使用javascript將用戶名獲取為子句的值，在sql中選擇

Question

我認為我不必在這里使用javascript。 但是，如果這是解決方案，我會接受。

我可以在頁面中回顯用戶名的會話。 但是，當我嘗試再次調用它以獲取用戶信息的詳細信息時，它不起作用。

這是不起作用的情況：

• 我用下面的代碼在sql select子句中回顯用戶名會話：

   $member_email = $_SESSION['member_email']; $member_name = $_SESSION['member_name']; $results = $mysqli->query("SELECT * FROM member_registry WHERE member_name='$member_name' And member_email='$member_email'"); $obj = $results->fetch_object(); echo '<tr><td colspan="6"><input type="text" readonly name="member_address" value="'.$obj->member_address_satu.'"/></td><tr>'; 

當我直接在sql select的where子句中輸入username的值時，它起作用

    $results = $mysqli->query("SELECT * FROM member_registry WHERE member_name='Someone Name'");

我非常確定用戶名會話正確。 因為當我回顯它時，它顯示了用戶名：

        <li>You Login as <?php echo $member_name;?></li>

如果我不能使用WHERE member_name='$member_name'子句，那么我想我可以使用javascript以You login as <?php echo $member_name;?來發送文本。 作為子句的字符串。

如何做到這一點，以及如何徹底解決這個問題。 請幫助，我只是在學習和學習。

我希望任何人都能理解我在這里的要求。 非常感謝所有這些。

[更新]

<?php
include_once("config.php");
$member_name = $_SESSION['member_name'];
$results = $mysqli->prepare("SELECT * FROM member_registry WHERE member_name=?");
$bind=$mysqli->bind_param('s',$member_name);
$mysqli->execute(); 
$obj = $results->fetch_object();

if(isset($_SESSION["products"])) {
    $total = 0;
    echo '<form action="cart-post-config.php" enctype="multipart/form-data" method="POST">';
    foreach ($_SESSION["products"] as $cart_itm) {
                    echo '<tr>';
                    echo '<td></td>';
                    echo '<input type="hidden" name="member_name" value="'.$member_name.'"/>';
                    echo '<td><input type="text" readonly name="product_name[]" value="'.$cart_itm["name"].'"/></td>';
                    echo '<td><input type="text" readonly name="product_price[]" value="'.$cart_itm["price"].'"/></td>';
                    echo '<td><input type="text" readonly name="product_quantity[]" value="'.$cart_itm["qty"].'"/></td>';                           
                    $totalPerEach = ($cart_itm["price"]*$cart_itm["qty"]);

                    echo '<td><input type="text" readonly name="product_eachTotal[]" value="'.$totalPerEach.'"/></td>';
                    echo '<td>View Save Delete</td>';
                    echo '</tr>';
    }


    echo '<tr><td colspan="6"><input type="text" readonly name="member_address" value="'.$obj->member_address_satu.'"/></td><tr>';                          

    echo '<tr><td colspan="6" style="text-align: right; background: yellowgreen;"><input type="submit" name="submit" /></td><tr>';
    echo '</form>';//close the form
}
else {
    echo 'Your Cart is empty'; }
?>

這是在頁面的標題。

<?php
include("config.php");  
$member_name = $_SESSION['member_name'];
$member_email = $_SESSION['member_email'];
?>
    <ul id="list-logo-menu">
        <li>Live Chat</li>
        <li>Contact</li>
        <li>You Login as <?php echo $member_name;?></li>
        <li><a href="logout.php">Logout</a></li>
    </ul>

[更新2]

                    <tr class="boder-table">
                        <td width="32"><u>No</u></td>
                        <td width="174"><u>Product Name</u></td>
                        <td width="103"><u>Price</u></td>
                        <td width="103"><u>Quantity</u></td>
                        <td width="103"><u>Total Price</u></td>
                        <td width="142"><u>Mark</u></td>
                    </tr>



 $member_name = $_SESSION['member_name'];
 $results = $mysqli->prepare("SELECT * FROM member_registry WHERE member_name=? ");
 $bind=$mysqli->bind_param('s',$member_name);//bind them here

 $result= $mysqli->execute();//execute your query
 print_r($result).'<br/>';


 if($result->num_rows<0)
 {
 $mysqli->error;
 } else echo '<br/>'.$mysqli->num_rows;


if(isset($_SESSION["products"])) {
    include_once("config.php");
    $total = 0;
    echo '<form action="cart-post-config.php" enctype="multipart/form-data" method="POST">';
    foreach ($_SESSION["products"] as $cart_itm) {
                    echo '<tr>';
                    echo '<td></td>';
                    echo '<input type="hidden" name="member_name" value="'.$member_name.'"/>';
                    echo '<td><input type="text" readonly name="product_name[]" value="'.$cart_itm["name"].'"/></td>';
                    echo '<td><input type="text" readonly name="product_price[]" value="'.$cart_itm["price"].'"/></td>';
                    echo '<td><input type="text" readonly name="product_quantity[]" value="'.$cart_itm["qty"].'"/></td>';                           
                    $totalPerEach = ($cart_itm["price"]*$cart_itm["qty"]);

                    echo '<td><input type="text" readonly name="product_eachTotal[]" value="'.$totalPerEach.'"/></td>';
                    echo '<td>View Save Delete</td>';
                    echo '</tr>';
    }


    echo '<tr><td colspan="6"><input type="text" readonly name="member_address" value="'.$obj->member_address_satu.'"/></td><tr>';                          

    echo '<tr><td colspan="6" style="text-align: right; background: yellowgreen;"><input type="submit" name="submit" /></td><tr>';
    echo '</form>';//close the form
}
else {
    echo 'Your Cart is empty'; }
?>
            </table>

