0

I am having issue trying to display a database result on page load and form submit. when the page loads it keeps giving me blank page but when I submit the form, I get results.

<?php
    $alpha = mysql_real_escape_string($_POST['alpha']);

    $p ="^[".$alpha."]";

    if (!isset($p)&&empty($p)){$p = "^[a-z]";}

    $select = "SELECT u.pname,u.categoryid,p.amountpaid,p.teller,p.handler,
    p.scollection,p.project,p.levies,p.status,q.quarter,q.year,
    p.invoice,q.ordinary_cf,q.special_cf,q.cate_id
    FROM users u
    INNER JOIN tbl_paymentalert p
    ON u.categoryid = p.catid

    INNER JOIN tbl_quartersummary q
    ON p.catid= q.cate_id
    WHERE q.quarter = :quarter AND q.year = :year AND pname REGEXP :p
    ORDER BY u.pname  limit :eu,:limit
";

$q=$conn->prepare($select);
$q->bindValue(':quarter', $quarter, PDO::PARAM_STR);
$q->bindValue(':year', $year, PDO::PARAM_STR);
$q->bindValue(':p', $p, PDO::PARAM_STR);
$q->bindValue(':eu', $eu, PDO::PARAM_INT); 
$q->bindValue(':limit', $limit, PDO::PARAM_INT);
$q->execute();
    ?>
4

1 回答 1

2

好的...所以...您从$_POST. 

// if you're using mysqli_ or pdo and using a prepared query or data binding
// mysql_real_escape_string is not necessary... 
$alpha = mysql_real_escape_string($_POST['alpha']);

// even if $alpha was empty, $p will always be set and will
// never be empty because of the following statement.  
// if alpha is empty, $p will be "^[]"
$p ="^[".$alpha."]";


// this code will never happen... so your default won't be set.     
if (!isset($p) && empty($p) )
{
    $p = "^[a-z]";
}

做类似...

//        if `$_POST` is set,        use that value,   if not use 'a-z'
$alpha = (isset($_POST['alpha'])) ? $_POST['alpha'] : 'a-z'; 

$p = "^[".$alpha."]";

接着

$q->execute(array($quarter,$year,$p,$e,$limit));

确保设置了这些变量,或者您已经处理了未设置时会发生的情况。这可能会导致您在没有任何解释的情况下无法获得任何结果。

(最后一次编辑,我发誓,除非 OP 要求澄清或其他什么)
尝试 pdo 做得很好,通常人们害怕它并忽略警告。认真的,干得好!

于 2013-11-07T04:22:30.137 回答