我正在使用 _GET 字符串从 1 个表中的 2 列生成产品详细信息
示例 URL
...details.php?string=column1column2
问题就出在这里:
$string = $_GET['$string'] ..."SELECT * FROM table where **...??...** = '$string'"
这部分如何填写
(**...???...**)
?
希望这个问题能够在大家的帮助下尽快得到解决。 谢谢你..
首先,如果你有两个变量通过 url 传递,你会这样做
....details.php?column1=whatever_you_want&column2=whatever_you_want // here using & to seperate the two
现在你一定要获取变量
$column1 = $_GET["column1"];
$column2 = $_GET["column2"];
现在,如果column1和column2是用户输入。您应该使用准备好的语句,如下所示:
$sql = "SELECT * FROM table WHERE col1NameInDatabase = ? AND col2NameInDB = ?";
$stmt = mysqli_stmt_init($conn) //Here $conn is the connection with database that you must already have.
if (!mysqli_stmt_prepare($stmt, $conn)){
die("Database error");
}
mysqli_stmt_bind_param($stmt, "ss", $column1, $column2); //Here "ss" means both are strings.
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
mysqli_stmt_close($stmt);
//And then deal with $result
另一方面,如果column1和column2是可信的并且不是用户输入:
$sql = "SELECT * FROM table WHERE col1NameInDB = '$column1' AND col2NameInDB = '$column2'";
$result = mysqli_query($conn, $sql); // Here too $conn is the variable which connects to database, that you must have already set.
//Now deal with $result