Answer 1

我只是將位置移動到應該編寫新sql語句的位置。

<?php


if(isset($_SESSION["products"])) {
    include_once("config.php");
    $total = 0;
    echo '<form action="cart-post-config.php" enctype="multipart/form-data" method="POST">';
    foreach ($_SESSION["products"] as $cart_itm) {
                    echo '<tr>';
                    echo '<td></td>';
                    echo '<input type="hidden" name="member_name" value="'.$member_name.'"/>';
                    echo '<td><input type="text" readonly name="product_name[]" value="'.$cart_itm["name"].'"/></td>';
                    echo '<td><input type="text" readonly name="product_price[]" value="'.$cart_itm["price"].'"/></td>';
                    echo '<td><input type="text" readonly name="product_quantity[]" value="'.$cart_itm["qty"].'"/></td>';                           
                    $totalPerEach = ($cart_itm["price"]*$cart_itm["qty"]);

                    echo '<td><input type="text" readonly name="product_eachTotal[]" value="'.$totalPerEach.'"/></td>';
                    echo '<td>View Save Delete</td>';
                    echo '</tr>';
    }

    $member_name = $_SESSION['member_name'];
    $results = $mysqli->query("SELECT * FROM member_registry WHERE member_name='$member_name'");
    $obj = $results->fetch_object();
    echo '<span class="product-name">'.$obj->member_address_satu.'</span></br>';

    echo '<tr><td colspan="6"><input type="text" readonly name="member_address" value="'.$obj->member_address_satu.'"/></td><tr>';                          

    echo '<tr><td colspan="6" style="text-align: right; background: yellowgreen;"><input type="submit" name="submit" /></td><tr>';
    echo '</form>';//close the form
}
else {
    echo 'Your Cart is empty'; }

？>

Answer 2

您需要使用bind_param

        $member_name = $_SESSION['member_name'];
$results = $mysqli->prepare("SELECT * FROM member_registry WHERE member_name=?");
    $bind=$mysqli->bind_param('s',$member_name);//bind them here

$result= $mysqli->execute();//execute your query
$row = $result->fetch_array(MYSQLI_ASSOC);
print_r($row).'<br/>'; // to see the result. 


if($result->num_rows<0)
{
    $mysqli->error;//to check the error
} else echo '<br/>'.$mysqli->num_rows;//to print the row.


if(isset($_SESSION["products"])) {
    include_once("config.php");
    $total = 0;
    echo '<form action="cart-post-config.php" enctype="multipart/form-data" method="POST">';
    foreach ($_SESSION["products"] as $cart_itm) {
                    echo '<tr>';
                    echo '<td></td>';
                    echo '<input type="hidden" name="member_name" value="'.$member_name.'"/>';
                    echo '<td><input type="text" readonly name="product_name[]" value="'.$cart_itm["name"].'"/></td>';
                    echo '<td><input type="text" readonly name="product_price[]" value="'.$cart_itm["price"].'"/></td>';
                    echo '<td><input type="text" readonly name="product_quantity[]" value="'.$cart_itm["qty"].'"/></td>';                           
                    $totalPerEach = ($cart_itm["price"]*$cart_itm["qty"]);

                    echo '<td><input type="text" readonly name="product_eachTotal[]" value="'.$totalPerEach.'"/></td>';
                    echo '<td>View Save Delete</td>';
                    echo '</tr>';
    }


    echo '<tr><td colspan="6"><input type="text" readonly name="member_address" value="'.$obj->member_address_satu.'"/></td><tr>';                          

    echo '<tr><td colspan="6" style="text-align: right; background: yellowgreen;"><input type="submit" name="submit" /></td><tr>';
    echo '</form>';//close the form
}
else {
    echo 'Your Cart is empty'; }
?>
            </table>

Answer 3

@klaudia，首先檢查您的mysqli與數據庫的連接是否正確。 mysqli的示例連接如下。

$mysqli = mysqli_connect("localhost","mysql_user","mysql_password","database");

// Check connection
if (mysqli_connect_errno()) {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

然后通過打印會話檢查會話詳細信息是否正確。

echo $_SESSION['member_email'];
echo $_SESSION['member_name'];

然后，您需要根據需要在查詢下面觸發。

//Below is sample membername & email,you can put your session data in below two line.

$member_email = 'user@user.com';
$member_name = 'test';

//For Your scenario it would be like below. (Rememeber you need to put session_start() in top of the page)

$member_email = $_SESSION['member_email'];
$member_name = $_SESSION['member_name'];

$results = $mysqli->query("SELECT * FROM member_registry WHERE member_name='$member_name' And member_email='$member_email'");
$obj = $results->fetch_object();
echo "<pre>";print_r($obj);

請嘗試以上操作，並讓我知道是否仍然有任何問題。