HTML 文件:
<form method="post" action="generate.php">
Product Reference(s): (if multiple, separate by ",")<br />
<input type="text" name="project_ref" value="REF123, REF124" />
<input type="submit" value="Generate" />
</form>
PHP文件:
<?php
$ref_array = explode(',', $_POST['project_ref']);
foreach ($ref_array as &$ref) {
// Create connection
$conn = mysqli_connect($host, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "SELECT * FROM `inventory` WHERE reference = '$ref' LIMIT 1";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
// output data of each row
while($row = mysqli_fetch_assoc($result)) {
echo "Brand: " . $row["brand"]. "<br>";
}
} else {
echo "0 results";
}
mysqli_close($conn);
}
?>
结果:
品牌:博色0 结果
但我实际上想要:
品牌:博色品牌:节拍
所以问题是MySQL查询没有为每个数组项目运行。它只执行数组的第一项。
您的输入值在不同的引用之间有一个空格:REF123, REF124
您可以在逗号和空格上爆炸:
$ref_array = explode(', ', $_POST['project_ref']);
或修剪值:
$sql = "SELECT * FROM `inventory` WHERE reference = '" . trim($ref) . "' LIMIT 1";
还强烈建议您将$ref作为参数而不是字符串文本传入:
http://php.net/manual/en/mysqli-stmt.bind-param.php
看起来你的问题在你的爆炸中。爆炸的第一个值是正确的,第二个值(第三个、第四个等)将有一个前导空格。在"、"、"而不是",上爆炸,或者在使用前修剪结果。
但是此代码中还有其他一些内容。不要为每个查询创建新连接,单个连接只需重用即可。其次,在SQL中使用参数或清理值之前,这将有助于防止SQL注入攻击,更好的方法是使用PDO并使用参数。最后,更改查询,以便单个查询使用 IN 子句返回所需的所有结果。
<?php
$ref_array = explode(', ', $_POST['project_ref']);
$ref_IN = "";
foreach ($ref_array as $ref_val)
$ref_IN .= "'{$ref_val}', ";
$ref_IN = rtrim($ref_IN , ",");
// Create connection
$conn = mysqli_connect($host, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "SELECT * FROM `inventory` WHERE reference IN ({$ref_IN}) GROUP BY reference";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
// output data of each row
while($row = mysqli_fetch_assoc($result)) {
echo "Brand: " . $row["brand"]. "<br>";
}
} else {
echo "0 results";
}
mysqli_close($conn);
?>