Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/mysql/59.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php $\u从两个表中获取[ID]_Php_Mysql - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php $\u从两个表中获取[ID]

Php $\u从两个表中获取[ID]

php mysql

Php $\u从两个表中获取[ID],php,mysql,Php,Mysql,我目前正在尝试从两个不同的表中获取两段数据,并以编辑类型的格式显示它们 我可以使用$_get[id]变量作为使用incidentID主键引用的一种方式来获取要显示的事件或位置。我曾考虑设置数据库自动顺序,以便事件和位置能够同步,但这并不是一个真正的解决方案 如何使用$\u GET[id]变量调用两个不同的表 代码如下所示,顺便说一句,我知道我的sql是开放供注入的,我应该因为不使用PDO而受到惩罚 如果有帮助的话,我可以添加DB结构,但我更愿意将DB结构保留在当前的位置 首先搜索数据 归档。”\

我目前正在尝试从两个不同的表中获取两段数据,并以编辑类型的格式显示它们

我可以使用$_get[id]变量作为使用incidentID主键引用的一种方式来获取要显示的事件或位置。我曾考虑设置数据库自动顺序,以便事件和位置能够同步,但这并不是一个真正的解决方案

如何使用$\u GET[id]变量调用两个不同的表

代码如下所示,顺便说一句,我知道我的sql是开放供注入的,我应该因为不使用PDO而受到惩罚

如果有帮助的话,我可以添加DB结构,但我更愿意将DB结构保留在当前的位置

首先搜索数据 归档。”\php'

// Process the search query
if(isset($_POST['searchquery']) && $_POST['searchquery'] != ""){
// run code if condition meets here 
    $searchquery = preg_replace('#[^a-z 0-9?]#i', '', $_POST['searchquery']);
    if($_POST['filter1'] == "0"){
        $sqlCommand = "SELECT * FROM `incident` WHERE `iTypeID` = 0 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "1"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "2"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filer1'] == "3"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 3 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "4"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "5"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "6"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "7"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }
    $query = mysql_query($sqlCommand) or die(mysql_error());
    $count = mysql_num_rows($query);


    if($count >= 1){
        while($row = mysql_fetch_array($query)){
            $incidentID = $row["incidentID"];
            $dangerLevel =$row["dangerLevel"];
            $search_output .= "Item ID: <br> $incidentID <br> Danger Level: <br> $dangerLevel<br/> 
            <a href=\"modify_incident.php?id=" . $row['incidentID'] . "\">Modify Entry</a> 
            <span> </span>
            <a href=\"delete_incident.php?id=" . $row['incidentID'] . "\">Delete Entry</a> <br /><br />";           

        } // close while
    } else {


    }
}
?>

<html>
<head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset>
<legend>Incident Search Form</legend>
<p><label>Search a Disaster (by name): <input name="searchquery" type="text"></label></p>
<p><label>Search by Type<select name="filter1"></label></p>
<option value="0">None</option>
<option value="1">Fire</option>
<option value="2">Flood</option>
<option value="3">Hurricane</option>
<option value="4">Tropical Storm</option>
<option value="5">LandSlide</option>
<option value="6">Biological Outbreak</option>
</select>
</fieldset>
<input name="myBtn" type="submit">
<br />
<br />
<div>
<?php echo $search_output; ?>
</div>
</form>     
</body> 
</head> 
</html>

