[英]Using PHP variable to fetch data from mysql
I have a daily question quiz page and I have two database tables with the following names: 我有一个每日问题测验页面,并且我有两个数据库表,其名称如下:
1) qbank 2) users_log 1)qbank 2)users_log
Now once the user submits the answer, it takes the user to the grade.php where I access if he/she answered the question correctly. 现在,一旦用户提交了答案,就可以将用户带到grade.php,如果他/她正确回答了问题,我可以访问该位置。 My problem is the following code:
我的问题是以下代码:
$sql = ("SELECT * FROM users_log WHERE username = '$username_wanted'");
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$myuser = $row["username"];
echo $myuser;
echo "It found the user";
$mycolumn = $row_y[$_POST['question-id']];
echo $mycolumn;
}
}
What I would like to do is to select that COLUMN from "users_log" TABLE where the COLUMN name is equal to the question-id from "qbank" table, where the user submitted in the previous page. 我想做的是从“ users_log”表中选择该列,其中“ COLUMN”名称等于“ qbank”表中用户在上一页提交的问题ID。
Let's just say I define a variable like such: 假设我定义了一个像这样的变量:
$questionID = "001"
What is the correct way of fetching with that variable: 用该变量获取数据的正确方法是什么:
$mycolumn = $row_y[$questionID];
Thanks, oliver_foxx 谢谢,oliver_foxx
Your must construct a query like this (if i understood correctly) 您必须构造这样的查询(如果我理解正确的话)
$sql = "SELECT username, ".$_POST['question-id']." FROM users_log WHERE username = '".$username_wanted."'";
Of course there are some issues here but there are beyond the scope of this question. 当然这里有一些问题,但超出了此问题的范围。 You may wanna research on these:
您可能想研究以下内容:
1) You are vulnerable to sql injection 1)您容易受到sql注入的攻击
2) I'm not very confident your sql structure is a good one. 2)我不太确定您的sql结构是一个好结构。 Seems like you have a column for each question;
似乎每个问题都有一列; that sounds terribly denormalized
听起来非常不规范
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.