1
我有一箇舊的PHP應用程序,我試圖找出爲什麼我無法導出爲CSV。PHP:將sql數據導出爲CSV
在頁面裏顯示的頁面下面的鏈接將顯示導出爲CSV的SQL數據:
<p class="content_text"><strong><a href="export.php?tablename=PrivateActs109">Export to Excel</a></strong></p>
然後是export.php
文件的全部內容:
<?php /* ########## Connect to Database ########## */
require_once('../Connections/dbConnect_acts.php');
mysql_select_db($database_dbConnect, $dbConnect) or die ("no luck") ;
// Export to CSV
require '../includes/exportcsv.inc.php';
$table=$tablename; // this is the tablename that you want to export to csv from mysql.
$sql_query = "SELECT `ChapterNumber`, `Subject`, `Abstract` , `BillNumber` FROM $tablename ";
exportMysqlToCsv($table,$sql_query);
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");header("Content-Length: " . strlen($out));
// Output to browser with appropriate mime type, you choose ;)
//header("Content-type: text/x-csv");
//header("Content-type: text/csv");
header("Content-type: application/csv");
header("Content-Disposition: attachment; filename=$filename");
?>
尋找因爲我對PHP還很陌生。
'$ table = $ tablename'應該是'$ table = $ _ GET ['tablename']'因爲'register_globals_gpc'已關閉,但是這會打開一個全新的SQL注入蠕蟲罐,因爲它被用於查詢。 http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?rq=1 – AbraCadaver
@AbraCadaver謝謝,剛進入這個應用程序。 CSV確實已經創建,但我沒有得到我期望的。 – Jason
'require'行包含/ exportcsv.inc.php';'include?那麼'exportMysqlToCsv($ table,$ sql_query)'這行呢?我們看不到這些,所以我們不知道發生了什麼。 – Mike