, my web page background using PHP implementation, I want to implement no click on the Query button, in the table below to display all the project information in the database; After clicking the query, display the eligible items, I now display this, I do not set the case of non-click Query, what should I write? JS or php? Roughly how to write it
So far, I've only written this.
mysql_select_db ("Wuliu", $con); $result =mysql_query ("select * from Content_info where title= ' $_post[textfield22] ' and submiter= ' $_post[textfield322] ' and Area= ' $_post[select] ' and field= ' $_post[select2] ' and pass=0 '); while ($row = Mysql_fetch_array ($result)) { Echo"; echo ""; echo ""; echo "". $row [' updatedate ']. $row [' updatetime ']./*2004-10-14 10:08:01*/'"; echo "". $row [' area '].""; echo "". $row [' field '].""; echo "". $row [' title '].""; echo "". $row [' Submiter '].""; echo ""; } mysql_close ($con);Reply content:
, my web page background using PHP implementation, I want to implement no click on the Query button, in the table below to display all the project information in the database; After clicking the query, display the eligible items, I now display this, I do not set the case of non-click Query, what should I write? JS or php? Roughly how to write it
So far, I've only written this.
mysql_select_db ("Wuliu", $con); $result =mysql_query ("select * from Content_info where title= ' $_post[textfield22] ' and submiter= ' $_post[textfield322] ' and Area= ' $_post[select] ' and field= ' $_post[select2] ' and pass=0 '); while ($row = Mysql_fetch_array ($result)) { Echo"; echo ""; echo ""; echo "". $row [' updatedate ']. $row [' updatetime ']./*2004-10-14 10:08:01*/'"; echo "". $row [' area '].""; echo "". $row [' field '].""; echo "". $row [' title '].""; echo "". $row [' Submiter '].""; echo ""; } mysql_close ($con);Determine if there is a post before the query is executed.
if(isset($_POST)){//这里是你发出来了那部分}
Problems with SQL stitching
Separate the WHERE statement.
$where = "";if(isset($_POST)){ $where = "where title='$_POST[textfield22]' and submiter='$_POST[textfield322]' and area='$_POST[select]' and field='$_POST[select2]' and pass=0"";}$result=mysql_query("SELECT * from content_info ".$where);
Parameterized queries are strongly recommended to prevent injection
Http://php.net/manual/zh/clas ...
Ideas:
1. Using paging query, each page shows 10 information
2.GET Way to submit a form to assemble SQL statements
3. Query all (paging) when there are no query criteria
Both PHP and JS are available.
The reason you gave the error is because you called the $_post variable wrong.
$result =mysql_query ("select * from Content_info where title= ' $_post[textfield22] ' and submiter= ' $_post[textfield322] ' and Area= ' $_post[select] ' and field= ' $_post[select2] ' and pass=0 ');
Switch
$result =mysql_query ("select * from Content_info where title= '". $_post[' textfield322 ']. "' and Submiter= '". $_post[' textfield322 ']. "' and Area= '". $_post[' select ']. "' and field= '". $_post[' Select2 ']. "' and pass=0 ');
As you said upstairs, it's best to do a paging process. The MySQL statement uses limit to deal with it.
Do not so splicing SQL statements ah, minutes to make a SQL injection out.
It is recommended to set the default value of the variable outside the stitching statement, and then after receiving the post data, check and filter before overwriting the old default value, and then stitching the query statement.
This is safe and solves your needs.
The value of the key within the 1.$_post array is given a default value
2. Plus pagination
3. Study hard and make Progress day by day
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
