Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/248.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何通过文本框在PHP中执行查询_Php_Html_Mysql_Sql_Database - Fatal编程技术网
Fatal编程技术网
  • php/
  • 如何通过文本框在PHP中执行查询

如何通过文本框在PHP中执行查询

php html mysql sql database

如何通过文本框在PHP中执行查询,php,html,mysql,sql,database,Php,Html,Mysql,Sql,Database,我想使用PHP通过HTML中的文本框区域执行查询。我知道这很容易被SQL注入,但我并不担心这一点。下面是我当前代码的一部分 <?php mysql_connect($host, $username, $password)or die("cannot connect"); mysql_select_db($db_name)or die("cannot select DB"); $query = "SELECT * FROM members"; // **I want to pass t

我想使用PHP通过HTML中的文本框区域执行查询。我知道这很容易被SQL注入,但我并不担心这一点。下面是我当前代码的一部分

<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>
SQL输出:

<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>
您已将文本框命名为SQL而不是消息

<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>
正如您已经指出的,这很容易被SQL注入,因此非常不鼓励使用。

替换此-$query=SELECT*FROM members

<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>
使用此-$query=$\u请求['SQL']

我不会任性地允许SQL注入。 
<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>
这就是如何将一个值从文本字段传递到php脚本,从而允许您在查询中使用它

<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>
你需要设置你的表单

<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>

<form action="process.php" method="POST">
    <input type="text" name="the-field">
    <input type="submit" name="submit" value="Submit">
</form>
我强烈建议使用或替代已贬值的mysql_*函数

<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>
以下是一些您可以遵循的示例:

<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>
下面是一个PDO查询的示例

<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>

<?php
$db = new PDO('mysql:host=localhost;dbname=testdb;charset=utf8', 'username', 'password');
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$stmt = $db->prepare("SELECT * FROM table WHERE id=? AND name=?");
$stmt->execute(array($id, $name));
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);

您的问题是什么?如何将HTML文本框中的查询从php传递到php代码->$query=$\u REQUEST['message'];我正在接收输出资源id 4,您要回显什么?在使用类似MySQL\u fetch\u assocyep的东西实际获取行之前,您可能试图回显MySQL句柄或resultset,例如$result变量-您是对的。。非常感谢。如果我想将其应用于多个数据库,那么我不必指定$row,例如,$row=mysql\u fetch\u array$result{echo.$row['username']..$row['password'];您认为最好的方法是什么?您是指多个表吗?因此您希望传入一个查询并显示整个结果集?这很好..谢谢! 
<?php

mysql_connect($host, $username, $password)or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

$query = "SELECT * FROM members"; // **I want to pass the query from a textbox value **

$result = mysql_query($query);

while($row = mysql_fetch_array($result)) {  
    echo $row['username'] . $row['password']; 

}

?>