    if(!isset($_POST['submit'])){
        $q = "SELECT * FROM incident WHERE incidentID = $_GET[id]";
        $ql = "SELECT * FROM location where locationID = $_GET[id]";
        $results = mysql_query($q);
        $incident = mysql_fetch_array($results);
        $results2 = mysql_query($ql);
        $incident2 = mysql_fetch_array($results2);  
    }
?>
</html>
<head>
<body>
<h1>You are Modifying an Incident</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
    <fieldset>
    <legend>Incident</legend>
    <p><label>Disaster Name: <input type="text" name ="inputIncident" value = "<?php echo $incident['disasterName']; ?>" placeholder = "SampleTree Fire" /></label></p>
    <p><label>Disaster Description: <input type="text" name ="inputDescription" value = "<?php echo $incident['description']; ?>" placeholder = "Large Forest fire near"  /></label></p>
    <p><label>Time of Incident: <input type="time" name ="inputTime" value = "<?php echo $incident['time']; ?>" placeholder = "hh:mm:ss"/></label></p>
    <p><label>Date of Incident: <input type="date" name ="inputDate" value = "<?php echo $incident['date']; ?>" placeholder = "yyyy/mm/dd"/></label></p>
    <p><label>Danger of Incident: <input type="number" name ="inputdangerLevel" placeholder = "1-10" value = "<?php echo $incident['dangerLevel']; ?>" /></label></p>
    <p><label for ="type">Select Disaster Type:</label>
        <select id="type" name="type" value = "<?php echo $incident['iTypeID']; ?>"
        <option value="0">None</option>
        <option value="1">Fire</option>
        <option value="2">Flood</option>
        <option value="3">Hurricane</option>
        <option value="4">Tropical Storm</option>
        <option value="5">LandSlide</option>
        <option value="6">Biological Outbreak</option>
        </select>
    </fieldset>
    <fieldset>
    <legend>Location</legend>
    <p><label>Street Name:<input type="text" name ="inputStreet" value = "<?php echo $incident2['streetName']; ?>" placeholder = "Avalon Place" /></label></p>
    <p><label>Street Number:<input type="number" name ="inputNumber" value = "<?php echo $incident2['streetNumber']; ?>" placeholder = "9" /></label></p>
    <p><label>Suburb:<input type="text" name ="inputSuburb" value = "<?php echo $incident2['suburb']; ?>" placeholder = "Upper Kedron" /></label></p>
    <p><label>Postcode:<input type="text" name ="inputPostCode" value = "<?php echo $incident2['postCode']; ?>" placeholder = "4055" /></label></p>
    <p><label>Region:<input type="number" name ="inputRegion" value = "<?php echo $incident2['region']; ?>" placeholder = "4" /></label></p>
    <p><label>Lattitude:<input type="text" name ="inputLattitude" value = "<?php echo $incident2['mapLat']; ?>" placeholder = "136.10" /></label></p>
    <p><label>Longitude:<input type="text" name ="inputLongitude" value = "<?php echo $incident2['mapLon']; ?>" placeholder = "182.86" /></label></p>
    <p><label for ="state">State:</label>
        <select id="state" name="state" value = "<?php echo $incident2['state']; ?>">
        <option value="QLD">QLD</option>
        <option value="NSW">NSW</option>
        <option value="NT">NT</option>
        <option value="ACT">ACT</option>
        <option value="SA">SA</option>
        <option value="WA">WA</option>
        <option value="TAS">TAS</option>
        </select>
    </fieldset>
</p>



    <br/>
</fieldset>
    <input type="hidden" name="id" value="<?php echo $_GET['id'];?>"/>
    <!--<input type="hidden" name="id2" value="<?php echo $_GET['id'];?>"/>-->
    <input type="submit" name="submit" value="modify"/>
</form>
</body>
</head>
</html>
<?php
if(isset($_POST['submit'])){
    $u = "UPDATE incident SET `disasterName`='$_POST[inputIncident]', 
    `description`='$_POST[inputDescription]', 
    `time`='$_POST[inputTime]', 
    `date`='$_POST[inputDate]', 
    `dangerLevel`='$_POST[inputdangerLevel]',
    `iTypeID`='$_POST[type]' 
    WHERE incidentID = $_POST[id]";

    $ul = "UPDATE location SET `streetName`='$_POST[inputStreet]',
    `steetNumber`='$_POST[inputNumber]',
    `suburb`='$_POST[inputSuburb]',
    `postcode`='$_POST[inputPostCode]',
    `region`='$_POST[inputRegion]',
    `lattitude`='$_POST[inputLattitde]',
    `longitude`='$_POST[inputLongitude]',
    `state`='$_POST[state]'
    WHERE locationID = $_POST[id]";


    mysql_query($u) or die (mysql_error());
    mysql_query($ul) or die (mysql_error());

    echo "User has been modified!";
    header ('Location: output.php');
} else{
}
?>

Incident

Column  Type    Null    Default     Links to 
incidentID  int(15)     No                   
dangerLevel     int(2)  No                   
description     varchar(250)    No                   
time    time    No                   
date    date    No                   
isresolved  tinyint(1)  No                   
locationID  int(11)     No          location -> locationID           
isPublic    tinyint(1)  No                   
iTypeID     int(11)     No          itype -> iTypeID         
disasterName    text    No 

