【发布时间】:2016-01-16 23:28:46
【问题描述】:
我需要从 URL 获取变量 code 所以我是 $codes = $_GET['code']; (url 示例 website.com/update?code[]=7291&code[]=9274&code[]=8264&)然后我 SELECT firstname FROM guests WHERE invitecode = $codes" 然后我输出数据并设置为 $relatives = $row["firstname"] 然后稍后在我需要的文件中回显/打印print $relative。
为什么这对我不起作用?
... connection made ...
$codes = $_GET['code'];
$sql = "SELECT firstname FROM guests WHERE invitecode = $codes";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
// output data of each row
while($row = mysqli_fetch_assoc($result)) {
$relatives[] = $row["firstname"];
}
}
foreach ($relatives as $relative) {
print $relative;
}
更新:
所以现在使用:
<?php
$codes = $_GET['code'];
$thecodes = "";
foreach($codes as $vals)
$thecodes .= (int)$vals . ",";
if($thecodes != "")
{
$thecodes = trim($thecodes, ",");
$sql = "SELECT firstname FROM guests WHERE invitecode IN ($thecodes)";
$result = mysqli_query($conn, $sql);
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_assoc($result)) {
$relatives[] = $row["firstname"];
}
}
foreach ($relatives as $relative) {
print $relative;
}
}
else
{
}
?>
它可以工作,但我想将foreach ($relatives as $relative) { echo $relative; }; 输入到类似$message = $firstname . " " . $lastname . " will be coming to your event. " . ; 这样的值中。
最后会变成这样:$message = $firstname . " " . $lastname . " will be coming to your event. " . foreach ($relatives as $relative) { echo $relative . " "; };。
由于某种原因,当我将它们组合起来时它不起作用。
【问题讨论】:
-
在将用户控制变量插入 SQL 语句时,请正确处理它们:How can I prevent SQL-injection in PHP?
-
我高度建议不要只对循环中的每个代码进行单独的查询。这可笑的低效。只需构建一个
WHERE子句,然后使用一个查询,然后使用 PHP 将其构造成您想要的结构,这很容易。无论如何,foreach中的查询是一个非常糟糕的主意。我绝不会说这是可以接受的,除非它是一个个人项目,没有其他人可以访问它。
标签: php mysql sql arrays foreach