0

我一直在尝试各种各样的事情,出于某种原因,无论我做什么,我似乎都无法用 avriable 进行查询……到目前为止,这是我的代码,不是全部,但我指出了我的问题所在。 ...

<?php




    $hostname = 'localhost';        // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
 $dbname   = 'ServiceHistoryDB'; // Your database name.
 $username = 'root';             // Your database username.
 $password = '';                 // Your database password. If your database has no password, leave it empty.

// Let's connect to host
 mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
 // Select the database
 mysql_select_db($dbname) or DIE('Database name is not available!');

$custnum = '1'; 

    function connect(){

        mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
        mysql_select_db($dbname) or DIE('Database name is not available!');
    }

    function close(){
        mysql_close();
    }

        function query(){
            $mydata = mysql_query("SELECT * FROM vehicles WHERE CustNum=1");
            while($record = mysql_fetch_array($mydata)){
                echo '<option value="' . $record["Model"] . '">' . $record["Model"] . '</option>';
        }

    }










?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>testdropdown</title>
</head>

<body>

<select name="dropdown">
<?php query() ?>
</select>
<?php close() ?>
</body>
</html>
4

1 回答 1

0

好的,你可以简单地写下如下的变量:

$variable = 'someData';
"Select someColumn from yourTable where someColumn = $variable";

但是,如果您从函数中执行此操作,则可能需要声明一个global变量以检索该值(如果该值是在函数外部设置的):

function someFunc(){
    global $variable; // set above
    "Select someColumn from yourTable where someColumn = $variable";
}

使用准备好的语句

您应该切换到mysqli prepared statements,因为它们更安全:

if($stmt = $mysqli->prepare($yourSQL)){
    $stmt->bind_param("s", $variable);
    $stmt->execute();
    $stmt->bind_result($thisHoldsThe_QueryResult);
    $stmt->fetch();
    $stmt->close();
}
于 2013-04-27T04:34:39.703 回答