在PHP中相应的MYSQL表中调用值
我有以下简单的搜索代码:在PHP中相应的MYSQL表中调用值,php,html,mysql,Php,Html,Mysql,我有以下简单的搜索代码: <?php mysql_connect ("localhost", "xxx","xxx") or die (mysql_error()); mysql_select_db ("xxx"); $term = $_POST['term']; $sql = mysql_query("select * from attendees where Surname like '%$term%' or Name like'%$term%' "); while ($r
<?php
mysql_connect ("localhost", "xxx","xxx") or die (mysql_error());
mysql_select_db ("xxx");
$term = $_POST['term'];
$sql = mysql_query("select * from attendees where Surname like '%$term%' or Name like'%$term%' ");
while ($row = mysql_fetch_array($sql)){
echo '<br/> Name: '.$row['Name'];
echo '<br/> Last Name: '.$row['Surname'];
echo '<br/> E-Mail: '.$row['email'];
echo '<br/><br/>';
}
?>
使用左连接
$sql = mysql_query("select * from attendees a
left join images i on a.id_attendees = i.id_images
where a.Surname like '%$term%' or a.Name like'%$term%' ");
这将使用图像和左连接连接Attents,并确保如果没有与Attents匹配的id,则图像将显示null
正如stackoverflow中的每个人所建议的那样……甚至我也建议您使用mysqli
自
从PHP5.5.0开始,此扩展已被弃用,将来将被删除。相反,应该使用MySQLi或PDO_MySQL扩展
请注意,不鼓励使用mysql_*函数
无论如何;您可以通过一个简单的连接来编写:
SELECT whatever, you, want
FROM attendees JOIN id_attendees = id_images
WHERE ... your current where clause
您可以像现在一样使用所需的所有列(只要您选择它们):
while ($row = mysql_fetch_array($sql)){
echo '<br/> Name: '.$row['Name'];
echo '<br/> Last Name: '.$row['Surname'];
echo '<br/> E-Mail: '.$row['email'];
echo '<img src="'.$row['image_path'].'" />'; // YOUR IMAGE
echo '<br/><br/>';
}
while($row=mysql\u fetch\u数组($sql)){
回显“
名称:”.$row['Name'];
回显“
姓氏:”.$row[“姓氏];
回显“
电子邮件:”.$row['email'];
回显“”;//您的图像
回音“
”;
}
注意:您的代码使用的是mysql函数,这是不鼓励使用的。还请注意,当前代码中存在很高的SQL注入漏洞。使用mysql\u real\u escape\u string来确保您的数据被转义,或者更好地使用PDO或其他正确的方法来防止这种情况发生,并具有良好系统的优点。您可以使用内部连接来连接images表以获取图像路径
mysql_connect ("localhost", "xxx","xxx") or die (mysql_error());
mysql_select_db ("xxx");
// Note that you have to escape your search term to prevent SQL Injection
$term = mysql_real_escape_string($_POST['term']);
$sql = mysql_query("SELECT a.*, i.imagepath
FROM attendees a
JOIN images i
ON i.id_images=a.id_attendees
WHERE a.Surname LIKE '%$term%' OR a.Name LIKE '%$term%' ");
while ($row = mysql_fetch_array($sql)){
echo '<br/> Name: '.$row['Name'];
echo '<br/> Last Name: '.$row['Surname'];
echo '<br/> E-Mail: '.$row['email'];
echo '<br/><br/>';
}
mysql\u connect(“localhost”、“xxx”、“xxx”)或die(mysql\u error());
mysql_select_db(“xxx”);
//请注意,您必须转义搜索词以防止SQL注入
$term=mysql\u real\u escape\u字符串($\u POST['term']);
$sql=mysql\u查询(“选择一个*,i.imagepath
来自与会者a
加入图片一
在i.id_图像上=a.id_与会者
其中,“%$term%”等姓或“%$term%”等名;
while($row=mysql\u fetch\u数组($sql)){
回显“
名称:”.$row['Name'];
回显“
姓氏:”.$row[“姓氏];
回显“
电子邮件:”.$row['email'];
回音“
”;
}
您必须使用MySQLi或PDO,因为mysql.*
函数已被弃用在链接表格时,始终使用关节,在您的情况下,它将类似于:
$query = "select a.*, i.path
from attendees a
inner join images i ON i.id_images = a.id_attendees
where a.Surname like '%$term%' or a.Name like'%$term%'"
要进一步了解这一点,请查看mysql_connect(“localhost”、“xxx”、“xxx”)或die(mysql_error())
mysql_select_db(“xxx”);
$term=$_POST['term'];
$sql=mysql\u query(“从与会者t1中选择t1.*,t2.*,然后在t1.id\u Attendeers=t2.id\u图像中选择t1.姓氏如“%$term%”或t1.姓名如“%$term%”);
while($row=mysql\u fetch\u数组($sql)){
回显“
名称:”.$row['Name'];
回显“
姓氏:”.$row[“姓氏];
回显“
电子邮件:”.$row['email'];
回显“
图像:”;
回音“
”;
}
您的代码极易受SQL注入攻击!查看并准备好语句。如果另一个表中有值,则仅使用内部联接,否则不会返回任何行。如果不确定是否有行,请使用左联接或右联接
mysql_connect ("localhost", "xxx","xxx") or die (mysql_error());<p>
mysql_select_db ("xxx");
$term = $_POST['term'];
$sql = mysql_query("SELECT t1.*, t2.* FROM attendees t1 LEFT JOIN images t2 ON t1.id_attendees=t2.id_images WHERE t1.Surname LIKE '%$term%' OR t1.Name LIKE'%$term%' ");
while ($row = mysql_fetch_array($sql)){
echo '<br/> Name: '.$row['Name'];
echo '<br/> Last Name: '.$row['Surname'];
echo '<br/> E-Mail: '.$row['email'];
echo '<br/> Image: <img alt="img" src="' . $row['path'] . '">';
echo '<br/><br/>';
}