function get_distinct_size_for_bracelets() {
$sql = "SELECT DISTINCT size FROM mytable WHERE id = 27 AND type='plastic' ORDER BY size";
}
这并不工作,并停止PHP死了,没有错误报告。
function get_distinct_size_for_bracelets($myvalue) {
$sql = "SELECT DISTINCT size FROM mytable WHERE id = 27 AND type=".$myvalue." ORDER BY size";
}
我已经尝试了一些配置,没有任何工作。
function get_distinct_size_for_bracelets($myvalue) {
$sql = "SELECT DISTINCT size FROM mytable WHERE id = 27 AND type='".$myvalue."' ORDER BY size";
}
您仍然需要SQL查询中的单引号。
记得引用传递的值:
function get_distinct_size_for_bracelets($myvalue)
{
$sql = "SELECT DISTINCT size FROM mytable WHERE id = 27 AND type=".$myvalue." ORDER BY size";
}
应该是:
function get_distinct_size_for_bracelets($myvalue)
{
$sql = "SELECT DISTINCT size FROM mytable WHERE id = 27 AND type='".$myvalue."' ORDER BY size";
}
注意在type添加单引号。
你还需要单引号。所以
$sql = "SELECT DISTINCT size FROM mytable WHERE id = 27 AND type='".$myvalue."' ORDER BY size";
尝试
function get_distinct_size_for_bracelets($myvalue) {
$sql = "SELECT DISTINCT size FROM mytable WHERE id = 27 AND type='".$myvalue."' ORDER BY size";
}
你不会逃避你的价值,你就忘了你的单引号,这会是我的猜测。请尝试:
function get_distinct_size_for_bracelets($myvalue) {
$query = sprintf("SELECT DISTINCT size FROM mytable WHERE id = 27 AND type='%s' ORDER BY size",
mysql_real_escape_string($myvalue));
}
这可以让您将转义值传递到字符串中,而不是使用连接。
MySQL也有不同的数据类型。而strings需要用引号括起来太:
$sql = "SELECT DISTINCT size FROM mytable WHERE id = 27 AND type='".$myvalue."' ORDER BY size";
或者额外使用mysql_real_escape_string function的更好:
$sql = "SELECT DISTINCT size FROM mytable WHERE id = 27 AND type='".mysql_real_escape_string($myvalue)."' ORDER BY size";
感谢。就是这样。我在使用数组的数据库调用的其他地方使用了单引号。所以我不知道为什么这个调用需要不同的语法。 – Jeff 2009-08-05 15:54:20
我想也许你误解了编辑。如果$ myvalue等于“foo”,使用原始脚本,SQL将变成“type = foo”,而在SQL中,这意味着“type属性等于foo属性”。用我的编辑,SQL变成“type ='foo'”,这意味着“type属性等于字符串'foo'”。 – 2009-08-05 16:06:04