[英]PHP/SQL/Json Parse
我是php的超級新手,所以我需要一些幫助。 我有一段時光……我知道這很簡單!
我在這里有一個php文件: http : //theclackamasprint.net/json.php
它將信息從mysql拉到json。
我想要一個解析URL,以按其catid分隔文章(未顯示)
所以我希望能夠輸入http://theclackamasprint.net/json.php?catid=84 http://theclackamasprint.net/json.php?catid=87
等等...只有那些貓秀
這是我的代碼:
$host = "******";
$db = "******";
$user = "******";
$pass = "******";
$connection = mysql_connect($host, $user, $pass);
//Check to see if we can connect to the server
if(!$connection)
{
die("Database server connection failed.");
}
else
{
//Attempt to select the database
$dbconnect = mysql_select_db($db, $connection);
//Check to see if we could select the database
if(!$dbconnect)
{
die("Unable to connect to the specified database!");
}
else
{
$query = "SELECT title FROM tcp_content WHERE catid=84 ORDER BY publish_up DESC LIMIT 20";
$resultset = mysql_query($query, $connection);
$records = array();
//Loop through all our records and add them to our array
while($r = mysql_fetch_assoc($resultset))
{
$records[] = $r;
}
//Output the data as JSON
echo json_encode($records);
}
}
最短的解決方案涉及將catid=84
更改為catid=" . $_GET['catid'] . "
,從而將catid參數插入到MySQL查詢中。
結果行看起來像
$query = "SELECT title FROM tcp_content WHERE catid=" . $_GET['catid'] . " ORDER BY publish_up DESC LIMIT 20";
但是,這很容易受到SQL注入的攻擊,因此,如果這需要進行任何繁重的工作,請確保切換到mysqli_query()
或PDO::query()
。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.