嘿,大家有点麻烦,我不明白为什么我的 PHP 脚本不能工作。
所以我将首先展示代码,然后再讨论我遇到的问题:
include('select-stock.php');
include('db-affinity/header-main.php'); ?>
<?php $carId = $_GET['id']; ?>
<?php
try {
$carview = $db->prepare("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive, FullRegistration FROM import WHERE FullRegistration = $carId");
} catch (Exception $e) {
echo "Error.";
exit;
}
$cardata = $carview->fetch(PDO::FETCH_ASSOC)
?>
<div class="container">
<div class="row">
<div class="col-md-12 col-sm-12">
<?php echo "$carId"; ?>
<?php echo mysql_errno($carview) ?>
<?php echo '<ul class="overwrite-btstrp-ul other-specs-ul h4-style">
<li>Mileage: '.number_format($cardata["Mileage"]).'</li>
<li>Engine size: '.$cardata["EngineSize"].'cc</li>
</ul>'
?>
</div>
</div>
</div>
<?php include('db-affinity/footer.php') ?>
所以基本上我想从这段代码中实现的目标是根据 URL 的 ?id= 是否与我的 'FullRegistration'< 的行匹配来为我的页面提供动态内容 列。
例如,如果我有一个像这样的 URL“www.cars.com/carview.php?id=NG61CWJ”,那么我希望我的脚本检查“FullRegistration”列中是否有一行具有该值我的表,然后回显该行的某些列的结果,就像我的代码中当前的示例一样:
<?php echo '<ul class="overwrite-btstrp-ul other-specs-ul h4-style">
<li>Mileage: '.number_format($cardata["Mileage"]).'</li>
<li>Engine size: '.$cardata["EngineSize"].'cc</li>
</ul>'
?>
理论上
FROM import WHERE FullRegistration = $carId
应该使这种情况发生,但是由于某种原因,当我使用上面的脚本时,我的服务器上返回了 nil 结果,而不是与我得到的 GET id 匹配的行的结果:
里程:0 发动机尺寸:cc
我知道我的代码目前不安全,但目前这不是问题。
任何想法为什么我可能会返回零结果,我对该表的其他查询都完美地工作,但是我对这个感到困扰,您能在这段代码中看到任何可能导致此问题的内容吗?
以下是代码块 select-stock.php 顶部包含的其他查询,以防万一这可能会出现一些问题:
<?php
include('database.php');
try {
$results = $db->query("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive, FullRegistration FROM import ORDER BY Make ASC");
} catch (Exception $e) {
echo "Error.";
exit;
}
///carousel-vehicle results
try {
$fourresults = $db->query("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive FROM import ORDER BY Make LIMIT 0, 4");
} catch (Exception $e) {
echo "Error.";
exit;
}
try {
$fourresultsone = $db->query("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive FROM import ORDER BY Make LIMIT 4, 4");
} catch (Exception $e) {
echo "Error.";
exit;
}
try {
$fourresultstwo = $db->query("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive FROM import ORDER BY Make LIMIT 8, 4");
} catch (Exception $e) {
echo "Error.";
exit;
}
try {
$makeFilter = $db->query("SELECT DISTINCT Make FROM import ORDER BY Make ASC");
} catch (Exception $e) {
echo "Error.";
exit;
}
try {
$modelFilter = $db->query("SELECT DISTINCT Model FROM import ORDER BY Make ASC");
} catch (Exception $e) {
echo "Error.";
exit;
}
?>
所有这些查询都在实时站点上完美运行,因此数据库连接显然正在运行。
最佳答案
我相信如果你像这样改变代码它会起作用:
$carview = $db->prepare("选择品牌、型号、颜色、燃油类型、年份、里程、车身类型、车门、型号、发动机尺寸、价格、变速箱、PictureRefs、ServiceHistory、以前的车主、选项、FourWheelDrive , FullRegistration FROM import WHERE FullRegistration = '$carId'");
但是在继续之前,请务必让自己了解 SQL injection 的危险。 ,否则我可以删除或转储数据库中的每个表,只需将相应的值传递给 ?id=...
关于PHP 和 MySQL : Using $_GET ['id' ] to query matching table id,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26316567/