變量在MySQL查詢

for ($i=0; $i<$count; $i++) { 
    $appid = $chk[$i]; 


    include "dbconnect.php"; 
    $selectquery = mysql_query("SELECT * FROM regform_admin WHERE tid = '$appid'"); 
    $fetch = mysql_fetch_array($selectquery); 
    $tid = $fetch['tid']; $username = $fetch['username']; $c_month = $fetch['month']; $c_day =$fetch['day']; $c_year = $fetch['year']; 
    $c_month2 = $fetch['month2']; $c_day2 =$fetch['day2']; $c_year2 = $fetch['year2']; 
    $pickup = "".$c_month."/".$c_day."/".$c_year.""; 
    $return = "".$c_month2."/".$c_day2."/".$c_year2.""; 
    $pickuploc = "".$fetch['pickupret']." "." ".$fetch['speclocation'].""; 
    $desti = "".$fetch['destination']." "." ".$fetch['location'].""; 
    $vehicle1 = $fetch['vehicle1']; 
    $datesent = date("n j, Y; G:i"); ; 
    $rand = rand(98765432,23456789); 

    include "vehicledbconnect.php"; 
    $vquery = mysql_query("SELECT * FROM vehicletbl WHERE vehicle = '$vehicle1'"); 
      $getvquery = mysql_fetch_array($vquery); 
      $maxcars = $getvquery['maxcars']; 
      $carsleft = $getvquery['carsleft']; 
      if ($carsleft == 0) { 
      echo ' 
     <script language="JavaScript"> 
     alert("Cannot move reservation to Pending for payment status. No available vehicles left for this reservation."); 
     </script>'; 

     echo "$vehicle1"; 

      }

嗨，大家好我這裏的問題是，如果它插入到數據庫查詢$車輛沒有返回它的值（$ vquery =請求mysql_query（「SELECT * FROM vehicletbl WHERE車輛=「$ vehicle1'「）;）但是如果它被回顯，它會返回它的值。這裏的邏輯是，它將選擇車輛1中的所有值，其中「車輛」列中的任何值的值將等於$ vehicle1。謝謝您的幫助！變量在MySQL查詢

來源

2011-09-07 glove

什麼都不是通過名稱$車輛分配給變量？ – Tobias

請顯示'$ query'輸出的內容 –

您的查詢有零錯誤處理。嘗試添加一些調試查詢電話：

$result = mysql_query(...) or die(mysql_error());

的代碼的其餘部分是醜陋的，但看起來「OK」，於是開始尋找爲什麼你什麼也沒有得到來自查詢回來。

永不假設查詢成功。

來源

2011-09-07 14:19:31

謝謝，是的，其餘的代碼是醜陋的。那是因爲我還是一個noob程序員。 – glove

試試這個調試：

$sql = "SELECT * FROM vehicletbl WHERE vehicle = '" . $vehicle1 . "'"; 
$vquery = mysql_query($sql) or die(mysql_error() . "\n<br>$sql");

這就是我做什麼找到我的SQL錯誤。

來源

2011-09-07 14:24:50 Pheonix

-1

Noob程序員？這裏有一些事情要知道：

for ($i=0; $i<$count; $i++) { 
    $appid = $chk[$i]; 

// Replaced By ... 
foreach($chk as $appid){

http://php.net/manual/en/control-structures.foreach.php

// Include the file before the loop ! You're including 20 times your file, but you just need to do it once ! Another thing to know: 
include_once("dbconnect.php");

http://php.net/manual/en/function.include-once.php

$desti = "".$fetch['destination']." "." ".$fetch['location'].""; 
// WHY ?? Isn't that easier to do this ? 
$desti = $fetch['destination']." ".$fetch['location'];

和安全性：

// Don't forget to escape your variables before putting it in mysql queries 
$appid = mysql_real_escape_string($appid); 
$selectquery = mysql_query("SELECT * FROM regform_admin WHERE tid = '$appid'");

Best way to defend against mysql injection and cross site scripting

還有其他言論，但先試着改進這些點！

來源

2011-09-07 15:00:23

變量在MySQL查詢

回答

相關問題