-1 
$InnerJoinQuery = $STD->query("
        SELECT Users.ID, Users.Username, Users.Password, UserInformation.LastName, UserInformation.Firstname, UserInformation.DOB
        FROM Users AS Users 
        INNER JOIN UserInformation AS UserInformation 
        ON Users.ID = UserInformation.UserID WHERE Users.Username=".$_SESSION['real_name']."");
        $InnerJoinArray = $InnerJoinQuery->fetch_array(MYSQLI_ASSOC);

我上面的代码导致错误。它适用于我的WHERE条款。

WHERE Users.Username=".$_SESSION['real_name']."

我怎样才能将这个嵌入到我的内部连接中?

更新:

$InnerJoinQuery = $STD->query("
        SELECT Users.ID, Users.Username, Users.Password, UserInformation.LastName, UserInformation.Firstname, UserInformation.DOB
        FROM Users
        INNER JOIN UserInformation
        ON Users.ID = UserInformation.UserID WHERE Users.Username = '".$_SESSION['real_name']."'");
        $InnerJoinArray = $InnerJoinQuery->fetch_array(MYSQLI_ASSOC);



        $_SESSION['UID'] = $InnerJoinArray['ID'];
        $_SESSION['Password'] = $InnerJoinArray['Password'];
        $_SESSION['Firstname'] = $InnerJoinArray['Firstname'];
        $_SESSION['LastName'] = $InnerJoinArray['LastName'];
        $_SESSION['DOB'] = $InnerJoinArray['DOB'];
            print_r($_SESSION);

这将返回:

数组 ( [real_name] => inhumaneslayer [Password] => [UID] => [Firstname] => [LastName] => [DOB] => )

这不是预期的。

当我将查询更改为:

$InnerJoinQuery = $STD->query("
        SELECT Users.ID, Users.Username, Users.Password, UserInformation.LastName, UserInformation.Firstname, UserInformation.DOB
        FROM Users
        INNER JOIN UserInformation
        ON Users.ID = UserInformation.UserID WHERE Users.Username = 'inhumaneslayer'");

我得到了预期的结果:

数组([real_name] => inhumaneslayer [Password] => PASSWORDHIDDEN [UID] => 5 [Firstname] => xx [LastName] => xx [DOB] => DOBHIDDEN)

这是预期的。

unset($_SESSION);在更改 SQL 之前取消了会话

4

2 回答 2

2

您必须将字符串括在引号中:

... Users.Username='".$_SESSION['real_name']."'")

另外 - 您需要正确转义变量。您将如何做到这一点 - 取决于您使用的数据库库。在你的情况下,它是http://php.net/manual/en/mysqli.real-escape-string.php

... Users.Username='". $STD->real_escape_string($_SESSION['real_name']) ."'")

但更好 - 学习如何使用准备好的语句http://php.net/manual/en/mysqli.prepare.php

$stmt = $STD->query("
        SELECT Users.ID, Users.Username, Users.Password, UserInformation.LastName, UserInformation.Firstname, UserInformation.DOB
        FROM Users AS Users 
        INNER JOIN UserInformation AS UserInformation 
        ON Users.ID = UserInformation.UserID WHERE Users.Username=?");

$stmt->bind_param("s", $_SESSION['real_name']);

$stmt->execute();
$result = $stmt->get_result();

$InnerJoinArray = $result->fetch_array();
于 2013-01-13T03:36:21.050 回答
-1

您忘记了字符串周围的(单/双)引号(您正在寻找一个字符串,而不是整数?)

尝试:".... WHERE Users.Username='".$_SESSION['real_name']."'")

否则,按照你的方式,它会搜索

WHERE Users.Username=some_string(而不是Users.Username='some_string')这将返回一个错误,因为some_string它是一个字符串,它需要用引号引起来

如果仍然没有结果:

尝试将您的查询放入变量中$query = "SELECT Users .....";

然后echo $query看看你的 $_SESSION 变量实际产生了什么。在不知道这一点的情况下,我无能为力提供帮助。

于 2013-01-13T03:36:55.100 回答