1 
    <!DOCTYPE html>

        <head>  
        </head>
        <body>
        <?php   
            if (isset($_GET['ProductGroupNo'])) {
        // Connect to the MySQL database  
        dbconnect(); 
        $id = preg_replace('#[^0-9]#i', '', $_GET['ProductGroupNo']); 
        // To check to see if this ID exists, if yes then get the product 
        // details, if no then exit this script and give message why
        $stmt = $conn->prepare("SELECT * FROM Product_Group WHERE ProductGroupNo=:id");
        $stmt->bindParam('id',$id);
        $stmt->execute();
        $row = $stmt->fetch(PDO::FETCH_ASSOC);
        if($row) {
                $Name = $row["Name"];
                $Start_Cost = $row["Start_Cost"];
                $Description = $row["Description"];


            ?>      
            <!-- Main Content -->  
    <div id="templatemo_body_wrapper">
    <div id="templatemo_wrapper">

        <div id="templatemo_main">
            <div id="content" class="float_r">
                <h4><?php echo $row['Name']; ?></h4>

                <h5>Product Description</h5>
            <p><?php echo $row['Description']; ?>       </p>    
                    <div class="cleaner h50"></div> 
                <div class="content_half float_r">
                 <table>
                        <tr>
                            <td width="160">Price:</td>
                            <td><?php echo $row['Start_Cost']; ?></td>


 </tr>
                    <tr>
                        </tr>
                    <tr>

$id它应该根据顶部的 id 显示一个下拉选项

    <td>Length(inches):</td>
                        <td>
                        <select name="length" id="length">
                        <?php
                        dbconnect();
                        $stmt = $conn->prepare("
                        SELECT Table2.Name 
                        FROM Table2 
                        LEFT JOIN Table1 ON Table1.vid = Table2.vid 
                        WHERE Table1.id = '$id'");
                        $stmt->execute();
                            $i = 0;
                            foreach( $stmt->fetchAll(PDO::FETCH_ASSOC) as $row )
                            {
                                if ($i == 0)
                                {
                                    echo '<option',fillSelect('Name',$row['vid'],'',true),' value="'.$row['vid'].'">'.$row['Name'].'</option>';
                                }
                                else
                                {
                                    echo '<option',fillSelect('Name',$row['vid']),' value="'.$row['vid'].'">'.$row['Name'].'</option>';
                                }
                                $i++;
                            }
                            ?>
                        </select>

------------------------------------------------------------------------------------------
    **Table 1

         id      Vid         coke   Tea   
          1.     1           11      33
          2.     2           32      44

    Table 2

         vid        id                Name      snacks
          1.         1                coke      chocolate           
          2.         2                tea       biscuit**

Is they a way to `SELECT` everything from the Name column if the $id matches the id  from the table 1
4

2 回答 2

0 
SELECT t2.Name FROM t2 JOIN t1 ON (t2.vid = t1.id)
WHERE t1.id = ?

您不应该通过任何一种方式进行自己的卫生preg_replace('#[^0-9]#i', '', $_GET['id'])处理,您应该参数化查询并使用 PDO 来准备查询并将其$_GET['id']作为输入执行。这将为您清理输入。

于 2013-05-27T14:07:08.777 回答
0 
SELECT Table2.Name 
FROM Table2 
LEFT JOIN Table1 ON Table1.vid = Table2.vid 
WHERE Table1.id = '$id';
于 2013-05-27T13:43:31.493 回答