Php MySQL选择$id所在的位置
我有一个包含以下代码片段的网站:Php MySQL选择$id所在的位置,php,sql,get,Php,Sql,Get,我有一个包含以下代码片段的网站: <?php mysql_connect('localhost','root','password'); mysql_select_db('news'); $id_article = $_GET['newsid']; $query = mysql_query('SELECT * FROM news WHERE id="$id_article"'); { echo '<div class="item"><h1><a hre
<?php
mysql_connect('localhost','root','password');
mysql_select_db('news');
$id_article = $_GET['newsid'];
$query = mysql_query('SELECT * FROM news WHERE id="$id_article"');
{
echo '<div class="item"><h1><a href="read-news.php?newsid='.$query['id'].'">'.$query['subject'].'</a></h1><br />';
echo $query['full_content'].'<br / >';
echo date('D-M-Y', $query['date']).'<br / >';
echo 'Posted by '.$id_article;
echo '</div>';
}
?>
像这样使用
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result) or die(mysql_error());
echo $row['id']. " - ". $row['date'];
您无法获得查询结果。使用方法如下:
<?php
mysql_connect('localhost','root','password');
mysql_select_db('news');
$id_article = intval($_GET['newsid']);
$query = mysql_query('SELECT * FROM news WHERE id=' . $id_article);
if (mysql_num_rows($query) > 0)
{
$row = mysql_fetch_assoc($query);
echo '<div class="item"><h1><a href="read-news.php?newsid='.$row['id'].'">'.$row['subject'].'</a></h1><br />';
echo $row['full_content'].'<br / >';
echo date('D-M-Y', $row['date']).'<br / >';
echo 'Posted by '.$id_article;
echo '</div>';
}
?>
提示:使用PDO或mysqli代替mysql_u函数!Mysql_uu函数在新的php版本中已被弃用/不受支持
此外,在传递到查询之前,请先对输入进行sanatize 您没有使用mysql\u fetch\u assoc
。使用方法如下:
$query = mysql_query('SELECT * FROM news WHERE id=' . $id_article);
$row = mysql_fetch_assoc($query);
if(count($row)>0)
{
echo '<div class="item"><h1><a href="read-news.php?newsid='.$query['id'].'">'.$row['subject'].'</a></h1><br />';
echo $row['full_content'].'<br / >';
echo date('D-M-Y', $row['date']).'<br / >';
echo 'Posted by '.$id_article;
echo '</div>';
}
$query=mysql\u query('SELECT*FROM news WHERE id='。$id\u article);
$row=mysql\u fetch\u assoc($query);
如果(计数($row)>0)
{
回声“
”;
echo$row['full_content']。
;
回显日期('D-M-Y',$row['date'])。
;
echo“发布人”。$id\u文章;
回声';
}
更改您的密码
$query = mysql_query('SELECT * FROM news WHERE id="$id_article"');
{
echo '<div class="item"><h1><a href="read-news.php?newsid='.$query['id'].'">'.$query['subject'].'</a></h1><br />';
echo $query['full_content'].'<br / >';
echo date('D-M-Y', $query['date']).'<br / >';
echo 'Posted by '.$id_article;
echo '</div>';
}
$query=mysql\u query('SELECT*FROM news WHERE id=“$id\u article”);
{
回声“
”;
echo$query['full_content'].
;
回显日期('D-M-Y',$query['date'])。
;
echo“发布人”。$id\u文章;
回声';
}
到
$sql=“SELECT*FROM news WHERE id=$id\u article”;
$query=mysql\u查询($sql);
而($result=mysql_fetch_assoc($query));
{
回声“
”;
echo$result['full_content']。
;
回显日期('D-M-Y',$result['date'])。
;
echo“发布人”。$id\u文章;
回声';
}
您的代码中有很多错误
mysql\u查询已被折旧
使用以下代码
和查克的错误
<?php
mysql_connect('localhost', 'root', 'password');
$conn = mysql_select_db('news');
$id_article = $_GET['newsid'];
if($query = mysqli_fetch_assoc(mysqli_query($conn,"SELECT * FROM news WHERE id=$id_article"))){
echo '<div class="item"><h1><a href="read-news.php?newsid=' . $query['id'] . '">' . $query['subject'] . '</a></h1><br />';
echo $query['full_content'] . '<br / >';
echo date('D-M-Y', $query['date']) . '<br / >';
echo 'Posted by ' . $id_article;
echo '</div>';
}
?>
试试这个
$id_article = $_GET['newsid'];
$query = "SELECT * FROM news WHERE id='$id_article'";
$query1=mysql_query($query);
您应该调用函数来获取查询返回的行。您正在尝试访问$query而不是行。您的代码应该如下所示:
<?php
mysql_connect('localhost','root','password');
mysql_select_db('news');
$id_article = $_GET['newsid'];
$query = mysql_query('SELECT * FROM news WHERE id="$id_article"');
if ($query) {
$row = mysql_fetch_assoc($query));
echo '<div class="item"><h1><a href="read-news.php?newsid='. $row['id'].'">'. $row['subject'].'</a></h1><br />';
echo $row['full_content'].'<br / >';
echo date('D-M-Y', $row['date']).'<br / >';
echo 'Posted by '.$id_article;
echo '</div>';
} else {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query;
die($message);
}
?>
输入有什么问题吗?如果使用GET或POST的输入,它们可能包含危险内容。这就是为什么清理更好,例如通过mysql\u real\u escape\u字符串(更好:mysqli\u real\u escape\u字符串)。如果你只需要一个数字,你可以使用intval(见我的示例代码)你能用mysqli函数更改代码吗?谢谢
<?php
mysql_connect('localhost','root','password');
mysql_select_db('news');
$id_article = $_GET['newsid'];
$query = mysql_query('SELECT * FROM news WHERE id="$id_article"');
if ($query) {
$row = mysql_fetch_assoc($query));
echo '<div class="item"><h1><a href="read-news.php?newsid='. $row['id'].'">'. $row['subject'].'</a></h1><br />';
echo $row['full_content'].'<br / >';
echo date('D-M-Y', $row['date']).'<br / >';
echo 'Posted by '.$id_article;
echo '</div>';
} else {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query;
die($message);
}
?>