我对类别和子类别字段有疑问。
不久,我做了这样的分类:文学,并想制作这样的下拉子菜单:诗歌,小说,非小说。
我在网站上收到所有类别,但根本无法获得子类别字段。
这是我的代码:
$category=htmlspecialchars($_REQUEST['category']);
if(isset($category)){
$avt=mysql_query("select * from category order by id asc");
while($category_id=mysql_fetch_array($avt))
{
?>
<li><a href="#"> <k style="font-size:11px;"> <?
echo $category_id['catname'];
} }
?> </k> </a>
<?
$subcategory=htmlspecialchars($_REQUEST['subcategory']);
if(isset($subcategory)){
$sql = mysql_query("SELECT t1.*,t2.* FROM category as t1, subcategory as t2 WHERE t1.id=t2.'$_REQUEST[subcat_id]'");
while($data = mysql_fetch_array($sql))
{ ?>
<ul style="z-index:101;">
<li> <k> <a href="index.php?do=cat&id=<? echo $data['id'];?>" style="border-bottom:1px solid #CECECE; position:relative; left:-40px; font-size:11px; "> <?php echo $data["subcat_name"]; ?> </a> </k></li>
<? } }
?>
这是mysql:
类别
id
catname
子类别
id
subcat_id
subcat_name
就这些。如果有人可以帮助我解决这个问题,我将不胜感激。 (显然我是初学者)
谢谢
即使您是初学者,我建议您也可能会对此进行大量调整。从数据库连接开始。 mysql_
函数在最新的PHP v5中已弃用(不建议使用),在PHP v7中将其完全删除,因为它们存在安全风险,并且大多数人都无法很好地实现。请改用PDO或MySQLi。我更喜欢PDO,因此我将演示:
# Create the connection thusly, fill in your own credentials
$con = new \PDO("mysql:host=localhost;dbname=mydatabase", $username, $password);
接下来,您应该知道isset
和empty
之间的区别。在您的情况下,如果未设置isset
,则$_REQUEST['category']
将发出警告。当您创建自己的变量时,保证可以在检查它时将其设置,因为您是手动创建的。
如果未设置$_REQUEST['category']
,则将发出警告,因为在检查之前已分配了它:
$category = htmlspecialchars($_REQUEST['category']);
此操作不会发出警告,因为您正在检查是否已设置$_REQUEST['category']
。如果不是,请默认将$category
分配给false
:
# I like to use a ternary when there are only two options, but you can use if/else
$category = (isset($_REQUEST['category']))? htmlspecialchars(trim($_REQUEST['category'])) : false;
# This part now checks if the value that you created is NOT EMPTY because you
# have just created it, so checking if it is set is illogical
if(!empty($category)):
# Now we use our connection here to query.
# Here we can use query() because we don't have any variables to add into the query,
# so it's safe to use this short version
$avt = $con->query("select * from category order by id asc");
# Same while loop, just use the PDO version of fetching the results
while($category_id = $avt->fetch(\PDO::FETCH_ASSOC)): ?>
<?php
/**
* I'm not sure why you are using a "k" tag, so just combine with "a" tag
* also, though you can use <? as a php open, it's not recommended
* lastly, you have the close tag for "a" outside the loop, that is bad syntax
* since the open is inside the loop
*/
?>
<li><a href="#" style="font-size: 11px;"><?php echo $category_id['catname'] ?></a></li>
<?php endwhile ?>
<?php endif ?>
现在顶部完成了,在代码的第二部分上您遇到了相同的问题(还有更多的问题:
# It's also worth noting here you have set this variable, but you don't actually use it...?
# Secondly, you are checking for "subcategory" here, but in the code below you are injecting "subcat_id"...should they match??
$subcategory = (isset($_REQUEST['subcategory']))? htmlspecialchars(trim($_REQUEST['subcategory'])) : false;
if(!empty($subcategory)):
# Here is where you need to make a detour with your script. What you are doing is unsafe.
# You can not inject that value right into the sql. You need to "prepare", "bind value", and "execute" it
$subcat_id = $_REQUEST['subcat_id'];
# First prepare using ? as placeholders for the value you want to search for
# The naming convention on the "subcat_id" column I assume is actually the
# the parent category? If so, maybe it should be called "parent_id" or "category_id"??
$sql = $con->prepare("SELECT t1.*, t2.* FROM category as t1, subcategory as t2 WHERE t1.id = ? AND t2.subcat_id = ?");
# Now you want to execute for those two question marks (?)
# There are a few ways to prepare and bind parameters, this way is easy
# and you can visually see what we are trying to accomplish
$sql->execute([$subcat_id, $subcat_id]) ?>
<!-- you probably don't want to be looping this (or it's close tag) -->
<ul style="z-index:101;">
<?php
# Same type of thing as your first block of code
while($data = $sql->fetch(\PDO::FETCH_ASSOC)): ?>
<li><a href="index.php?do=cat&id=<?php echo $data['id'] ?>" style="border-bottom:1px solid #CECECE; position:relative; left:-40px; font-size:11px; "> <?php echo $data["subcat_name"] ?> </a></li>
<?php endwhile ?>
<!-- end list -->
</ul>
<?php endif ?>
这里的最终结论是,在遇到主要问题(可能是您的SQL语句和所查询的值)之前,您需要做一些工作。我建议您阅读您不熟悉的任何提及的概念。