我试图根据我的表单上的用户输入从我的数据库返回一个值。 当我使用值运行代码时它可以工作,但是当我输入变量时它不会。 我确信它很简单,但我不明白吗?
这是有效的代码:
$sql_beam = mysqli_query($link,"SELECT cost_ft FROM Beams WHERE number = '201'"); while($row = mysqli_fetch_array($sql_beam)) { echo "<p>" . $row['cost_ft'] . "</p>"; echo "<br>"; }当我将其更改为此时它不会:
$beam_num = $_POST['Beam Number']; $sql_beam = mysqli_query($link,"SELECT cost_ft FROM Beams WHERE number = '$beam_num'"); while($row = mysqli_fetch_array($sql_beam)) { echo "<p>" . $row['cost_ft'] . "</p>"; echo "<br>"; }I am trying to return a value from my database based on a user input on my form. When I run the code using a value it works but when I put in the variable it doesn't. I am sure it is something simple, but I just don't get it?
Here is the code that works:
$sql_beam = mysqli_query($link,"SELECT cost_ft FROM Beams WHERE number = '201'"); while($row = mysqli_fetch_array($sql_beam)) { echo "<p>" . $row['cost_ft'] . "</p>"; echo "<br>"; }When I change it to this it doesn't:
$beam_num = $_POST['Beam Number']; $sql_beam = mysqli_query($link,"SELECT cost_ft FROM Beams WHERE number = '$beam_num'"); while($row = mysqli_fetch_array($sql_beam)) { echo "<p>" . $row['cost_ft'] . "</p>"; echo "<br>"; }最满意答案
然后$_POST['Beam Number']为空。
此外,您不应该将任何用户输入(例如获取数据的帖子)直接放入查询中。 谷歌sql注入以及如何防范它。
尝试调试$_POST['Beam Number'] 。 你应该看到它是空的,然后你必须找出它为空的原因。
编辑如果有值,则首先将查询字符串放入变量中,然后调出它。
error_log($beam_num); $query = "SELECT cost_ft FROM Beams WHERE number = '$beam_num'"; error_log($query); $sql_beam = mysqli_query($link,$query);如果您仍然遇到问题,请提供记录的值。
Then $_POST['Beam Number'] is empty.
Also you should never put any user input such as post of get data directly into a query. Google sql injection and how to prevent it.
Try debugging $_POST['Beam Number']. You should see that it is empty and then you have to find out why it's empty.
Edit If there is a value, then debug out the query string by first placing it into a variable.
error_log($beam_num); $query = "SELECT cost_ft FROM Beams WHERE number = '$beam_num'"; error_log($query); $sql_beam = mysqli_query($link,$query);Then if you are still having trouble, please supply the values logged.
更多推荐
发布评论