最受欢迎

SELECT WHERE A=“$var” SQL 的奇怪行为

Strange behavior with SELECT WHERE A="$var" SQL

本文关键字:SQL var WHERE SELECT | 更新日期: 2023-09-27

我寻找答案,但找不到,因为这里的问题似乎略有不同。

$vid = $_SESSION['ID_Vendor'];
echo "ID: $vid";
$q = 'SELECT business_name, vd.ID_Vendor, res.ID_RestaurantEstablishment 
  FROM restaurant res
   INNER JOIN vendor_data vd
  ON vd.ID_Vendor=res.ID_Vendor AND res.ID_Vendor="$vid" ORDER BY business_name ASC';

变量 $vid 确实有一个值(在这种情况下等于 2,但它可能会有所不同),但是,当我专门设置 

 WHERE res.ID_Vendor=2

我的查询返回正确且预期的值列表,但是当我使用 

 WHERE res.ID_Vendor="$vid"

有了"$vid",我的价值观的回声简直是空的。

下面是完整的代码片段,用于回显输出。感谢您的帮助。

 $vid = $_SESSION['ID_Vendor'];
 echo "ID: $vid";
 $q = 'SELECT business_name, vd.ID_Vendor, res.ID_RestaurantEstablishment 
  FROM restaurant res
   INNER JOIN vendor_data vd
  ON vd.ID_Vendor=sfe.ID_Vendor AND res.ID_Vendor="$vid" ORDER BY   business_name ASC';
 $r = mysqli_query($connection, $q);
 while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) {
  echo '>' . htmlspecialchars($row[0]) . '  ' . htmlspecialchars($row[1]) . '   ' . htmlspecialchars($row[2]) .'</option>';
}

PHP 无法识别撇号对 '' 中的变量。将变量放在 " 中。例如: 

"WHERE res.ID_Vendor='$vid'"

既然我提出了这个想法,我想我应该说明预准备语句的使用。

使用mysqli将按如下方式进行(假设已成功初始化$connection):

// The indentation here is purely a matter of personal preference
$query = 'SELECT business_name, vd.ID_Vendor, res.ID_RestaurantEstablishment 
            FROM restaurant res
            INNER JOIN vendor_data vd
              ON vd.ID_Vendor = res.ID_Vendor
            WHERE res.ID_Vendor = ?
            ORDER BY business_name ASC';
$stmt = $connection->prepare($query);
$stmt->bind_param('s', $vid);  // 's' assumes $vid is string; use 'i' for int
$stmt->execute();
$res = $stmt->get_result();
while ($row = $res->fetch_array(MYSQLI_NUM))
{
    echo '>' . htmlspecialchars($row[0]) . '  ' . htmlspecialchars($row[1]) . '   ' . htmlspecialchars($row[2]) .'</option>';
}

成语与使用PDO相同。PDO数据源名称(DSN)的格式是在线记录的。

$conn = new PDO($dsn, $username, $password); // define these vars elsewhere
$query = 'SELECT business_name, vd.ID_Vendor, res.ID_RestaurantEstablishment 
            FROM restaurant res
            INNER JOIN vendor_data vd
              ON vd.ID_Vendor = res.ID_Vendor
            WHERE res.ID_Vendor = :vid
            ORDER BY business_name ASC';
$stmt = $conn->prepare($query);
$stmt->execute(array(':vid' => $vid));
while ($row = $stmt->fetch(PDO::FETCH_NUM))
{
    echo '>' . htmlspecialchars($row[0]) . '  ' . htmlspecialchars($row[1]) . '   ' . htmlspecialchars($row[2]) .'</option>';
}

在这两种情况下,我都将错误处理留给读者练习。

你的代码有几个问题:

首先,这是行不通的,并且会从字面上呼应$vid

echo "ID: $vid";

这将返回:ID: $vid

您需要将字符串与变量连接起来,它应该是:

echo "ID: " . $vid;

这将返回:ID: 2

其次,您的查询将不起作用:

$q = 'SELECT business_name, vd.ID_Vendor, res.ID_RestaurantEstablishment 
  FROM restaurant res
   INNER JOIN vendor_data vd
  ON vd.ID_Vendor=res.ID_Vendor AND res.ID_Vendor="$vid" ORDER BY business_name ASC';

您应该用双引号将查询括起来,用单引号将变量括起来:

$q = "SELECT business_name, vd.ID_Vendor, res.ID_RestaurantEstablishment 
  FROM restaurant res
   INNER JOIN vendor_data vd
  ON vd.ID_Vendor=res.ID_Vendor AND res.ID_Vendor='$vid' ORDER BY business_name ASC";

对于SQL,不像javascript或php,字符串或char只允许使用单引号。

对于 MySQL,如果res.id_vendor的列类型是数字,则 res.id_vendor='1' 与 res.id_vendor=1 相同,因此最好始终用单引号将变量括起来,如 res.id_vendor='$vid

最后,关于编码约定的评论:建议列命名中不要混合使用大写和小写字符,使用"_"作为单词分隔符,例如 

vd.id_vendor
res.id_restaurant_establishment
相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习