Location                 
Column  Type    Null    Default     
locationID  int(10)     No               
postCode    int(4)  No               
region  text    No               
state   text    No               
mapLat  float   No               
mapLon  float   No               
streetNumber    int(11) No               
streetName  text    No               
suburb  text    No
在搜索数据后修改数据 归档。”\php'

// Process the search query
if(isset($_POST['searchquery']) && $_POST['searchquery'] != ""){
// run code if condition meets here 
    $searchquery = preg_replace('#[^a-z 0-9?]#i', '', $_POST['searchquery']);
    if($_POST['filter1'] == "0"){
        $sqlCommand = "SELECT * FROM `incident` WHERE `iTypeID` = 0 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "1"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "2"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filer1'] == "3"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 3 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "4"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "5"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "6"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }else if($_POST['filter1'] == "7"){
        $sqlCommand = "SELECT incidentID FROM `incident` WHERE `iTypeID` = 2 AND `disasterName` LIKE '%$searchquery%'";
    }
    $query = mysql_query($sqlCommand) or die(mysql_error());
    $count = mysql_num_rows($query);


    if($count >= 1){
        while($row = mysql_fetch_array($query)){
            $incidentID = $row["incidentID"];
            $dangerLevel =$row["dangerLevel"];
            $search_output .= "Item ID: <br> $incidentID <br> Danger Level: <br> $dangerLevel<br/> 
            <a href=\"modify_incident.php?id=" . $row['incidentID'] . "\">Modify Entry</a> 
            <span> </span>
            <a href=\"delete_incident.php?id=" . $row['incidentID'] . "\">Delete Entry</a> <br /><br />";           

        } // close while
    } else {


    }
}
?>

<html>
<head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset>
<legend>Incident Search Form</legend>
<p><label>Search a Disaster (by name): <input name="searchquery" type="text"></label></p>
<p><label>Search by Type<select name="filter1"></label></p>
<option value="0">None</option>
<option value="1">Fire</option>
<option value="2">Flood</option>
<option value="3">Hurricane</option>
<option value="4">Tropical Storm</option>
<option value="5">LandSlide</option>
<option value="6">Biological Outbreak</option>
</select>
</fieldset>
<input name="myBtn" type="submit">
<br />
<br />
<div>
<?php echo $search_output; ?>
</div>
</form>     
</body> 
</head> 
</html>

    if(!isset($_POST['submit'])){
        $q = "SELECT * FROM incident WHERE incidentID = $_GET[id]";
        $ql = "SELECT * FROM location where locationID = $_GET[id]";
        $results = mysql_query($q);
        $incident = mysql_fetch_array($results);
        $results2 = mysql_query($ql);
        $incident2 = mysql_fetch_array($results2);  
    }
?>
</html>
<head>
<body>
<h1>You are Modifying an Incident</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
    <fieldset>
    <legend>Incident</legend>
    <p><label>Disaster Name: <input type="text" name ="inputIncident" value = "<?php echo $incident['disasterName']; ?>" placeholder = "SampleTree Fire" /></label></p>
    <p><label>Disaster Description: <input type="text" name ="inputDescription" value = "<?php echo $incident['description']; ?>" placeholder = "Large Forest fire near"  /></label></p>
    <p><label>Time of Incident: <input type="time" name ="inputTime" value = "<?php echo $incident['time']; ?>" placeholder = "hh:mm:ss"/></label></p>
    <p><label>Date of Incident: <input type="date" name ="inputDate" value = "<?php echo $incident['date']; ?>" placeholder = "yyyy/mm/dd"/></label></p>
    <p><label>Danger of Incident: <input type="number" name ="inputdangerLevel" placeholder = "1-10" value = "<?php echo $incident['dangerLevel']; ?>" /></label></p>
    <p><label for ="type">Select Disaster Type:</label>
        <select id="type" name="type" value = "<?php echo $incident['iTypeID']; ?>"
        <option value="0">None</option>
        <option value="1">Fire</option>
        <option value="2">Flood</option>
        <option value="3">Hurricane</option>
        <option value="4">Tropical Storm</option>
        <option value="5">LandSlide</option>
        <option value="6">Biological Outbreak</option>
        </select>
    </fieldset>
    <fieldset>
    <legend>Location</legend>
    <p><label>Street Name:<input type="text" name ="inputStreet" value = "<?php echo $incident2['streetName']; ?>" placeholder = "Avalon Place" /></label></p>
    <p><label>Street Number:<input type="number" name ="inputNumber" value = "<?php echo $incident2['streetNumber']; ?>" placeholder = "9" /></label></p>
    <p><label>Suburb:<input type="text" name ="inputSuburb" value = "<?php echo $incident2['suburb']; ?>" placeholder = "Upper Kedron" /></label></p>
    <p><label>Postcode:<input type="text" name ="inputPostCode" value = "<?php echo $incident2['postCode']; ?>" placeholder = "4055" /></label></p>
    <p><label>Region:<input type="number" name ="inputRegion" value = "<?php echo $incident2['region']; ?>" placeholder = "4" /></label></p>
    <p><label>Lattitude:<input type="text" name ="inputLattitude" value = "<?php echo $incident2['mapLat']; ?>" placeholder = "136.10" /></label></p>
    <p><label>Longitude:<input type="text" name ="inputLongitude" value = "<?php echo $incident2['mapLon']; ?>" placeholder = "182.86" /></label></p>
    <p><label for ="state">State:</label>
        <select id="state" name="state" value = "<?php echo $incident2['state']; ?>">
        <option value="QLD">QLD</option>
        <option value="NSW">NSW</option>
        <option value="NT">NT</option>
        <option value="ACT">ACT</option>
        <option value="SA">SA</option>
        <option value="WA">WA</option>
        <option value="TAS">TAS</option>
        </select>
    </fieldset>
</p>



