选择会话id为且语法正确的php函数时出错
晚上好,我正在做大学作业,我在显示仅显示与会话id相关的项目列表时遇到问题 我想我做错了选择会话id为且语法正确的php函数时出错,php,mysql,sql,Php,Mysql,Sql,晚上好,我正在做大学作业,我在显示仅显示与会话id相关的项目列表时遇到问题 我想我做错了 $query = $db->prepare("SELECT * FROM tbBiodata where idfunc like '%$currentUser['id']%' "); 此变量的id为:$currentUser['id'] 我在页面的开头使用以下代码来输入变量: $currentUser = $user->getUser(); 和展览清单 <?php requi
$query = $db->prepare("SELECT * FROM tbBiodata where idfunc like '%$currentUser['id']%' ");
$currentUser = $user->getUser();
<?php
require_once "db.php";
require_once "User.php";
// Create a user object
$user = new User($db);
// If not logged in
if(!$user->isLoggedIn()){
header("location: login.php"); //Redirect to the login page
}
// Retrieve current user data
$currentUser = $user->getUser();
//===============
// Create a prepared statement to retrieve all data from tbBiodata
$query = $db->prepare("SELECT * FROM tbBiodata where idfunc like '%$currentUser['id']%' ");
// Run the SQL command
$query->execute();
// Take all data and enter variable $ data
$data = $query->fetchAll();
?>
当变量包含带引号的数组索引时,需要将其放入{}
中:
$query = $db->prepare("SELECT * FROM tbBiodata where idfunc like '%{$currentUser['id']}%' ");
但是,最好使用参数而不是替换变量
$query = $db->prepare("SELECT * FROM tbBiodata where idfunc like CONCAT('%', :id, '%') ");
$query->bindParam(":id", $currentUser['id']);
<h3>hi<font color="red"><?php echo $currentUser['nama'] ?></font>, <a href="logout.php">Logout</a></h3>
$query = $db->prepare("SELECT * FROM tbBiodata where idfunc like '%{$currentUser['id']}%' ");
$query = $db->prepare("SELECT * FROM tbBiodata where idfunc like CONCAT('%', :id, '%') ");
$query->bindParam(":id", $currentUser['id']);