如何通过文本框在PHP中执行查询
我想使用PHP通过HTML中的文本框区域执行查询。我知道这很容易被SQL注入,但我并不担心这一点。下面是我当前代码的一部分如何通过文本框在PHP中执行查询,php,html,mysql,sql,database,Php,Html,Mysql,Sql,Database,我想使用PHP通过HTML中的文本框区域执行查询。我知道这很容易被SQL注入,但我并不担心这一点。下面是我当前代码的一部分 <?php mysql_connect($host, $username, $password)or die("cannot connect"); mysql_select_db($db_name)or die("cannot select DB"); $query = "SELECT * FROM members"; // **I want to pass t
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>
SQL输出:
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>
您已将文本框命名为SQL而不是消息
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>
正如您已经指出的,这很容易被SQL注入,因此非常不鼓励使用。替换此-$query=SELECT*FROM members
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>
使用此-$query=$\u请求['SQL'] 我不会任性地允许SQL注入。
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>
这就是如何将一个值从文本字段传递到php脚本,从而允许您在查询中使用它
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>
你需要设置你的表单
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>
<form action="process.php" method="POST">
<input type="text" name="the-field">
<input type="submit" name="submit" value="Submit">
</form>
我强烈建议使用或替代已贬值的mysql_*函数
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>
以下是一些您可以遵循的示例:
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>
下面是一个PDO查询的示例
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>
<?php
$db = new PDO('mysql:host=localhost;dbname=testdb;charset=utf8', 'username', 'password');
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$stmt = $db->prepare("SELECT * FROM table WHERE id=? AND name=?");
$stmt->execute(array($id, $name));
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
您的问题是什么?如何将HTML文本框中的查询从php传递到php代码->$query=$\u REQUEST['message'];我正在接收输出资源id 4,您要回显什么?在使用类似MySQL\u fetch\u assocyep的东西实际获取行之前,您可能试图回显MySQL句柄或resultset,例如$result变量-您是对的。。非常感谢。如果我想将其应用于多个数据库,那么我不必指定$row,例如,$row=mysql\u fetch\u array$result{echo.$row['username']..$row['password'];您认为最好的方法是什么?您是指多个表吗?因此您希望传入一个查询并显示整个结果集?这很好..谢谢!
<?php
mysql_connect($host, $username, $password)or die("cannot connect");
mysql_select_db($db_name)or die("cannot select DB");
$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
echo $row['username'] . $row['password'];
}
?>