Php echo中的Sql SELECT语句
我想获得进行交易的会员的信息。在页面中,成员信息我只有他们在会话中的用户名,例如Php echo中的Sql SELECT语句,php,mysql,session,Php,Mysql,Session,我想获得进行交易的会员的信息。在页面中,成员信息我只有他们在会话中的用户名,例如$member\u name=$\u session['member\u name'] <?php include_once("config.php"); if(isset($_SESSION["products"])) { $member_name = $_SESSION['member_name']; $total = 0; echo '<form action="cart-p
$member\u name=$\u session['member\u name']
<?php
include_once("config.php");
if(isset($_SESSION["products"])) {
$member_name = $_SESSION['member_name'];
$total = 0;
echo '<form action="cart-post-config.php" enctype="multipart/form-data" method="POST">';
foreach ($_SESSION["products"] as $cart_itm) {
echo '<tr>';
echo '<td></td>';
<!---- THIS IS WHERE I PUT THE INFO OF USERNAME ---->
echo '<input type="hidden" name="member_name" value="'.$member_name.'"/>';
echo '<td><input type="text" readonly name="product_name[]" value="'.$cart_itm["name"].'"/></td>';
echo '<td><input type="text" readonly name="product_price[]" value="'.$cart_itm["price"].'"/></td>';
echo '<td><input type="text" readonly name="product_quantity[]" value="'.$cart_itm["qty"].'"/></td>';
$totalPerEach = ($cart_itm["price"]*$cart_itm["qty"]);
echo '<td><input type="text" readonly name="product_eachTotal[]" value="'.$totalPerEach.'"/></td>';
echo '<td>View Save Delete</td>';
echo '</tr>';
}
将您试图在函数中引入的功能包装起来,然后调用它
范例
function getMyUserData($member_name) {
$myUserDataString = false; // Default value.
// your database connectivity
$dbconn = new mysqli('server','user','password','database');
// Sanitize your input to avoid SQL injection issues.
$member_name = $dbconn->real_escape_string($member_name);
// your sql statement
//It would be better to use a unique id instead of a name.
$sql = "SELECT `password`, `address` FROM `USERS` WHERE " .
"`member_name` = '$member_name' LIMIT 1";
// execute query
$result = $dbconn->query($sql);
// check for query result
if(is_object($result) && $result->num_rows > 0) {
// Get data from result.
$myUserData = $result->fetch_assoc();
// Free the result
$result->free;
// Access the fields you wanted
$myUserDataString = "My user address: " . htmlentities($myUserData['address']);
//You may echo the string here to cause the function to output your text
// or return the value and echo it. In this case we will return the value.
}
return $myUserDataString;
}
echo getMyUserData($_SESSION['member_name']);
我希望这有帮助
另外,将密码返回给客户端通常不是一个好主意。尝试使用哈希或密码进行单向加密
有关详细信息,请参见以下链接:
在回显之前执行查询。嗯,您可以回显任何需要的sql语句。毕竟,sql只是文本。如果您想执行该查询并回显结果,则完全不同。请参阅@showdev,谢谢。我可以在回显之前编写两个sql select语句吗。例如,在回显之前,我已经执行了第一条语句:select from table_one{query here}
,然后我将执行第二条查询:select from table_one{query here}
?当然,尽管您可以将它们组合成一个查询。取决于您选择的内容。我建议你尝试一下,然后告诉我们你尝试了什么,哪里出了问题。嗨,乔尔·卡顿,非常感谢你的回答。但是这个函数是在echo内部编写的,就像echo'over function'或者什么?你可以回显getMyUserData($\u会话['member\u name'])
输出您在函数中分配给$MyUserDataString
的字符串。Echo只输出您给定的字符串,而不管您是如何创建的。因此回显“我的字符串”;被视为与echo$MyStringVariable;相同。我们正在函数中从数据库查询结果创建字符串。查看php手册中的更多信息。我在这一行中有一个错误:if(is_object($result&&$result->num_rows>0){
很抱歉@klaudia。我应该在IDE中编写代码示例。我没有用关闭is_对象调用)。将其更改为if(is_object($result)&&$result->num_rows>0){
它会起作用的。没关系。我使用了不同的方法。非常感谢你的帮助。我非常感谢。谢谢。)
function getMyUserData($member_name) {
$myUserDataString = false; // Default value.
// your database connectivity
$dbconn = new mysqli('server','user','password','database');
// Sanitize your input to avoid SQL injection issues.
$member_name = $dbconn->real_escape_string($member_name);
// your sql statement
//It would be better to use a unique id instead of a name.
$sql = "SELECT `password`, `address` FROM `USERS` WHERE " .
"`member_name` = '$member_name' LIMIT 1";
// execute query
$result = $dbconn->query($sql);
// check for query result
if(is_object($result) && $result->num_rows > 0) {
// Get data from result.
$myUserData = $result->fetch_assoc();
// Free the result
$result->free;
// Access the fields you wanted
$myUserDataString = "My user address: " . htmlentities($myUserData['address']);
//You may echo the string here to cause the function to output your text
// or return the value and echo it. In this case we will return the value.
}
return $myUserDataString;
}
echo getMyUserData($_SESSION['member_name']);