Fatal编程技术网
  • php/
  • Php MySQL选择$id所在的位置

Php MySQL选择$id所在的位置

php sql

Php MySQL选择$id所在的位置,php,sql,get,Php,Sql,Get,我有一个包含以下代码片段的网站: <?php mysql_connect('localhost','root','password'); mysql_select_db('news'); $id_article = $_GET['newsid']; $query = mysql_query('SELECT * FROM news WHERE id="$id_article"'); { echo '<div class="item"><h1><a hre

我有一个包含以下代码片段的网站:

<?php
mysql_connect('localhost','root','password');
mysql_select_db('news');
$id_article = $_GET['newsid'];
$query = mysql_query('SELECT * FROM news WHERE id="$id_article"');
{
    echo '<div class="item"><h1><a href="read-news.php?newsid='.$query['id'].'">'.$query['subject'].'</a></h1><br />';
    echo $query['full_content'].'<br / >';
    echo date('D-M-Y', $query['date']).'<br / >';
    echo 'Posted by '.$id_article;
    echo '</div>'; 
}
?>

像这样使用


$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result) or die(mysql_error());
echo $row['id']. " - ". $row['date'];



您无法获得查询结果。使用方法如下:


<?php
   mysql_connect('localhost','root','password');
   mysql_select_db('news');
   $id_article = intval($_GET['newsid']);
   $query = mysql_query('SELECT * FROM news WHERE id=' . $id_article);

   if (mysql_num_rows($query) > 0)
   {
       $row = mysql_fetch_assoc($query);

       echo '<div class="item"><h1><a href="read-news.php?newsid='.$row['id'].'">'.$row['subject'].'</a></h1><br />';
       echo $row['full_content'].'<br / >';
       echo date('D-M-Y', $row['date']).'<br / >';
       echo 'Posted by '.$id_article;
       echo '</div>';
   } 
?>






提示:使用PDO或mysqli代替mysql_u函数!Mysql_uu函数在新的php版本中已被弃用/不受支持


此外,在传递到查询之前,请先对输入进行sanatize
 您没有使用mysql\u fetch\u assoc
。使用方法如下:

$query = mysql_query('SELECT * FROM news WHERE id=' . $id_article);
$row = mysql_fetch_assoc($query);
if(count($row)>0)
{
     echo '<div class="item"><h1><a href="read-news.php?newsid='.$query['id'].'">'.$row['subject'].'</a></h1><br />';
     echo $row['full_content'].'<br / >';
     echo date('D-M-Y', $row['date']).'<br / >';
     echo 'Posted by '.$id_article;
     echo '</div>'; 
}

$query=mysql\u query('SELECT*FROM news WHERE id='。$id\u article);
$row=mysql\u fetch\u assoc($query);
如果(计数($row)>0)
{
回声“
”;
echo$row['full_content']。
;
回显日期('D-M-Y',$row['date'])。
;
echo“发布人”。$id\u文章;
回声';
}
更改您的密码

$query = mysql_query('SELECT * FROM news WHERE id="$id_article"');
{
    echo '<div class="item"><h1><a href="read-news.php?newsid='.$query['id'].'">'.$query['subject'].'</a></h1><br />';
    echo $query['full_content'].'<br / >';
    echo date('D-M-Y', $query['date']).'<br / >';
    echo 'Posted by '.$id_article;
    echo '</div>'; 
}

$query=mysql\u query('SELECT*FROM news WHERE id=“$id\u article”);
{
回声“
”;
echo$query['full_content'].
;
回显日期('D-M-Y',$query['date'])。
;
echo“发布人”。$id\u文章;
回声';
}


$sql=“SELECT*FROM news WHERE id=$id\u article”;
$query=mysql\u查询($sql);
而($result=mysql_fetch_assoc($query));
{
回声“
”;
echo$result['full_content']。
;
回显日期('D-M-Y',$result['date'])。
;
echo“发布人”。$id\u文章;
回声';
}
您的代码中有很多错误 mysql\u查询已被折旧 使用以下代码 和查克的错误

<?php
mysql_connect('localhost', 'root', 'password');
$conn = mysql_select_db('news');
$id_article = $_GET['newsid'];
if($query = mysqli_fetch_assoc(mysqli_query($conn,"SELECT * FROM news WHERE id=$id_article"))){ 
echo '<div class="item"><h1><a href="read-news.php?newsid=' . $query['id'] . '">' . $query['subject'] . '</a></h1><br />';
echo $query['full_content'] . '<br / >';
echo date('D-M-Y', $query['date']) . '<br / >';
echo 'Posted by ' . $id_article;
echo '</div>';
}

?>
试试这个

$id_article = $_GET['newsid'];
$query = "SELECT * FROM news WHERE id='$id_article'";
$query1=mysql_query($query);
您应该调用函数来获取查询返回的行。您正在尝试访问$query而不是行。您的代码应该如下所示:

<?php
  mysql_connect('localhost','root','password');
  mysql_select_db('news');
  $id_article = $_GET['newsid'];
  $query = mysql_query('SELECT * FROM news WHERE id="$id_article"');

  if ($query) {    
    $row = mysql_fetch_assoc($query));
    echo '<div class="item"><h1><a href="read-news.php?newsid='. $row['id'].'">'. $row['subject'].'</a></h1><br />';
    echo $row['full_content'].'<br / >';
    echo date('D-M-Y', $row['date']).'<br / >';
    echo 'Posted by '.$id_article;
    echo '</div>'; 
  } else {
    $message  = 'Invalid query: ' . mysql_error() . "\n";
    $message .= 'Whole query: ' . $query;
    die($message);
  }
?>

输入有什么问题吗?如果使用GET或POST的输入,它们可能包含危险内容。这就是为什么清理更好,例如通过mysql\u real\u escape\u字符串(更好:mysqli\u real\u escape\u字符串)。如果你只需要一个数字,你可以使用intval(见我的示例代码)你能用mysqli函数更改代码吗?谢谢

<?php
  mysql_connect('localhost','root','password');
  mysql_select_db('news');
  $id_article = $_GET['newsid'];
  $query = mysql_query('SELECT * FROM news WHERE id="$id_article"');

  if ($query) {    
    $row = mysql_fetch_assoc($query));
    echo '<div class="item"><h1><a href="read-news.php?newsid='. $row['id'].'">'. $row['subject'].'</a></h1><br />';
    echo $row['full_content'].'<br / >';
    echo date('D-M-Y', $row['date']).'<br / >';
    echo 'Posted by '.$id_article;
    echo '</div>'; 
  } else {
    $message  = 'Invalid query: ' . mysql_error() . "\n";
    $message .= 'Whole query: ' . $query;
    die($message);
  }
?>