Php ';在';带有多个'的子句;和';条件
我有一个SQL查询,返回的结果不正确Php ';在';带有多个'的子句;和';条件,php,sql,Php,Sql,我有一个SQL查询,返回的结果不正确 " SELECT * FROM directory WHERE '".$_REQUEST['occupation']."' IN (occupation,pro_cat1,pro_cat2,pro_cat3,pro_cat4,pro_cat5) AND state = '".$_REQUEST['state']."' AND city = '".$_REQUEST['city']."' AND status = 1 ORDER BY rand() " 这里
" SELECT * FROM directory WHERE '".$_REQUEST['occupation']."' IN (occupation,pro_cat1,pro_cat2,pro_cat3,pro_cat4,pro_cat5) AND state = '".$_REQUEST['state']."' AND city = '".$_REQUEST['city']."' AND status = 1 ORDER BY rand() "
occulationin中添加更多的子句,其中和它确实返回了一个结果,但它是不正确的。哪里出错了?如果要查找的值是字符串,则需要引用它们:
... IN ('occupation','pro_cat1','pro_cat2','pro_cat3','pro_cat4','pro_cat5') ...
^ here ^ etc.
... directory where `".$_REQUEST['occupation']."` IN ...
^ here ^
还请注意,无法准备表名和列名,因此在将它们插入查询之前,它们必须始终以白色列出。如果要查找的值是字符串,则需要引用它们:
... IN ('occupation','pro_cat1','pro_cat2','pro_cat3','pro_cat4','pro_cat5') ...
^ here ^ etc.
... directory where `".$_REQUEST['occupation']."` IN ...
^ here ^
还要注意的是,表名和列名无法准备好,因此在将它们注入查询之前,必须将它们列为白名单。
它给了我一个结果,但它不是正确的结果。它给了我一个结果,但不是一个正确的结果