否则,如果mysql和php错误
[英]Else and If mysql and php error
问题描述
I wanted to return a not available when the some data is not present but i think something is wrong in my code 
当某些数据不存在时,我想返回一个不可用,但我认为代码中有问题
$id=$_GET["id"];
$sql="SELECT * FROM book WHERE id = '".$id."' AND type = 'new'";
if(!empty($sql))
{
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
echo utf8_encode($row['bookreview']);
}
else
{
echo "<div style='text-align: center; background-color: rgb(255, 255,255);'><font style='color: rgb(204, 0, 0);' size='+3'><span style='font-weight: bold;'>review not not available.</span></font><br>";
}
If review is available it return the review while if not available the " review not available" does not echo. 如果评论可用,则返回评论,如果不可用,则“评论不可用”不回显。
4 个解决方案
解决方案1
2 2012-02-28 12:29:16
The $sql variable contains a string which is assigned prior to checking if it is empty. $sql变量包含一个在检查是否为空之前分配的字符串。 It will never be empty in this case. 在这种情况下,它永远不会为空。
Maybe what you are trying to do is check the number of results returned from the query? 也许您想要做的是检查查询返回的结果数? In order for that to happen, you have to run the query first. 为了做到这一点,您必须先运行查询。 Here is a quick (off the top of my head) example with mysqli: 这是一个使用mysqli的快速示例(不在我脑海中):
$mysqli = new mysqli("localhost", "my_user", "my_password", "my_db");
$id = $_GET["id"];
$sql = "SELECT * FROM book WHERE id = '".$id."' AND type = 'new'";
// Run query
if ( $result = $mysqli->query($sql) )
{
// We got results
var_dump($result);
$result->close();
}
else
{
// No results
echo("Oops. Nothing here.");
}
To avoid SQL injection, I recommend learning about PDO and how to write prepared statements. 为避免SQL注入,建议您学习PDO以及如何编写准备好的语句。
解决方案2
2 2012-02-28 12:29:17
$id = (int) $_GET['id']; // important !
$sql = 'SELECT * FROM book WHERE id = ' . $id. ' AND type = "new"';
$result = mysql_query($sql);
if(mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
echo utf8_encode($row['bookreview']);
} else {
echo "<div style='text-align: center; background-color: rgb(255, 255,255);'><font style='color: rgb(204, 0, 0);' size='+3'><span style='font-weight: bold;'>review not not available.</span></font><br>";
}
It's important tu cast GET parameters to specified type ( int here) to avoid SQL Injection ! 将GET参数转换为指定的类型(此处为int )非常重要,以避免SQL注入!
With mysql_num_rows you can check how many rows were returned with your query. 使用mysql_num_rows您可以检查查询返回了多少行。 You have to do a query to check it. 您必须查询才能对其进行检查。 Checking if $sql variable is empty is useless because it is just string that is always 'full' - it containst your query statement. 检查$sql变量是否为空是没有用的,因为它只是始终为'full'的字符串-它包含查询语句。
解决方案3
0 2012-02-28 12:28:37
You are actually checking if string is empty , not the result set, see it? 您实际上是在检查string是否为空 ,而不是结果集,是否看到?
!empty("any string")
will always return true. 将始终返回true。
解决方案4
0 2012-02-28 12:29:27
$sql is never going to be empty.. because is an string that you just set. $sql永远不会为空..因为这是您刚刚设置的字符串。 You might want to do: 您可能想要做:
$id=$_GET["id"];
$sql="SELECT * FROM book WHERE id = '".intval($id)."' AND type = 'new'";
$result = mysql_query($sql);
if(!empty($result) and mysql_num_rows($result) > 0)
{
$row = mysql_fetch_assoc($result);
echo utf8_encode($row['bookreview']);
}
else
{
echo "<div style='text-align: center; background-color: rgb(255, 255,255);'><font style='color: rgb(204, 0, 0);' size='+3'><span style='font-weight: bold;'>review not not available.</span></font><br>";
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.