Php SQL联接不返回任何结果
这是可行的,但我需要更多表中的数据Php SQL联接不返回任何结果,php,mysql,sql,Php,Mysql,Sql,这是可行的,但我需要更多表中的数据 if(isset($_GET['id']) && $_GET['id'] != null) { $id = $_GET['id']; $sql = "SELECT `maps.name`, `maps.description`, `maps.date`, `maps.mcversion`, `maps.mapid`, `maps.category`, `maps.fo
if(isset($_GET['id']) && $_GET['id'] != null) {
$id = $_GET['id'];
$sql = "SELECT
`maps.name`,
`maps.description`,
`maps.date`,
`maps.mcversion`,
`maps.mapid`,
`maps.category`,
`maps.format`,
`users.username`,
`users.rank`,
`users.verified`,
`users.mcusername`,
COUNT(`views.mapid`) AS `views`,
COUNT(`likes.mapid`) AS `likes`,
COUNT(`downloads.mapid`) AS `downloads`,
COUNT(`subscribes.channelid`) AS `subscribers`
FROM `maps` INNER JOIN `users` ON `maps.userid` = `users.id`
INNER JOIN `views` ON `maps.mapid` = `views.mapid`
INNER JOIN `likes` ON `maps.mapid` = `likes.mapid`
INNER JOIN `downloads` ON `maps.mapid` = `downloads.mapid`
INNER JOIN `subscribe` ON `mapid.userid` = `subscribe.channelid`
WHERE `maps.mapid` = '$id'";
$result = mysqli_query($con,$sql);
if (mysqli_num_rows($result) > 0) {
echo “success”;
} else {
header("LOCATION: index.php");
}
$sql = "SELECT * FROM `maps` WHERE `id`=$id";
$result = mysqli_query($con,$sql);
if (mysqli_num_rows($result) > 0) {
viewer($id);
} else {
header("LOCATION: index.php");
}
$sql=“SELECT*FROM-maps,其中id=$id”一切正常,但我也需要其他表中的数据。解决方案:
$sql = "SELECT
`maps.name`,
`maps.description`,
`maps.date`,
`maps.mcversion`,
`maps.mapid`,
`maps.category`,
`maps.format`,
`users.username`,
`users.rank`,
`users.verified`,
`users.mcusername`,
COUNT(`views.mapid`) AS `views`,
COUNT(`likes.mapid`) AS `likes`,
COUNT(`downloads.mapid`) AS `downloads`,
COUNT(`subscribes.channelid`) AS `subscribers`
FROM `maps`
INNER JOIN `users` ON `maps.userid` = `users.id`
INNER JOIN `views` ON `maps.mapid` = `views.mapid`
INNER JOIN `likes` ON `maps.mapid` = `likes.mapid`
INNER JOIN `downloads` ON `maps.mapid` = `downloads.mapid`
INNER JOIN `subscribe` ON `mapid.userid` = `subscribe.channelid`
WHERE `maps.mapid` = '$id'";
谢谢你的帮助 解决方案:
$sql = "SELECT
`maps.name`,
`maps.description`,
`maps.date`,
`maps.mcversion`,
`maps.mapid`,
`maps.category`,
`maps.format`,
`users.username`,
`users.rank`,
`users.verified`,
`users.mcusername`,
COUNT(`views.mapid`) AS `views`,
COUNT(`likes.mapid`) AS `likes`,
COUNT(`downloads.mapid`) AS `downloads`,
COUNT(`subscribes.channelid`) AS `subscribers`
FROM `maps`
INNER JOIN `users` ON `maps.userid` = `users.id`
INNER JOIN `views` ON `maps.mapid` = `views.mapid`
INNER JOIN `likes` ON `maps.mapid` = `likes.mapid`
INNER JOIN `downloads` ON `maps.mapid` = `downloads.mapid`
INNER JOIN `subscribe` ON `mapid.userid` = `subscribe.channelid`
WHERE `maps.mapid` = '$id'";
谢谢你的帮助 如果您想保护一个复杂的sql语句,您会如何做?
这个版本可以吗
$sql = "SELECT
maps.name,
maps.description,
maps.date,
maps.mcversion,
maps.mapid,
maps.category,
maps.format,
users.username,
users.rank,
users.verified,
users.mc_username,
(SELECT COUNT(*) FROM likes WHERE likes.mapid = maps.id) AS likes,
(SELECT COUNT(*) FROM downloads WHERE downloads.mapid = maps.id) AS downloads,
(SELECT COUNT(*) FROM subscribe WHERE subscribe.channelid = maps.userid) AS subscribers,
(SELECT COUNT(*) FROM views WHERE views.mapid = maps.id) AS viewers
FROM maps
INNER JOIN users
ON maps.userid = users.id
WHERE maps.id = '$id'";
数据库连接:
if(isset($_GET['id']) && $_GET['id'] != null) {
$id = $_GET['id'];
$stmt = $mysqli->prepare('SELECT id FROM maps WHERE id = ?');
$stmt->bind_param('i', $id);
$stmt->execute();
$result = $stmt->get_result();
if (mysqli_num_rows($result) == 1) {
$row = $result->fetch_assoc();
$secid = $row["id"];
} else {
echo "error2";
}
$sql = "SELECT
maps.name,
maps.description,
maps.date,
maps.mcversion,
maps.mapid,
maps.category,
maps.format,
users.username,
users.rank,
users.verified,
users.mc_username,
(SELECT COUNT(*) FROM likes WHERE likes.mapid = maps.id) AS likes,
(SELECT COUNT(*) FROM downloads WHERE downloads.mapid = maps.id) AS downloads,
(SELECT COUNT(*) FROM subscribe WHERE subscribe.channelid = maps.userid) AS subscribers,
(SELECT COUNT(*) FROM views WHERE views.mapid = maps.id) AS viewers
FROM maps
INNER JOIN users
ON maps.userid = users.id
WHERE maps.id = '$secid'";
$result = mysqli_query($con,$sql);
if (mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
echo $row["name"];
} else {
echo "error3";
}
} else {
echo "error1";
}
如果您想保护一个复杂的sql语句,您将如何做?
