3

我是使用 PHP 和 mySQL DB 的新手。我正在尝试让用户在此处输入用户名(UN)以进入我网站的这一部分。我有一个带有名为“test”的用户表的 mySQL DB(测试)。我知道我连接正常,因为我通过创建一个简单的页面来测试它来打开数据库并列出所有用户(来自联合国字段),或者选择一个特定的用户。然后我创建了一个名为“input.php”的页面来测试获取输入。如在这里看到>

<html>
 <body>
 <form action="test.php" method="get">
 UN: <input type="text" name="U">
 <input type="submit">
 </form>
 </body>
 </html>

上面的输入转到下面的“test.php”,用我的数据库中的当前数据检查它。

<?php
$hostname = "test.db.some#.somehost.com";
    $username = "test";
    $dbname = "test";
$password = "password";
$usertable = "test";
$yourfield = "UN";
    mysql_connect($hostname, $username, $password) OR DIE ("Unable to 
        connect to database! Please try again later.");
    mysql_select_db($dbname);
$query = "SELECT * FROM $usertable WHERE $yourfield = $_GET["U"]";
    $result = mysql_query($query);
    if ($result) {
        while($row = mysql_fetch_array($result)) {
                $name = $row["$yourfield"];
                echo "Hello: $name<br>";
            }
    }
    else {
        echo "User dosen't exit!";
    }
    mysql_close();
?>

这是我得到的错误> *Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/content/81/11107981/html/test.php on line 20*

我知道我很接近了,但我想要雪茄。;)

4

4 回答 4

1

我认为问题在于您没有转义查询中的引号:

尝试以下操作:

$u = $_GET['u'];
$query = "SELECT * FROM $usertable WHERE $yourfield = " . $u;
于 2013-05-17T23:25:39.333 回答
1

mysql_* 已弃用。你应该避免它们。

改变

mysql_connect($hostname, $username, $password) OR DIE ("Unable to 
    connect to database! Please try again later.");


$connection = mysql_connect($hostname, $username, $password) OR DIE ("Unable to 
connect to database! Please try again later.");

,

$query = "SELECT * FROM $usertable WHERE $yourfield = $_GET["U"]";


$query = "SELECT * FROM $usertable WHERE $yourfield = '".$_GET["U"]."'";


mysql_close();


mysql_close($connection);
于 2013-05-17T23:30:59.263 回答
0

您的第一个问题已解决,但这是您的第二个问题的解决方案以及将此代码转换为 mysqli 的帮助

<?php
$hostname = "test.db.some#.somehost.com";
$username = "test";
$dbname = "test";
$password = "password";
$usertable = "test";
$yourfield = "UN";
$connect   =  mysqli_connect($hostname, $username, $password) OR DIE ("Unable to 
    connect to database! Please try again later.");
mysqli_select_db($dbname);

/* You can combine the above two lines in oen in mysqli by giving db name as fourth parameter
 mysqli_connect($hostname, $username, $password, $dbname)

*/

$query = "SELECT * FROM $usertable WHERE $yourfield = $_GET["U"]";
$result = mysqli_query($query);
$rowSelected   = mysqli_num_rows($result);
if ($rowSelected ) {
    while($row = mysqli_fetch_array($result)) {
            $name = $row["$yourfield"];
            echo "Hello: $name<br>";
        }
}
else {
    echo "User dosen't exit!";
}
mysqli_close($connect);
?>

mysql_querymysqli_query将返回资源..无论是否获取行,这都是正确的..您需要检查是否有任何实际正在获取的数据..所以使用mysqli_num_rows(mysqli version of mysql_num_rows)

于 2013-05-18T05:05:36.303 回答
0

您应该改为这样编写查询:

$query = "SELECT * FROM $usertable WHERE $yourfield = '" . $_GET["U"] . "'";

或者你可以这样写:

$query = "SELECT * FROM $usertable WHERE $yourfield = '{$_GET["U"]}'";
于 2013-05-17T23:31:46.793 回答