苗条的框架,不显示任何输出
[英]slim framework no output displayed
问题描述
I'm trying to get a json file using Slim Framework. 
我正在尝试使用Slim Framework获取json文件。 The code I'm trying is mentioned below 我正在尝试的代码在下面提到
$app->get('/forum/:id', function ($id) {
$user_name = "abc";
$password = "123";
$database = "test";
$server = "localhost";
$db_handle = mysqli_connect($server, $user_name, $password);
mysqli_set_charset($db_handle, "utf8");
mysqli_select_db($db_handle, $database);
$arr = array();
$SQL = "Select y123_forum.post_id, y123_forum.posttext FROM y123_forum INNER JOIN y123_users ON y123_forum.user_id = y123_users.id WHERE type = 1 AND y123_users.email = 'id'";
$result = mysqli_query($db_handle, $SQL);
while ($row = mysqli_fetch_assoc($result))
{
array_push($arr, $row);
}
mysqli_close($db_handle);
echo json_encode($arr);
});
The output displayed on the browser is [] 浏览器上显示的输出为[]
When I try the above code without passing parameter, ie 当我尝试上面的代码而不传递参数时,即
$app->get('/faqs/', function () {
$user_name = "abc";
$password = "123";
$database = "test";
$server = "localhost";
$db_handle = mysqli_connect($server, $user_name, $password);
mysqli_set_charset($db_handle, "utf8");
mysqli_select_db($db_handle, $database);
$arr = array();
$SQL = Select y123_forum.post_id, y123_forum.posttext FROM y123_forum INNER JOIN y123_users ON y123_forum.user_id = y123_users.id WHERE type = 1 AND y123_users.email = 'abc@gmail.com'"
$result = mysqli_query($db_handle, $SQL);
while ($row = mysqli_fetch_assoc($result))
{
array_push($arr, $row);
}
mysqli_close($db_handle);
echo json_encode($arr);
});
then it works fine 然后就可以了
How do i fix this, I need to get this working to get the json file by passing any email id's from the database 我该如何解决这个问题,我需要通过传递数据库中的任何电子邮件ID来使它工作以获取json文件
1 个解决方案
解决方案1
1 已采纳 2015-04-23 04:35:27
You're forgetting the $ in the parameter, it thinks you're looking for an email address of 'id', not the contents of $id. 您忘记了参数中的$,它认为您正在寻找的是'id'的电子邮件地址,而不是$ id的内容。
SELECT * FROM y123_forum WHERE email = '$id';
Note that this is a horrible, bad, unsafe way to pass parameters to a SQL query. 请注意,这是将参数传递给SQL查询的一种可怕,糟糕,不安全的方法。 The correct way would be to parameterize your query and execute this way: 正确的方法是参数化您的查询并以这种方式执行:
$SQL = 'SELECT * FROM y123_forum WHERE email = ?';
$stmt = mysqli_stmt_init($db_handle);
if (mysqli_stmt_prepare($stmt, $sql)) {
mysqli_stmt_bind_param($stmt, 's', $id);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
while ($row = mysqli_fetch_assoc($result))
{
array_push($arr, $row);
}
}
The 's' in mysql_stmt_bind_param tells the driver your $id variable should be treated as a string, and escapes it appropriately. mysql_stmt_bind_param的“ s”告诉驱动程序,您应将$ id变量视为字符串,并对其进行适当的转义。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.