Php 无法获取数据
我正在使用此代码从数据库中获取数据,我正在正确获取Php 无法获取数据,php,mysql,sql,Php,Mysql,Sql,我正在使用此代码从数据库中获取数据,我正在正确获取$data但我没有正确获取此变量中的数据$seldata为什么会这样 <?php include_once("includes/connection.php"); include_once("includes/session.php"); //echo $_SESSION['uid']; $sql="SELECT * FROM employee WHERE eid = '{$_GET['id']}'";
$data$seldata<?php
include_once("includes/connection.php");
include_once("includes/session.php");
//echo $_SESSION['uid'];
$sql="SELECT * FROM employee WHERE eid = '{$_GET['id']}'";
$result=mysql_query($sql);
$data=mysql_fetch_array($result);
echo "data".$data;
$sel_valsql="select * FROM selected_candidate WHERE eid = '{$_GET['id']}'";
$sresult=mysql_query($sel_valsql);
$seldata=mysql_fetch_array($sresult);
echo "seledata".$seldata;
?>
试试这个
$sql = "SELECT * FROM employee WHERE eid = '" . $_GET['id'] . "'";
$sql = "SELECT * FROM employee WHERE eid = '" . $_GET['id'] . "'";
作为旁注,如果值来自外部,则使用SQL注入
时查询易受攻击。请看下面的文章,了解如何预防它。通过使用PreparedStatements,可以避免在值周围使用单引号
从where条件中删除单引号,即
$sql="SELECT * FROM employee WHERE eid = {$_GET['id']}";
或者像这样做:
您正在使用并且应该使用。你也很容易受到现代API的影响。我尝试了print\r($seldata)
,但它没有显示任何结果,但当我使用print\r($data)
时,我通过执行mysql\u num\u rows($sresult)来正确获取结果,并查看它是否给出了任何大于0的数字。如果没有,那么数据库中可能没有匹配的记录。
<?php
include_once("includes/connection.php");
include_once("includes/session.php");
//echo $_SESSION['uid'];
$sql="SELECT * FROM employee WHERE eid = '".$_GET['id']."'";
$result=mysql_query($sql);
$data=mysql_fetch_array($result);
echo "data".$data;
$sel_valsql="select * FROM selected_candidate WHERE eid = '".$_GET['id']."'";
$sresult=mysql_query($sel_valsql);
$seldata=mysql_fetch_array($sresult);
echo "seledata".$seldata;
?>