您好,我無法讓腳本完全運行。根據表單輸入過濾數據庫查詢
我有正確的計算,但現在需要查詢燃料類型。
<?php
include 'mysql_connect.php';
$query = "SELECT * FROM fuel_price WHERE FuelType='Oil'" ;
$result = mysql_query($query);
$price= mysql_fetch_array($result);
if(isset($_POST['submit'])){
echo "The Price Today is ";
echo "£"; echo $_POST['qtylitres'] * $price ['Price'];
} else {
echo "Please select value";
}
?>
我需要檢查表單上選擇的fueltype並相應地計算總數。
例如$ query =「SELECT * FROM fuel_price WHERE FuelType ='{$ _ POST ['fueltype'];}'」;
請幫助任何有壓力的人。
感謝
Yikes! 'WHERE FuelType ='{$ _ POST ['fueltype'];}'「;'閱讀:http://stackoverflow.com/questions/332365/xkcd-sql-injection-please-explain – Johan
你只是在那裏:$查詢=「SELECT * FROM fuel_price WHERE FuelType ='」。mysql_real_escape_string($ _ POST ['fueltype'])。「'」;是不是適用於您? – galchen
[php mysql multiply database value with form selection] (http://stackoverflow.com/questions/7232428/php-mysql-multiply-database-value-with-form-selection) –