PHP分页问题_Php_Mysql_Pagination

PHP分页问题

php mysql pagination

PHP分页问题,php,mysql,pagination,Php,Mysql,Pagination,我在很多网站上搜索过，尝试过网上提供的不同方式，但都看不到效果。单击“下一步”、“最后一步”、“第一步”、“上一步”时，它不会加载信息。它只加载第一页的结果。请帮忙！先谢谢你 function retrieveName($fieldName) { $i=1; if(isset($_GET[$fieldName])) { mysql_connect("localhost", "root") or die(mysql_error());

我在很多网站上搜索过，尝试过网上提供的不同方式，但都看不到效果。单击“下一步”、“最后一步”、“第一步”、“上一步”时，它不会加载信息。它只加载第一页的结果。请帮忙！先谢谢你

function retrieveName($fieldName)
{   
    $i=1;
    if(isset($_GET[$fieldName]))
    {
        mysql_connect("localhost", "root") or die(mysql_error());           
        mysql_select_db("intern") or die(mysql_error()); 


         //This checks to see if there is a page number. If not, it will set it to page 1 

         if (!(isset($pagenum))) 

         { 

         $pagenum = 1; 

         } 

         //Here we count the number of results 

         $intern = $_GET[$fieldName];
         $data = mysql_query("SELECT p.`internName`, p.`internNRIC`, c.`internSchName` FROM `personaldetails` p, `currentinstitution` c WHERE c.`internNRIC`= p.`internNRIC` AND p.`internName` like '%$intern%' || p.`internNRIC` like '%$intern%' || c.`internSchName` like '%$intern%' GROUP BY p.internNRIC") or die(mysql_error()); 

         $rows = mysql_num_rows($data); 

         //This is the number of results displayed per page 

         $page_rows = 1;            


         //This tells us the page number of our last page 

         $last = ceil($rows/$page_rows); 

         //this makes sure the page number isn't below one, or more than our maximum pages 

         if ($pagenum < 1) 

         { 

         $pagenum = 1; 

         } 

         elseif ($pagenum > $last) 

         { 

         $pagenum = $last; 

         } 

         //This sets the range to display in our query 

         $max = 'LIMIT ' .($pagenum - 1) * $page_rows .',' .$page_rows; 

    PRODUCTION.   //This is your query again, the same one... the only difference is we add $max into it

         $data_p = mysql_query("SELECT p.`internName`, p.`internNRIC`, c.`internSchName` FROM `personaldetails` p, `currentinstitution` c WHERE c.`internNRIC`= p.`internNRIC` AND p.`internName` like '%$intern%' || p.`internNRIC` like '%$intern%' || c.`internSchName` like '%$intern%' GROUP BY p.internNRIC $max ") or die(mysql_error()); 


         //This is where you display your query results

         while($row = mysql_fetch_array( $data_p )) 
         {      
            echo $i. ".";
            echo " NRIC : <a href='InternInfo.php?id='" . $row['internNRIC'] . ">".$row['internNRIC'] ."</a>";
            echo "</br><br/>";
            echo "  Name : ". $row['internName'] . "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Name of School :" . $row['internSchName'];
            echo "</br><br/>";              
            $i++;                       
         } 

         echo "<p>";


         // This shows the user what page they are on, and the total number of pages

         echo " --Page $pagenum of $last-- <p>";


         // First we check if we are on page one. If we are then we don't need a link to the previous page or the first page so we do nothing. If we aren't then we generate links to the first page, and to the previous page.

         if ($pagenum == 1) 

         {

         } 

         else 

         {
            echo " <a href='{$_SERVER['PHP_SELF']}?pagenum=1&searchIntern=$intern'> <<-First</a> ";             
            echo "---Interns Search---";            
            $previous = $pagenum-1;         
            echo " <a href='{$_SERVER['PHP_SELF']}?pagenum=$previous&searchIntern=$intern'> <-Previous</a> ";           

         } 

         //This does the same as above, only checking if we are on the last page, and then generating the Next and Last links

         if ($pagenum == $last) 

         {

         } 

         else
         {          
            $next = $pagenum+1;             
            echo " <a href='{$_SERVER['PHP_SELF']}?pagenum=$next&searchIntern=$intern'>Next -></a> ";           
            echo "---Interns Search---";            
            echo " <a href='{$_SERVER['PHP_SELF']}?pagenum=$last&searchIntern=$intern'>Last ->></a> ";

         } 
    }else echo "Please enter your search.";
}

这不是百分之百的道理，但当您想使用参数good idea或全局变量，如$\u GET['pagenum']时，您似乎在使用$pagenum的局部变量。您还将自己留给SQL注入。对所有需要在$intern等查询中使用的变量使用mysql\u real\u escape\u string。

正如@cwallenpole所说，看起来$pagenum的作用域在函数之外，我猜函数是在假设register\u globals处于打开状态（通常是打开状态）的情况下编写的。我已经看到，在将旧的继承站点移动到新服务器时，这会导致很多问题

要解决该特定问题，请更换：

     if (!(isset($pagenum))) 

     { 

     $pagenum = 1; 

     }

为此：

$pagenum = isset($_REQUEST['pagenum']) ?
    (int)$_REQUEST['pagenum'] :
    1;

这将$pagenum设置为请求的pagenum值，如果请求中没有页码，则默认为1。它还将值转换为int，至少应该停止一个注入攻击向量。函数的其余部分是另一回事…

我接受了您的建议，添加了$pagenum=$\u GET['pagenum']if！isset$pagenum{$pagenum=1；}$pagenum=$\u GET['pagenum']；//这里我们计算结果的数量$intern=$\u GET[$fieldName]；$data=mysql\u query从personaldetails p中选择p.internName、p.internNRIC、c.internstchname，其中c.internNRIC=p.internNRIC和p.internName类似于“%$intern%”| p.internNRIC类似于“%$intern%”p.internNRIC；您正在URL中传递pagenum吗？例如：yoursite.thing/index.php？pagenum=1OR，您是否使用$pagenum=isset$\u GET['pagenum']？$\u GET['pagenum']：1；在URL中传递它时，您的代码似乎没有准备好进行SQL注入。