1. 首頁
  2. 問答
  3. 在MySQL/PHP中鏈接的記錄集

在MySQL/PHP中鏈接的記錄集

2013-07-09 91 views
1

我有一個PHP頁面(ship_info.php),顯示來自數據庫的特定船上的信息。每艘船都按其唯一的ship_id排序。在MySQL/PHP中鏈接的記錄集

我需要獲取頁面上的鏈接才能按字母順序轉到上一個或下一個船。有人建議我使用一個單獨的php文件(稱爲gotoship.php)。因此,在現階段,我有一個鏈接上點擊此鏈接:

<!--go to previous ship--> 
    <div class="arrow_shipinfo_left"> 
    <a href="gotoship.php?action=previous&amp;current_ship_id=<?php echo $row_ship_image_info['ship_id']; ?>"> 
<img src="images/arrow_left.png" width="51" height="57" alt="back" border="none"/> 
    </a> 
    </div>

所以我結束了一個鏈接看起來像「gotoship.php行動=以前& current_ship_id = 7?」。我無法讓gotoship.php工作,任何人都可以闡明我錯誤的地方。此刻我收到一個數組字符串轉換錯誤。我需要鏈接到這樣的頁面(shipinfo.php ship_id = 7?)

我gotoship.php看起來是這樣的:

<?php 
if (!function_exists("GetSQLValueString")) { 
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{ 
    if (PHP_VERSION < 6) { 
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; 
    } 

    $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); 

    switch ($theType) { 
    case "text": 
     $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; 
     break;  
    case "long": 
    case "int": 
     $theValue = ($theValue != "") ? intval($theValue) : "NULL"; 
     break; 
    case "double": 
     $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; 
     break; 
    case "date": 
     $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; 
     break; 
    case "defined": 
     $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; 
     break; 
    } 
    return $theValue; 
} 
} 

mysql_select_db($database_ships, $ships); 
$query_ships = "SELECT TOP 1  ships.ship_id FROM ship_information INNER JOIN (  SELECT ship_name FROM ship_information WHERE ship_id = $_GET'current_ship_id'  ) As current_ship  ON ships.ship_name < current_ship.ship_name ORDER BY ships.ship_name ASC"; 
$ships = mysql_query($query_ships, $ships) or die(mysql_error()); 
$row_ships = mysql_fetch_assoc($ships); 
$totalRows_ships = mysql_num_rows($ships); 
echo $current_ship_id; 
echo "<br><br>"; 
?>

來源

2013-07-09 user2406993

回答

1

這是開放給SQL的注射。你應該閱讀這意味着什麼,你應該考慮切換到pdo或至少mysqli。該查詢(只要查詢本身是正確的)將根據GET中提供的id(?ship_id=[the id that goes here])選擇一艘船。

mysql_select_db($database_ships, $ships); 
$query_ships = " 
SELECT ships.ship_id 
FROM ship_information 
INNER JOIN (
    SELECT ship_name 
    FROM ship_information 
    WHERE ship_id = '$_GET[ship_id]') 
    AS current_ship 
    ON ships.ship_name < current_ship.ship_name 
ORDER BY ships.ship_name ASC"; 
$ships = mysql_query($query_ships, $ships) or die(mysql_error()); 
$row_ships = mysql_fetch_assoc($ships); 
$totalRows_ships = mysql_num_rows($ships); 
echo $current_ship_id; 
echo "<br><br>";

來源

2013-07-09 09:35:58 OptimusCrime

+0

嘿,擎天柱,感謝你,真的徹底的代碼......我現在得到這個錯誤,雖然......你的SQL語法錯誤;檢查與您的MySQL服務器版本相對應的手冊,以便在'1 ships.ship_id FROM ship_information INNER JOIN(SELECT ship_name FRO'at line 1 ......)附近使用正確的語法......這是正確的方法, m試圖達到你的想法,非常感謝你 – user2406993

+0

@ user2406993 - 你的查詢是錯誤的,我不能解決這個問題,其餘的答案是回答你最初的問題。 – OptimusCrime

相關問題

 相關問題