0

这是我的代码:

  $international_categories = $_GET['international_categories'];

      $query = "SELECT * 
      FROM 
        tourDB
      WHERE 
        categories LIKE '$international_categories'";

  $result = mysql_query( $query ) or die ( mysql_error() );

  if ( $result !== false && mysql_num_rows($result) > 0 ) {
    while ( $ilist = mysql_num_rows( $result ) > 0)  {
        $tour_id             = stripslashes( $ilist[ 'tour_id' ] );
        $tour_type           = stripslashes( $ilist[ 'tour_type' ] );
        $tour_name           = stripslashes( $ilist[ 'tour_name' ] );
        $day                 = stripslashes( $ilist[ 'day' ] );
        $nights              = stripslashes( $ilist[ 'nights' ] );
        $tour_price          = stripslashes( $ilist[ 'tour_price' ] );
        $overview            = stripslashes( $ilist[ 'overview' ] );
        $itinerary           = stripslashes( $ilist[ 'itinerary' ] );
        $terms_conditons     = stripslashes( $ilist[ 'terms_conditons' ] );
        $inclusions          = stripslashes( $ilist[ 'inclusions' ] );
        $exclusions          = stripslashes( $ilist[ 'exclusions' ] );
        $twin_triple_sharing = stripslashes( $ilist[ 'twin_triple_sharing' ] );
        $single_occcupancy   = stripslashes( $ilist[ 'single_occcupancy' ] );
        $child_with_no_bed   = stripslashes( $ilist[ 'child_with_no_bed' ] );
        $inf_below           = stripslashes( $ilist[ 'inf_below' ] );
        $pricing_details     = stripslashes( $ilist[ 'pricing_details' ] );
        $url                 = stripslashes( $ilist[ 'url' ] );
        $international_list_cat .= <<<INTERNATIONAL_LIST_CAT
        <!-- html output -->

       INTERNATIONAL_LIST_CAT;
    }
else {
    $international_list_cat = <<<INTERNATIONAL_LIST_CAT
    <!-- html output -->

    INTERNATIONAL_LIST_CAT;
}

我试图缩短“类别”列的值为“$international_categories”的行

value's of$international_categories = $_GET['international_categories'] 也有空格,虽然我到了$_GET['international_categories']这里,但 MySQL 没有整理出$_GET['international_categories']在其“categories”列中具有 value 的行。

4

2 回答 2

2

兑换

while ( $ilist = mysql_num_rows( $result ) > 0)  {


while ( $ilist = mysql_fetch_array( $result ))  {

感谢 Barmar 警告我。

但正如其他一些用户评论的那样,MySQL 已被弃用,并且极易受到 SQL 注入攻击。您可以使用 PDO 或 MySQLi。我更喜欢 MySQLi,我会将您的代码转换为:

//Define a mysqli variable to use for database connections
$mysqli->new mysqli(host, user, password, dbname);

$international_categories = $_GET['international_categories'];

//Add other columns into query or use *
$query = $mysqli->prepare("SELECT tour_id, tour_type FROM tourDB WHERE categories=?");
//Now we are inserting our external variable into our query
$query->bind_param("i", $international_categories);
$query->execute();
//Now we are declaring variables in order to fetched columns in our SELECT query.
//Add other columns into next line.
$query->bind_result($tour_id, $tour_type);
while($query->fetch())
{
    $international_list_cat .= <<<INTERNATIONAL_LIST_CAT
        <input type="text" value="$tour_type" />
<!-- html output -->

INTERNATIONAL_LIST_CAT;
}

//Now close connection
$query->close();
于 2013-10-05T06:30:11.950 回答
1 
while ($ilist = mysql_num_rows($result) > 0) {

应该:

while ($ilist = mysql_fetch_assoc($result)) {
于 2013-10-05T06:34:57.940 回答