我是PHP和SQL的新手,我试图在浏览器中显示来自数据库的记录。我首先尝试测试如何在用户从下拉菜单中选择“选择”时显示记录。如何在浏览器中显示来自数据库的记录?
创建了一个名为selectById()函数
// function selectById ---------------------------------------------------------------------------------------------
function selectById($pUInput) {
echo "select by id is being called" . "<br/>";
$query = mysql_query("SELECT * FROM tblStudents
WHERE id='$pUInput[0]'");
$result = $db->query($query);
if (!$row = mysql_fetch_array($sql))
{
die('Error: ' . mysql_error());
} else {
display($query, $result);
}
//echo "selected" . "<br/>";
//echo $pUInput[0];
}
内部selectById() - 显示()被调用。显示功能被创建来显示数据库的记录。现在我试图弄清楚如何让这两个函数起作用。
// function display -------------------------------------------------------------------------------------------------
function display($pDisplay, $pResult) {
echo "display is being called";
$num_results = $results->numRows();
//display each returned row
for($i=0; $i<$num_results; $i++) {
$row = $result->fetchRow(MDB2_FETCHMODE_ASSOC);
echo stripslashes($row[id]);
echo stripslashes($row[first_name]);
echo stripslashes($row[last_name]);
echo stripslashes($row[major]);
echo stripslashes($row[year]);
}
}
PHP代码:
//Call function mainline
mainline();
// Declare the function mainline
function mainline() {
$uInput = getUserInput();
echo "Info from mainline...Action:" . " " . $uInput[5] . "<br/>";
$connectDb = openConnect(); // Open Database Connection
selectDb($connectDb); // Select Database
doAction($uInput);
//display();
//closeConnect();
}
//Declare function getUserInput ------------------------------------------------------------------------------------
function getUserInput() {
echo "In the function getUserInput()" . "<br/>";
// Variables of User Input
/*$idnum = $_POST["idnum"]; // id (NOTE: auto increments in database)
$fname = $_POST["fname"]; // first name
$lname = $_POST["lname"]; // last name
$major = $_POST["major"]; // major
$year = $_POST["year"]; // year
$action = $_POST["action"]; // action (select, insert, update, delete)*/
$idnum = mysql_real_escape_string($_POST["idnum"]);
$fname = mysql_real_escape_string($_POST["fname"]);
$lname = mysql_real_escape_string($_POST["lname"]);
$major = mysql_real_escape_string($_POST["major"]);
$year = mysql_real_escape_string($_POST["year"]);
$action = mysql_real_escape_string($_POST["action"]);
$userInput = array($idnum, $fname, $lname, $major, $year, $action);
return $userInput;
}
// function doAction ----------------------------------------------------------------------------------------------
function doAction($pUserInput) {
echo "In function doAction()" . "<br/>";
if ($pUserInput[5] == "insert") {
//checkStudentFields();
insert($pUserInput);
//echo "I need to insert!";
} elseif ($pUserInput[5] == "select") {
selectById($pUserInput);
echo "I need to select";
} elseif ($pUserInput[5] == "update") {
update($pUserInput);
echo "I need to update";
} elseif ($pUserInput[5] == "delete") {
deleteById($pUserInput);
echo "I need to delete";
}
}
// Create a database connection ------------------------------------------------------------------------------------
function openConnect() {
$connection = mysql_connect("localhost", "root_user", "password");
echo "Opened Connection!" . "<br/>";
if(!$connection) {
die("Database connection failed: " . mysql_error());
}
return $connection;
}
// Select a database to -------------------------------------------------------------------------------------------
function selectDb($pConnectDb) {
$dbSelect = mysql_select_db("School", $pConnectDb);
if(!$dbSelect) {
die("Database selection failed: " . mysql_error());
} else {
echo "You are in the School database! <br/>";
}
}
// Close database connection ------------------------------------------------------------------------------------
function closeConnect() {
mysql_close($connection);
}
// function selectById ---------------------------------------------------------------------------------------------
function selectById($pUInput) {
echo "select by id is being called" . "<br/>";
$query = mysql_query("SELECT * FROM tblStudents
WHERE id='$pUInput[0]'");
$result = $db->query($query);
if (!$row = mysql_fetch_array($sql))
{
die('Error: ' . mysql_error());
} else {
display($query, $result);
}
//echo "selected" . "<br/>";
//echo $pUInput[0];
}
// function insert -------------------------------------------------------------------------------------------------
function insert($pUInput) {
$sql="INSERT INTO tblStudents (first_name, last_name, major, year)
VALUES
('$pUInput[1]','$pUInput[2]','$pUInput[3]', '$pUInput[4]')";
if (!mysql_query($sql))
{
die('Error: ' . mysql_error());
}
echo "1 record added";
}
// function update -------------------------------------------------------------------------------------------------
function update($pUInput) {
$sql = "UPDATE tblStudents
SET first_name = '{$pUInput[1]}',
last_name = '{$pUInput[2]}',
major = '{$pUInput[3]}',
year = '{$pUInput[4]}'
WHERE id = '{$pUInput[0]}'";
if(!mysql_query($sql))
{
die('Error: ' . mysql_error());
}
echo "1 record update";
}
// function delete -------------------------------------------------------------------------------------------------
function deleteById($pUInput) {
// call select();
$sql="DELETE FROM tblStudents WHERE id='$pUInput[0]'";
$result=mysql_query($sql);
if($result){
echo "Deleted Successfully";
}else {
echo "Error";
}
}
// function display -------------------------------------------------------------------------------------------------
function display($pDisplay, $pResult) {
echo "display is being called";
$num_results = $results->numRows();
//display each returned row
for($i=0; $i<$num_results; $i++) {
$row = $result->fetchRow(MDB2_FETCHMODE_ASSOC);
echo stripslashes($row[id]);
echo stripslashes($row[first_name]);
echo stripslashes($row[last_name]);
echo stripslashes($row[major]);
echo stripslashes($row[year]);
}
}
SQL语法:
CREATE TABLE `tblStudents` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`first_name` varchar(30) NOT NULL,
`last_name` varchar(50) NOT NULL,
`major` varchar(40) NOT NULL,
`year` date NOT NULL,
PRIMARY KEY (`id`)
)
您正在滥用display()中的'stripslashes'。它用于插入数据,而不是输出数据。 – meagar 2010-09-02 14:03:22
实际上,no,stripslashes删除了像mysql_real_escape_string这样的函数添加的斜杠。当分解到MySQL中时,通过向'字符添加斜杠来逃避字符串,但不想打印出',因此您可以使用stripslashes将其删除。 – Dominique 2010-09-02 14:19:04