1

当我尝试运行此代码时,没有显示任何结果。请帮助我

...一些代码在这里...

$result = mysql_query("select  *  from dataform where  date between '" . $d1 . "' and '" . $d2 . "'");

if (!$result) {
    echo 'No result';
}
else{
    echo $d1;
    echo $d2;
    echo "<table class=\"hovertable\">";

    echo "
<tr onmouseover=\"this.style.backgroundColor='#ffff66';\" onmouseout=\"this.style.backgroundColor='#d4e3e5';\">";

    echo "<th>File No</th>";
    echo "<th>Manufactor</th>";
    echo "<th>Address</th>";
    echo "<th>Supplier</th>";
    echo "<th>Place Site</th>";
    echo "<th>Tender Ref</th>";
    echo "<th>Award No</th>";
    echo "</tr>";
    while ($row = mysql_fetch_array($result)) {
        echo "<tr onmouseover=\"this.style.backgroundColor='#ffff66';\" onmouseout=\"this.style.backgroundColor='#d4e3e5';\">";
        echo "<th>" . $row["fileno"] . "</th>";
        echo "<th>" . $row["manufacture"] . "</th>";
        echo "<th>" . $row["address"] . "</th>";
        echo "<th>" . $row["sup"] . "</th>";
        echo "<th>" . $row["placesite"] . "</th>";
        echo "<th>" . $row["tenderref"] . "</th>";
        echo "<th>" . $row["awardno"] . "</th>";
        echo "</tr>";
    }
4

1 回答 1

5

DATE尝试使用反引号`转义您的列,因为它是 MySQL 数据类型。另一个建议是避免使用查询的字符串连接,因为它容易发生 mysql 注入。使用PHP PDOMYSQLi

使用 PDO 的示例:

<?php
$stmt = $dbh->prepare("SELECT * FROM dataform WHERE  `date` BETWEEN ? AND ?");

$stmt->bindParam(1, $d1);
$stmt->bindParam(2, $d2);

$stmt->execute();

$result = $stmt->fetchAll(PDO::FETCH_ASSOC); //Fetch all results in form of associative array.

?>

请记住始终清理您的输入。

更新 1

您没有在WHILE循环中检查条件。您现在的做法是分配一个错误的值。尝试使用==

代替

while ($row = mysql_fetch_array($result))
{

}

改成这个

while ($row == mysql_fetch_array($result))
{

}
于 2012-08-12T15:15:11.560 回答