Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/redis/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php MySQL Select查询参数之间的多个变量,变量不起作用_Php_Mysql_Sql - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php MySQL Select查询参数之间的多个变量,变量不起作用

Php MySQL Select查询参数之间的多个变量,变量不起作用

php mysql sql

Php MySQL Select查询参数之间的多个变量,变量不起作用,php,mysql,sql,Php,Mysql,Sql,我正在开发一个应用程序,对于给定的位置(坐标lat/long对),它显示位于给定起始位置的给定半径内的所有实体(从数据库中提取) $sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'"; 我已经测试过了,我用来查找最近位置的逻辑非常有

我正在开发一个应用程序,对于给定的位置(坐标lat/long对),它显示位于给定起始位置的给定半径内的所有实体(从数据库中提取)

$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
我已经测试过了,我用来查找最近位置的逻辑非常有效。然而,在与MySQL表通信的PHP脚本中,我遇到了一个问题

$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
这是我正在尝试的查询,没有从表中得到任何结果:

$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
但是,通过回显$lat1、$lat2、$lon1和$lon2,我知道它们包含有效值(这应该会产生查询结果)(仅供参考:这4个变量表示给定位置的半径平方;纬度和经度是表中的列。)

$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
但是,这是可行的(只是在值中硬编码,不使用$lon2变量引用它:

$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";           

$sql = "SELECT * FROM cashbackengine_merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND **-90.2745** AND category='$merchCategory'";
正如这一点:

$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";           

$sql = "SELECT * FROM cashbackengine_merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN **-90.64484** AND '$lon2' AND category='$merchCategory'";
但纬度一点问题都没有。我强烈感觉这与语法有关,而且可能非常简单。非常感谢任何帮助!

试试这个

$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";           

$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN $lon1 AND $lon2 AND category='$merchCategory'";
我不确定,但我认为这是因为BETWEEN需要两个数字作为您的案例,您将其作为字符串传递
'$lon'
。当您硬编码一个值时,另一个值将自动转换为数字值

$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
旁注:查看准备好的语句(best)或转义字符串,因为如果用户正在输入lat/lon值,这将打开sql注入。

变量应该绑定到准备好的语句,而不是注入到查询中。此页面上共享潜在的不安全性。 
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";