注意:未定义变量:sql和致命错误:函数名称必须为字符串[closed]

问题描述 投票:-1回答:5

我不知道这里出了什么问题。

步骤1:输入名字和姓氏步骤2:选择日期步骤3:点击“提交”按钮结果:显示结果

错误:

注意:未定义变量:sql inC:\ xampp \ htdocs \ xampp \ prive_tc \ testingphp.php,第20行

致命错误:函数名称必须为C:\ xampp \ htdocs \ xampp \ prive_tc \ testingphp.php,第20行

   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>

<?php

$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("prive_ts", $con);

$sql ("SELECT * from info");

$from = $_get['from']; // or $from = $_get['from'];
$to = $_get['to'];  // or $to = $_get['to'];
$sql .= mysql_query(" WHERE date_of_service between '".$from."' AND '".$to."' ");


if (!mysql_query($con,$sql))
      {
      die('Error: ' . mysql_error($con));
      }

?>

<form name="search_form" method="POST" action="testingphp.php">

Search: <input type="text" name="search_box" value="" />
Dates&nbsp; From : <input type="text" name="from"/>
       To : <input type="text" name="to"/> 
<input type="submit" name="search" value="Look up Patient ...">

</form>

<table width="70%" cellpadding="5" cellspace="5">

<tr>

    <td><strong>Care Provider</strong></td>
    <td><strong>Patient Name</strong></td>
    <td><strong>Date of Time</strong></td>
    <td><strong>Time In</strong></td>
    <td><strong>Time Out</strong></td>
    <td><strong>Remarks</strong></td>
</tr>

<?php while ($row = mysql_fetch_array($query)) { ?>
<tr>
    <td><?php echo $row['care_provider']; ?></td>
    <td><?php echo $row['patient_name']; ?></td>
    <td><?php echo $row['date_of_service']; ?></td>
    <td><?php echo $row['time_in']; ?></td>
    <td><?php echo $row['time_out']; ?></td>
    <td><?php echo $row['remarks']; ?></td>
</tr>
<?php } ?>

</table>


</body>
</html>
php mysql
5个回答
2
投票

然后让我们列出一个清单。

  • 需要分配SQL查询:

     $sql = "SELECT * FROM .. ";

  • 而串联:

     $sql .= mysql_query("...");

    需要拆分:

     $sql .= "WHERE ...";

    随后调用:

     $result = mysql_query($sql);

  • $_GET变量需要全部大写。

这可能不适合您的经验水平,但请考虑阅读PDO和绑定参数。

1
投票

更改

$sql ("SELECT * from info");


$sql = "SELECT * from info";

而且,出于上帝的缘故,请勿在未经验证的情况下将用户输入插入SQL查询。首先使用mysqli_real_escape_string

1
投票

$sql ("SELECT * from info");更改为$sql = "SELECT * from info";

您的代码中也存在一些错误。它不会工作。尝试这样的事情:

   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Untitled Document</title>
    </head>

    <body>

    <?php

        $con = mysql_connect("localhost","root","");
        if (!$con)
          {
          die('Could not connect: ' . mysql_error());
          }

        mysql_select_db("prive_ts", $con);

        $sql = "SELECT * from info" ;

        $from = $_get['from']; // or $from = $_get['from'];
        $to = $_get['to'];  // or $to = $_get['to'];
        $sql .= " WHERE date_of_service between '".$from."' AND '".$to."'";

        $result = mysql_query($sql,$con);
        if (!$result)
        {
            die('Error: ' . mysql_error($con));
        }

    ?>
0
投票
$sql ("SELECT * from info");

PHP将此变量视为函数,因为您没有使用'='标记,而是在引号之间添加了一些内容。例如:

$variable = "Test";
$variable(); // Outputs an error since the value is a string

您想为变量分配一个字符串。因此,您要做的是:

$sql = "SELECT * from info";
0
投票

您在第20行中错过了=正确的语法:$sql = "SELECT * from info";

并替换第24行:

$sql .= mysql_query(" WHERE date_of_service between '".$from."' AND '".$to."' ");

with:

$sql .= " WHERE date_of_service between '".$from."' AND '".$to."' ";

推荐:

  • 使用mysql_real_escape_string($keywords);strip_tags($keywords)防止SQL注入
  • PHP 5.5中不推荐使用MYSQLI代替mysql
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.