, Day, Dte, Month, Year, email, Character_Name FROM applications WHERE status LIKE "New"'); ?> 

    <table> 
     <tr> 
      <td><strong>ID</strong></td> 
      <td><strong>Status</strong></td> 
      <td><strong>Date Submitted</strong></td> 
      <td><strong>E-mail</strong></td> 
      <td><strong>Character Name</strong></td> 
     </tr> 
     <?php while ($newapp = mysql_fetch_array($newapps)) 
      { 
      $aid = $newapp['aid']; 
      $status = $newapp['status']; 
      $day = $newapp['Day']; 
      $date = $newapp['Dte']; 
      $month = $newapp['Month']; 
      $year = $newapp['Year']; 
      $email = $newapp['email']; 
      $name = $newapp['Character_Name']; 
      echo "<tr><td>$aid</td><td>$status</td><td>$day, $month $date $year</td><td>$email</td><td>$name</td></tr>\n"; 
      } 
     ?> 
    </table> 

<?php else: 
    $query1 = "SELECT aid, status, Day, Dte, Month, Year, email, Character_Name FROM applications WHERE status LIKE '{$_POST['type']}'"; 
    $result = mysql_query('$query1') or die(mysql_error()); 
?> 

    <table> 
     <tr> 
      <td><strong>ID</strong></td> 
      <td><strong>Status</strong></td> 
      <td><strong>Date Submitted</strong></td> 
      <td><strong>E-mail</strong></td> 
      <td><strong>Character Name</strong></td> 
     </tr> 
     <?php while ($applist = mysql_fetch_array($result)) 
      { 
      $aid = $applist['aid']; 
      $status = $applist['status']; 
      $day = $applist['Day']; 
      $date = $applist['Dte']; 
      $month = $applist['Month']; 
      $year = $applist['Year']; 
      $email = $applist['email']; 
      $name = $applist['Character_Name']; 
      echo "<tr><td>$aid</td><td>$status</td><td>$day, $month $date $year</td><td>$email</td><td>$name</td></tr>\n"; 
      } 
     ?> 
    </table>  

<?php endif; ?>

當我加載網頁,它不拉「新」應用程序正常。但是,當我運行查詢拉起,例如,批准的應用程序,我得到這個錯誤:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '$query1' at line 1

任何想法我失蹤?

來源

2011-02-05 Jordan

+0

永遠不要將POST變量直接放到SQL查詢中。我建議您仔細閱讀以下內容:http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=php+input+sanitization – keithjgrant 2011-02-05 00:40:39

+1

...以及使用PDO對象時的獎勵積分:http ://www.php.net/manual/en/class.pdo.php – keithjgrant 2011-02-05 00:42:27

回答

3

您正在用單引號將$query包裝起來,從字面上理解它。

使用雙引號,或者根本就沒有:

mysql_query($query1)

來源

2011-02-05 00:37:59

+1

+1 3個回答在它打開頁面所花費的時間內...簡單回答:) – Endophage 2011-02-05 00:40:17

0

嘗試的mysql_query( 「{$ QUERY1}」)。

使用雙引號

來源

2011-02-05 00:38:39 Darren

相關問題

 相關問題