遍历MySQL结果并将值保存到$ _SESSION
[英]Looping through MySQL results and saving values to a $_SESSION
问题描述
I am trying to store each column name in my database into its own $_SESSION. 
我试图将数据库中的每个列名称存储到其自己的$ _SESSION中。 For example, say my column names are column_one, column_two, column_three, column_four, and column_five. 例如,假设我的列名称为column_one,column_two,column_three,column_four和column_five。 I want these to be stored in a $_SESSION like $_SESSION['column_one'], $_SESSION['column_two'], etc. I am trying to do this in a loop but I have not been successful. 我希望将它们存储在$ _SESSION中,例如$ _SESSION ['column_one'],$ _ SESSION ['column_two']等。我试图循环执行此操作,但未成功。 How would I setup the loop to achieve this? 我将如何设置循环来实现这一目标?
$query = "SELECT * FROM table WHERE user_id = $id";
$result = mysqli_query($dbc, $query);
$num = mysqli_num_rows($result);
if ($num == 1) {
//User was found
while($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$_SESSION['user_id'] = $row['user_id'];
}
}
3 个解决方案
解决方案1
3 2013-08-10 01:15:34
Could you try this: 您可以尝试一下:
$id = mysqli_real_escape_string($dbc,$id);
$query = "SELECT * FROM table WHERE user_id = $id";
$result = mysqli_query($dbc, $query);
$num= mysqli_num_rows(result);
if ($num == 1) {
$row = mysqli_fetch_assoc($result);
$_SESSION['UserData'] = $row;
}else{
//handle error or user not found
}
echo '<pre>';
print_r($_SESSION['UserData']);
echo '</pre>';
You don't have necessity of use while or another loop, so is just one row 您无需使用while或另一个循环,因此只需一行
解决方案2
2 已采纳 2013-08-10 01:15:12
Something like this should work: 这样的事情应该起作用:
while($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
foreach($row as $column => $value) {
$_SESSION[$column] = $value;
}
}
Extra advice for safeguarding against SQL injection, the following two lines: 以下两行代码提供了有关防止SQL注入的额外建议:
$id = mysqli_real_escape_string($dbc, $id);
$query = "SELECT * FROM table WHERE user_id = '$id'";
Update: 更新:
Thanks to EmilioGort who pointed out the missing connection parameter in mysqli_real_escape_string . 由于EmilioGort谁指出了缺少的连接参数mysqli_real_escape_string 。 See mysqli_real_escape_string docs. 参见mysqli_real_escape_string文档。
解决方案3
0 2013-08-10 01:47:47
While the other answers proposed a way to do, I'd strongly propose to not do this at all. 虽然其他答案提出了一种解决方法,但我强烈建议完全不要这样做。 Why? 为什么?
First of all $row contains all details of the user in a well defined array form. 首先, $row以定义良好的数组形式包含用户的所有详细信息。 It is generally good to keep this structure well prepared. 通常最好保持此结构的准备就绪。
More important: Flattening $row might force name clashes like so: 更重要的是:扁平化$ row可能会导致名称冲突,如下所示:
Suppose $row has a property userName and somewhere else in your application you eventually set 假设$row具有属性userName并且最终在应用程序中的其他位置设置了属性
$_SESSION[ 'userName' ] = $newUserName;
The new assignment to $_SESSION[ 'userName' ] might unintentionally change the property saved during the login process. $_SESSION[ 'userName' ]的新分配可能会无意中更改在登录过程中保存的属性。
You might argue "Right now, my code doesn't use userName in $_SESSION '. Right! Unfortunately, you might use just this name for something else many month later on... 您可能会争辩说:“现在,我的代码未在$_SESSION '中使用userName。对!不幸的是,您可能在多个月后仅将此名称用于其他用途...
A better solution 更好的解决方案
I'd save the user detail like this: 我将这样保存用户详细信息:
$_SESSION[ 'sys$userDetails' ] = $row;
Imagine the prefix sys$ as being an indicator for framework generated properties of your session. 想象一下前缀sys$作为框架为会话生成的属性的指示符。
Thus, business logic related session data shouldn't have the sys$ prefix. 因此,与业务逻辑相关的会话数据不应具有sys$前缀。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.