这个版本可以吗
$sql = "SELECT
maps.name,
maps.description,
maps.date,
maps.mcversion,
maps.mapid,
maps.category,
maps.format,
users.username,
users.rank,
users.verified,
users.mc_username,
(SELECT COUNT(*) FROM likes WHERE likes.mapid = maps.id) AS likes,
(SELECT COUNT(*) FROM downloads WHERE downloads.mapid = maps.id) AS downloads,
(SELECT COUNT(*) FROM subscribe WHERE subscribe.channelid = maps.userid) AS subscribers,
(SELECT COUNT(*) FROM views WHERE views.mapid = maps.id) AS viewers
FROM maps
INNER JOIN users
ON maps.userid = users.id
WHERE maps.id = '$id'";
数据库连接:
if(isset($_GET['id']) && $_GET['id'] != null) {
$id = $_GET['id'];
$stmt = $mysqli->prepare('SELECT id FROM maps WHERE id = ?');
$stmt->bind_param('i', $id);
$stmt->execute();
$result = $stmt->get_result();
if (mysqli_num_rows($result) == 1) {
$row = $result->fetch_assoc();
$secid = $row["id"];
} else {
echo "error2";
}
$sql = "SELECT
maps.name,
maps.description,
maps.date,
maps.mcversion,
maps.mapid,
maps.category,
maps.format,
users.username,
users.rank,
users.verified,
users.mc_username,
(SELECT COUNT(*) FROM likes WHERE likes.mapid = maps.id) AS likes,
(SELECT COUNT(*) FROM downloads WHERE downloads.mapid = maps.id) AS downloads,
(SELECT COUNT(*) FROM subscribe WHERE subscribe.channelid = maps.userid) AS subscribers,
(SELECT COUNT(*) FROM views WHERE views.mapid = maps.id) AS viewers
FROM maps
INNER JOIN users
ON maps.userid = users.id
WHERE maps.id = '$secid'";
$result = mysqli_query($con,$sql);
if (mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
echo $row["name"];
} else {
echo "error3";
}
} else {
echo "error1";
}
一次删除一个联接,直到得到结果。然后找出您刚才删除的内容找不到预期匹配项的原因。您需要删除背景标记(并确保没有使用任何保留字),或者需要正确使用它们。需要在表名周围设置一个集合,在列名周围设置另一个集合。`maps.name`
不正确。它应该是`maps`.`name`
。对于所有其他类似的实例,情况也是如此。我不能用其他方式来表达。警告:您完全可以使用参数化的预处理语句,而不是手动生成查询。它们由或提供。永远不要相信任何类型的输入,尤其是来自客户端的输入。即使您的查询仅由受信任的用户执行,也要一次删除一个联接,直到得到结果。然后找出您刚才删除的内容找不到预期匹配项的原因。您需要删除背景标记(并确保没有使用任何保留字),或者需要正确使用它们。需要在表名周围设置一个集合,在列名周围设置另一个集合。`maps.name`
不正确。它应该是`maps`.`name`
。对于所有其他类似的实例,情况也是如此。我不能用其他方式来表达。警告:您完全可以使用参数化的预处理语句,而不是手动生成查询。它们由或提供。永远不要相信任何类型的输入,尤其是来自客户端的输入。即使您的查询仅由受信任的用户执行,。警告:您完全可以使用参数化的预处理语句,而不是手动生成查询。它们由或提供。永远不要相信任何类型的输入,尤其是来自客户端的输入。即使您的查询仅由受信任的用户执行,。您是否说此选择查询可能不安全?您能否提供一个类似的sql选择查询,该查询也会执行相同的操作,但处于安全模式?我真的很想学习!:)用占位符替换“$id”
,然后绑定数据。不要在SQL中放入任何变量。哦,我开始理解了,直到现在我才使用了一个简单的函数,从插入到表中的字符串中删除特殊字符。您能告诉我如何绑定它吗?警告:您对参数化预处理语句非常开放,应该真正使用参数化预处理语句,而不是手动构建查询。它们由或提供。永远不要相信任何类型的输入,尤其是来自客户端的输入。即使您的查询仅由受信任的用户执行,。您是否说此选择查询可能不安全?您能否提供一个类似的sql选择查询,该查询也会执行相同的操作,但处于安全模式?我真的很想学习!:)用占位符替换“$id”
,然后绑定数据。不要在SQL中放入任何变量。哦,我开始理解了,直到现在我才使用了一个简单的函数,从插入到表中的字符串中删除特殊字符。你能告诉我怎么装订吗?