初学者:php和mysql表问题
[英]Beginner: php and mysql table issue
问题描述
very new to php and mysql so all help is greatly appreciated. 
对于php和mysql来说是非常新的东西,因此非常感谢所有帮助。 I have tried to search the forums but not entirely sure specifically what I need to be searching for. 我已经尝试搜索论坛,但不能完全完全确定我需要搜索的内容。 I have a form which ask users to select a product and make a comment. 我有一张表格,要求用户选择产品并发表评论。
I need the information for a particular product to show on my product page instead of all of the information. 我需要特定产品的信息而不是所有信息显示在我的产品页面上。 (for example, I want the reviews for iPads to show on the ipad page) (例如,我希望iPad的评论显示在ipad页面上)
This is the code that send the data to the database: 这是将数据发送到数据库的代码:
<?php
session_start();
include('connection.php');
$name=$_POST['name'];
$product=$_POST['product'];
$star=$_POST['star'];
$comment=$_POST['comment'];
mysql_query("INSERT INTO tt_review(name, product, star, comment)VALUES('$name', '$product', '$star','$comment')");
header("location: https://scm-intranet.tees.ac.uk/users/l1071039/tablet-takeover/index.html");
mysql_close($con);
?>
This is the current code to fetch the data onto my page: 这是将数据提取到我的页面上的当前代码:
<?php
include('connection.php');
$result = mysql_query("SELECT * FROM tt_review");
echo "<table border='1'>
<tr>
</tr>";
while($row = mysql_fetch_array($result)) //This function is calling the results variable and displaying them within the rows below
{
echo "<tr>"; //this code tells the page to output the table rows that are defined above
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['date'] . "</td>"; //each row is then executed using the table data function
echo "<td>" . $row['product'] . "</td>";
echo "<td>" . $row['star'] . "</td>";
echo "<td>" . $row['comment'] . "</td>";
echo "</tr>";
}
echo "</table>";
?>
This is a screenshot of the table on my webpage (as I say, I need it to only show the ipad reviews. 这是我网页上表格的屏幕截图(正如我所说,我只需要显示ipad评论即可。
3 个解决方案
解决方案1
2 2014-07-22 13:36:03
要仅选择一种产品,应在sql查询上添加where子句:
SELECT * FROM tt_review WHERE product = 'Apple iPad'
解决方案2
0 2014-07-22 13:35:54
Firstly, mysql_* functions have been depreciated. 首先,mysql_ *函数已被弃用。 Rather, use either PDO or MySQLi. 而是使用PDO或MySQLi。
Secondly, your code is very vulnerable to SQL injection. 其次,您的代码非常容易受到SQL注入的攻击。
Thirdly, fix your select statement to the following: 第三,将您的选择语句修复为以下内容:
SELECT * FROM tt_review WHERE product = 'ipad'
解决方案3
0 2014-07-22 13:38:17
You can give like this 你可以这样给
"SELECT * FROM tt_review WHERE Product_name ='ipad'"
It will display only the information related to Ipad Still If you dont understand please give me the name of the columns you used in the table 它将仅显示与Ipad相关的信息。如果您不了解,请给我表中使用的列的名称。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.