[英]How do I add criteria to a WHERE clause?
I need to filter these results with the status from c.statusRP = Open 我需要使用c.statusRP = Open的状态过滤这些结果
$query= mysql_query("SELECT h.id, h.sid, h.did, h.nextaction, h.nextactiondate, d.company, d.name, d.surname, c.company, d.balance, d.amount from History h, Person d, Client c where h.sid=c.ref and d.id=h.did and nextactiondate between $dayEnd and $dayStart order by c.company desc");
#print $tquery;
$mydate = date("d-m-Y");
$message = "<br><br><h1>Task List for $mydate</h1><br>";
$message .= "<table border=\"1\"><tr><strong><td>Customer Ref</td><td>Client Company</td><td>Customer Ref</td><td>Other Company</td><td>Full Name</td><td>Next Action</td></strong></tr>";
while ($def = mysql_fetch_row($query)) {
$sid = $def[1];
$did = $def[2];
$nextaction = $def[3];
$nextactiondate = $def[4];
$dcompany = $def[5];
$dname = $def[6];
$dsurname = $def[7];
$ccompany = $def[8];
$dbalance = $def[9];
$damount = $def[10];
if ($dbalance == "") {
$newbalance = $damount;
}
else {
$newbalance = $dbalance;
}
switch ($nextaction) {
I have tried adding 我尝试添加
$query= mysql_query("SELECT h.id, h.sid, h.did, h.nextaction,
h.nextactiondate, d.company, d.name,
d.surname, c.company, d.balance,
d.amount
from History h, Person d, Client c
where h.sid=c.ref
and d.id=h.did
and nextactiondate between $dayEnd and $dayStart
order by c.company desc
WHERE c.statusRP = 'Open';");
but then I get errors on the line showing this: 但是然后在显示以下内容的行上出现错误:
while ($def = mysql_fetch_row($query)) {
What am I doing wrong? 我究竟做错了什么?
You already have a WHERE
, you need to join it with AND
, and put it before the ORDER BY
. 您已经有了一个
WHERE
,您需要将其与AND
结合在一起,并将其放在ORDER BY
之前。
$query= mysql_query("SELECT h.id, h.sid, h.did, h.nextaction, h.nextactiondate, d.company, d.name, d.surname, c.company, d.balance, d.amount
from History h, Person d, Client c
where h.sid=c.ref
and d.id=h.did
and nextactiondate between $dayEnd and $dayStart
AND c.statusRP = 'Open'
order by c.company desc;");
Additional notes: $dayEnd
and $dayStart
should probably be quoted, unless they're timestamps. 附加说明:
$dayEnd
和$dayStart
应该加引号,除非它们是时间戳。
You're wide open for SQL injection.
您愿意接受SQL注入。 The mysql_* functions are deprecated, and completely removed from PHP7.
mysql_ *函数已被弃用,并已从PHP7中完全删除。 Switch to PDO or mysqli, and take advantage of prepared statements and variable binding, and you won't need to worry about quoting.
切换到PDO或mysqli,并利用准备好的语句和变量绑定,您无需担心引用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.