-1

我的界面有下拉列表,您必须选择一个项目并单击提交按钮才能在 mysql 中查看数据库但不起作用,它给出错误“表 'balhaf.$table' 不存在”

这是我的代码界面

<html>
<body>

<form method="post" action="list_files.php">
<input name="go" type="submit" value="submit" / >

<?php
$dbname = 'balhaf';

if (!mysql_connect('localhost', 'sqldata', 'sqldata')) {
echo 'Could not connect to mysql';
exit;
}

$sql = "SHOW TABLES FROM $dbname";
$result = mysql_query($sql);

if (!$result) {
echo "DB Error, could not list tables\n";
echo 'MySQL Error: ' . mysql_error();
exit;
}

echo '<select name="dropdown" style="width:150px">';

echo '<option value="">Select</option>';

while ($row = mysql_fetch_row($result)) {

echo '<option value="'.$row[0].'">'.$row[0].'</option>';

}

echo '</select>';
echo '</form>';
mysql_free_result($result);

?>
</body>
</html>

我的第二个代码“list_files.php”

<?php

if(isset($_POST["dropdown"]))

{
echo "ok";
}

$table = $_POST['dropdown'];
// Connect to the database
$dbLink = new mysqli('localhost', 'sqldata', 'sqldata', 'balhaf');
if(mysqli_connect_errno()) {
die("MySQL connection failed: ". mysqli_connect_error());
}

// Query for a list of all existing files
$sql = 'SELECT `id`, `name`, `mime`, `size`, `created` FROM $table';
$result = $dbLink->query($sql);

// Check if it was successfull
if($result) {
// Make sure there are some files in there
if($result->num_rows == 0) {
    echo '<p>There are no files in the database</p>';
}
else {
    // Print the top of a table
    echo '<table border="1" align="center">
          <H2 align="center"> Report Table</H>
            <tr>
                <td><b>Name</b></td>
                <td><b>Mime</b></td>
                <td><b>Size (bytes)</b></td>
                <td><b>Created</b></td>
                <td><b>Download</b></td>

            </tr>';
 // Print each file
    while($row = $result->fetch_assoc()) {
        echo "
            <tr>
                <td>{$row['name']}</td>
                <td>{$row['mime']}</td>
                <td>{$row['size']}</td>
                <td>{$row['created']}</td>
                <td><a style='text-decoration:none;' href='get_file.php?id=    {$row['id']}'>Download</a></td>
            </tr>";
    }

    // Close table
    echo '</table>';
   }

   // Free the result
   $result->free();
   }
   else
   {
   echo 'Error! SQL query failed:';
   echo "<pre>{$dbLink->error}</pre>";
   }

  // Close the mysql connection
  $dbLink->close();
  ?>
4

3 回答 3

0

当变量在字符串中时,将 {} 放在变量周围:

 $sql = "SHOW TABLES FROM $dbname"; //might work
 $sql = "SHOW TABLES FROM {$dbname}"; //preferable

将变量放在字符串中时,请确保使用双引号:

 $sql = 'SELECT `id`, `name`, `mime`, `size`, `created` FROM $table'; //wrong
 $sql = "SELECT `id`, `name`, `mime`, `size`, `created` FROM {$table}"; //right

另外,请注意,如果您让用户设置您放入字符串中的变量,这可能会受到 SQL 注入攻击。

于 2013-08-21T23:52:58.523 回答
0

The error you are seeing is a database error. It has nothing to do with the drop down.

The syntax you are following is incorrect.

Change 

$sql = 'SELECT `id`, `name`, `mime`, `size`, `created` FROM $table';

to 

$sql = "SELECT id, name, mime, size, created FROM '$table'";
于 2013-08-21T23:48:30.593 回答
0

Your code:

$sql = 'SELECT `id`, `name`, `mime`, `size`, `created` FROM $table';

should be either:

$sql = 'SELECT `id`, `name`, `mime`, `size`, `created` FROM '.$table;

or

$sql = "SELECT `id`, `name`, `mime`, `size`, `created` FROM $table";
于 2013-08-21T23:50:54.903 回答