[英]PHP/SQL - Issue with using two $_GET statements?
I am trying to use two different $_GET statements (within the first two chunks of code) and then pass their values into a SQL statement (in the third chunk of code), however it is incorrectly working out for me. 我正在尝试使用两个不同的$ _GET语句(在前两个代码块内),然后将它们的值传递到SQL语句(在第三块代码中),但是这对我来说是错误的。 I am wondering if i'm using the the $_GET statement incorrectly??
我想知道我是否错误地使用了$ _GET语句? Thanks for any and all help!
感谢您提供的所有帮助!
if (!(isset($_GET['companyselected']))) {
$result = mysqli_query($db, "SELECT DISTINCT Company_ID, CompanyName " . "FROM Company");
$fields = mysqli_fetch_fields($result);
echo "<table style='width:900px'><tr>";
foreach ($fields as $column)
echo "<th>" . $column->name . "</th>";
echo "<th>Select Bus Company</th></tr>";
while ($row = mysqli_fetch_assoc($result)) {
echo "<tr>";
foreach ($row as $field) echo "<td>" . $field . "</td>";
echo "<td><a href=\"" . $_SERVER['PHP_SELF'] . "?companyselected="
. $row['Company_ID'] . "\" style=\"color: green;\">Show Routes</a></td></tr>";
}
echo "</table>";
}
if (isset($_GET['companyselected']))
{
if ($result = mysqli_query($db, "SELECT DISTINCT RouteNum, RouteName FROM Route WHERE Company_ID = " . (int)$_GET['companyselected']))
{
$fields = mysqli_fetch_fields($result);
echo "<table style='width:900px'><tr>";
foreach ($fields as $column)
echo "<th>" . $column->name . "</th>";
echo "<th>Select Bus Company</th></tr>";
while ($row = mysqli_fetch_assoc($result)) {
echo "<tr>";
foreach ($row as $field) echo "<td>" . $field . "</td>";
echo "<td><a href=\"" . $_SERVER['PHP_SELF'] . "?routeselected="
. $row['RouteNum'] . "\" style=\"color: green;\">Display Route</a></td></tr>";
}
echo "</table>";
}
}
//error is within the $result variable below
if (isset($_GET['routeselected']))
{
$result = mysqli_query($db, "SELECT * FROM STOP INNER JOIN RouteStop ON Stop.Stop_ID = RouteStop.Stop_ID WHERE RouteStop.Route_ID = " . (int)$_GET['routeselected'] . " AND RouteStop.Company_ID = " . (int)$_GET['companyselected']);
while ($row = mysqli_fetch_array($result))
echo "{\"title\": '".$row['Stop_ID']."', \"lat\": '".$row['Latitude']."', \"lng\": '".$row['Longitude']."', \"description\": '".$row['StopName']."'},";
}
?>
Try changing this line: 尝试更改此行:
if ($result = mysqli_query($db, "SELECT DISTINCT RouteNum, RouteName FROM Route WHERE Company_ID = " . (int)$_GET['companyselected']))
to (add single quotes and remove int I would imagine): 到(添加单引号并删除我想象的int):
if ($result = mysqli_query($db, "SELECT DISTINCT RouteNum, RouteName FROM Route WHERE Company_ID = '" . mysqli_real_escape_string($cxn, $_GET['companyselected']) . "'"))
where $cxn can be accessed if you include your 'connect.php' file. 如果包含“ connect.php”文件,则可以在其中访问$ cxn。
Also try changing this line: 也尝试更改此行:
$result = mysqli_query($db, "SELECT * FROM STOP INNER JOIN RouteStop ON Stop.Stop_ID = RouteStop.Stop_ID WHERE RouteStop.Route_ID = " . (int)$_GET['routeselected'] . " AND RouteStop.Company_ID = " . (int)$_GET['companyselected']);
to: 至:
$result = mysqli_query($db, "SELECT * FROM STOP INNER JOIN RouteStop ON Stop.Stop_ID = RouteStop.Stop_ID WHERE RouteStop.Route_ID = " . mysqli_real_escape_string($cxn, (int)$_GET['routeselected']) . " AND RouteStop.Company_ID = '" . mysqli_real_escape_string($cxn, $_GET['companyselected']) . "'");
If the route numbers are not alphanumeric but only numeric, please remove the single quotes I have placed around the sql $_GETs in my proposed edits. 如果路由编号不是字母数字,而是数字,请删除在建议的修改中我在sql $ _GETs周围加上的单引号。
thank you so much for your responses! 非常感谢您的回复! Come to find out, I had to concatenate the
(int)$_GET['companyselected']
from the first result of a SQL query into the second result of the SQL query, and it is now working beautifully. 找出来,我不得不将
(int)$_GET['companyselected']
从SQL查询的第一个结果连接到SQL查询的第二个结果,现在它可以正常工作。 Here is the code with the concatenation: 这是带有串联的代码:
echo "<td><a href=\"" . $_SERVER['PHP_SELF'] . "?routeselected="
. $row['RouteNum'] . "&companyselected=" . (int)$_GET['companyselected'] . "\" style=\"color: green;\">Display Route</a></td></tr>";
Thanks again!! 再次感谢!!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.