    <br/>
</fieldset>
    <input type="hidden" name="id" value="<?php echo $_GET['id'];?>"/>
    <!--<input type="hidden" name="id2" value="<?php echo $_GET['id'];?>"/>-->
    <input type="submit" name="submit" value="modify"/>
</form>
</body>
</head>
</html>
<?php
if(isset($_POST['submit'])){
    $u = "UPDATE incident SET `disasterName`='$_POST[inputIncident]', 
    `description`='$_POST[inputDescription]', 
    `time`='$_POST[inputTime]', 
    `date`='$_POST[inputDate]', 
    `dangerLevel`='$_POST[inputdangerLevel]',
    `iTypeID`='$_POST[type]' 
    WHERE incidentID = $_POST[id]";

    $ul = "UPDATE location SET `streetName`='$_POST[inputStreet]',
    `steetNumber`='$_POST[inputNumber]',
    `suburb`='$_POST[inputSuburb]',
    `postcode`='$_POST[inputPostCode]',
    `region`='$_POST[inputRegion]',
    `lattitude`='$_POST[inputLattitde]',
    `longitude`='$_POST[inputLongitude]',
    `state`='$_POST[state]'
    WHERE locationID = $_POST[id]";


    mysql_query($u) or die (mysql_error());
    mysql_query($ul) or die (mysql_error());

    echo "User has been modified!";
    header ('Location: output.php');
} else{
}
?>

Incident

Column  Type    Null    Default     Links to 
incidentID  int(15)     No                   
dangerLevel     int(2)  No                   
description     varchar(250)    No                   
time    time    No                   
date    date    No                   
isresolved  tinyint(1)  No                   
locationID  int(11)     No          location -> locationID           
isPublic    tinyint(1)  No                   
iTypeID     int(11)     No          itype -> iTypeID         
disasterName    text    No 

Location                 
Column  Type    Null    Default     
locationID  int(10)     No               
postCode    int(4)  No               
region  text    No               
state   text    No               
mapLat  float   No               
mapLon  float   No               
streetNumber    int(11) No               
streetName  text    No               
suburb  text    No
我想我可能找到了一种不同的方法来做这件事,但仍然需要一点帮助,如何将它扩展到$row['incidentID']和$row['locationID']将被分配给ID和ID2

<a href=\"modify_incident.php?id=" . $row['incidentID'] . "\">Modify Entry</a>
如果这是一个1:M的关系,那么一个位置可能有许多事件,您可能希望将这些表连接在一起:

从事件i中选择*位置l,其中i.id=?和i.location_id=l.id

每行都有来自事件和相应位置的列

编辑:

您可以使用更新连接通过事件ID更新位置:

update location l
join incident i on i.location_id = l.id
set l.city = ?
where i.id = ?
如果这是一个1:1的关系,并且每个事件都有一个唯一的位置,您还可以将这两个表合并为一个表。

您的脚本容易受到SQL注入的攻击。你肯定应该这样做。我知道这是正确的方法,但是让我们假设它的modify_事件。php?id=62有没有办法让它修改_事件。php?id_1=62,id_2=29