[英]mysql query array counter
Apologies if I have the terminology wrong. 抱歉,如果我有错误的术语。
I have a for loop in php which operates a mysql query... 我在PHP中有一个for循环,用于操作mysql查询...
for ($i = 0; $i <count($user_id_pc); $i++)
{
$query2 = " SELECT job_title, job_info FROM job_description WHERE postcode_ss = '$user_id_pc[$i]'";
$job_data = mysqli_query($dbc, $query2);
$job_results = array();
while ($row = mysqli_fetch_array($job_data))
{
array_push($job_results, $row);
}
}
The results that are given when I insert a... 当我插入...时给出的结果...
print_r ($job_results);
On screen -> Array() 在屏幕上-> Array()
If I change the query from $user_id_pc[$i]
to $user_id_pc[14]
for example I receive one set of results. 例如,如果我将查询从$user_id_pc[$i]
更改$user_id_pc[14]
, $user_id_pc[14]
收到一组结果。
If I include this code after the query and inside the for loop 如果我在查询后和for循环中包含此代码
echo $i;
echo $user_id_pc[$i] . "<br>";
I receive the number the counter $i
is on followed by the data inside the array for that counter position. 我收到计数器$i
所在的数字,后跟该计数器位置的数组中的数据。
I am not sure why the array $job_results
is empty from the query using the counter $i
but not if I enter the number manually? 我不确定为什么数组$job_results
在使用计数器$i
的查询中为空,但如果我手动输入数字则不然?
Is it a special character I need to escape? 我需要逃脱吗?
The full code 完整代码
<?php
print_r ($user_id_pc);
//Select all columns to see if user has a profile
$query = "SELECT * FROM user_profile WHERE user_id = '" . $_SESSION['user_id'] . "'";
//If the user has an empty profile direct them to the home page
$data = mysqli_query($dbc, $query);
if (mysqli_num_rows($data) == 0)
{
echo '<br><div class="alert alert-warning" role="alert"><h3>Your appear not to be logged on please visit the<a href="index.php"> home page</a> to log on or register. <em>Thank you.</em></h3></div>';
}
//Select data from user and asign them to variables
else
{
$data = mysqli_query($dbc, $query);
if (mysqli_num_rows($data) == 1)
{
$row = mysqli_fetch_array($data);
$cw_job_name = $row['job_description'];
$cw_rate = $row['hourly_rate'];
$job_mileage = $row['mileage'];
$job_postcode = $row['postcode'];
$response_id = $row['user_profile_id'];
}
}
for ($i = 0; $i <count($user_id_pc); $i++)
{
$query2 = " SELECT job_title, job_info FROM job_description WHERE postcode_ss = '{$user_id_pc[$i]}'";
$job_data = mysqli_query($dbc, $query2);
$job_results = array();
while ($row = mysqli_fetch_array($job_data))
{
array_push($job_results, $row);
}
echo $i;
?>
<br>
<?php
}
print ($query2);
print $user_id_pc[$i];
?>
This is primarily a syntax error, the correct syntax should be: 这主要是语法错误,正确的语法应为:
$query2 = " SELECT job_title, job_info FROM job_description WHERE postcode_ss = '{$user_id_pc[$i]}'";
Note that this is correct syntax but still wrong!! 请注意,这是正确的语法,但仍然是错误的! For two reasons the first is that it's almost always better (faster, more efficient, takes less resources) to do a join or a subquery or a simple IN(array) type query rather than to loop and query multiple times. 出于两个原因,第一个原因是执行联接或子查询或简单的IN(array)类型查询比遍历和查询多次几乎总是更好(更快,更高效,占用更少的资源)。
The second issue is that passing parameters in this manner leave your vulnerable to sql injection. 第二个问题是,以这种方式传递参数使您容易受到sql注入的攻击。 You should use prepared statements. 您应该使用准备好的语句。
The correct way 正确的方法
if(count($user_id_pc)) {
$stmt = mysqli_stmt_prepare(" SELECT job_title, job_info FROM job_description WHERE postcode_ss = ?");
mysqli_stmt_bind_param($stmt, "s", "'" . implode("','",$user_id_pc) . "'");
mysqli_stmt_execute($stmt);
}
Note that the for loop has been replaced by a simple if 请注意,for循环已由简单的if代替
You have to check the query variable, instead of: 您必须检查查询变量,而不是:
$query2 = " SELECT job_title, job_info FROM job_description WHERE postcode_ss = '$user_id_pc[$i]'"
have you tried this: 你尝试过这个吗?
$query2 = " SELECT job_title, job_info FROM job_description WHERE postcode_ss = '" . $user_id_pc[$i] . "' ";
And another thing, try something different like this: 另一件事,尝试不同的方法:
while ($row = mysqli_fetch_array($job_data))
{
$job_results[] = array("job_title" => $row["job_title"], "job_info" => $row["job_info");
}
Then try to print the values. 然后尝试打印值。
Sorry but I like foreach() , so your working code is: 抱歉,但是我喜欢foreach() ,所以您的工作代码是:
<?php
// To store the result
$job_results = [];
foreach($user_id_pc as $id ){
// selecting matching rows
$query2 ="SELECT job_title, job_info FROM job_description WHERE postcode_ss = '".$id."'";
$job_data = mysqli_query($dbc, $query2);
// checking if query fetch any result
if(mysqli_num_rows($job_data)){
// fetching the result
while ($row = mysqli_fetch_array($job_data)){
// storing resulting row
$job_results[] = $row;
}
}
}
// to print the result
var_dump($job_results);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.