我有一个像上面那样的表
我想选择和显示成本时,拾取和放置是相同的,由用户从下拉菜单选择具有以上选项。
$result = mysqli_query($conn,"SELECT * FROM location
WHERE Pickup='". $pick. "' ");
while($row = mysqli_fetch_array($result))
{
echo "You have to pay " . $row['Cost'];
echo "<br>";
}
上面的代码将给我4个选项,因为我没有检查dropLocation
的等式。
SELECT * FROM location
WHERE Pickup='". $pick. "' AND DropLocation='". $drop. "' "
它不工作。如何处理多个条件?
试试这个
你的代码看起来有SQL攻击漏洞尝试使用mysqli准备语句。
<?php
$stmt = $conn->prepare("SELECT * FROM location WHERE Pickup=? AND DropLocation=?");
$stmt->bind_param('ss',$pick,$drop);
//The argument may be one of four types:
//i - integer
//d - double
//s - string
//b - BLOB
//change it by respectively
$stmt->execute();
$get_result =$stmt->get_result();
$row_count= $get_result->num_rows;
if($row_count>0)
{
while($row = mysqli_fetch_array($get_result))
{
echo "You have to pay " . $row['Cost'];
echo "<br>";
}
}
else
{
echo "result set empty";
}
$stmt->close();
$conn->close();
?>
试试这个:
if(isset($_POST['myPick']) && !isset($_POST['myDrop'])){
$result = mysqli_query($conn,"SELECT * FROM location
WHERE Pickup='". $pick. "' ");
}else if(!isset($_POST['myDrop']) && isset($_POST['myPick'])){
$result = mysqli_query($conn,"SELECT * FROM location
WHERE DropLocation='". $drop. "' ");
}else if(isset($_POST['myDrop']) && isset($_POST['myPick'])){
$result = mysqli_query($conn,"SELECT * FROM location
WHERE Pickup='". $pick. "' AND DropLocation='". $drop. "' ");
}
while($row = mysqli_fetch_array($result))
{
echo "You have to pay " . $row['Cost'];
echo "<br>";
}