Php MySQL Select查询参数之间的多个变量,变量不起作用
我正在开发一个应用程序,对于给定的位置(坐标lat/long对),它显示位于给定起始位置的给定半径内的所有实体(从数据库中提取)Php MySQL Select查询参数之间的多个变量,变量不起作用,php,mysql,sql,Php,Mysql,Sql,我正在开发一个应用程序,对于给定的位置(坐标lat/long对),它显示位于给定起始位置的给定半径内的所有实体(从数据库中提取) $sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'"; 我已经测试过了,我用来查找最近位置的逻辑非常有
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
我已经测试过了,我用来查找最近位置的逻辑非常有效。然而,在与MySQL表通信的PHP脚本中,我遇到了一个问题
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
这是我正在尝试的查询,没有从表中得到任何结果:
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
但是,通过回显$lat1、$lat2、$lon1和$lon2,我知道它们包含有效值(这应该会产生查询结果)(仅供参考:这4个变量表示给定位置的半径平方;纬度和经度是表中的列。)
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
但是,这是可行的(只是在值中硬编码,不使用$lon2变量引用它:
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
$sql = "SELECT * FROM cashbackengine_merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND **-90.2745** AND category='$merchCategory'";
正如这一点:
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
$sql = "SELECT * FROM cashbackengine_merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN **-90.64484** AND '$lon2' AND category='$merchCategory'";
但纬度一点问题都没有。我强烈感觉这与语法有关,而且可能非常简单。非常感谢任何帮助!试试这个
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN $lon1 AND $lon2 AND category='$merchCategory'";
我不确定,但我认为这是因为BETWEEN需要两个数字作为您的案例,您将其作为字符串传递'$lon'
。当您硬编码一个值时,另一个值将自动转换为数字值
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";
旁注:查看准备好的语句(best)或转义字符串,因为如果用户正在输入lat/lon值,这将打开sql注入。变量应该绑定到准备好的语句,而不是注入到查询中。此页面上共享潜在的不安全性。
$sql = "SELECT * FROM merchants WHERE latitude BETWEEN '$lat1' AND '$lat2' AND longitude BETWEEN '$lon1' AND -90.2745 AND category='$merchCategory'";