以下是我从MYSQL数据库中搜索日期范围的代码。 我可以搜索日期,它会显示表格标题(Product Desc,New或Own和Date),但它不显示数据库中的任何结果?PHP不显示来自MYSQL时间戳的结果搜索
任何想法,我需要如何编辑我的代码,以便它显示所选日期范围的结果?
<?php
if(!isset($_POST['find']))
{
?>
<form method = "post" action = "<?php echo $_SERVER['PHP_SELF'];?>">
<table width = "450" align = "center">
<tr>
<td><b><i>Please enter date in the field below (i.e. 11-09-2012)</i></b></td>
</tr>
<tr>
<td>
From :
<input type = "text" name = "small">
To :
<input type = "text" name = "large"></td>
</tr>
<tr>
<td align = "center">
<input type = "submit" name = "find" value = "SEARCH">
<input type = "reset" value = "CLEAR FORM">
</td>
</tr>
</table>
</form>
<?php
}
else
{
$small = trim($_POST['small']);
$large = trim($_POST['large']);
$connection = mysql_pconnect("localhost", "user_name", "password") or die("Connection failed. ".myslq_error());
mysql_select_db("stock") or die("Unable to select db. ".mysql_error());
//Add 1 to the upper range, $large, else it won't make it inclusive
$query = "SELECT * FROM main_stock WHERE curr_timestamp BETWEEN DATE_FORMAT(curr_timestamp,'%".$small."') AND DATE_FORMAT(curr_timestamp, '%".($large+1)."') ORDER BY curr_timestamp";
$result = mysql_query($query) or die(mysql_error());
echo "<table width = '500' align = 'center'>";
echo "<tr><b>";
echo "<td>Product Description</td>";
echo "<td>New or Own?</td>";
echo "<td>Date</td>";
echo "</b></tr>";
while($record = mysql_fetch_object($result))
{
echo "<tr>";
echo "<td>".$record->product_desc."</td>";
echo "<td>".$record->newown."</td>";
$year_part_of_date = explode('-', $record->curr_timestamp);
echo "<td>".$year_part_of_date[0]."</td>";
//if you want the full date replace the $year_part_of_date[0] with $record->date
echo "</tr>";
}
echo "</table>";
}
?>
你检查,查询您产生的作品,那你得到的结果回来? – andrewsi
直接在数据库上运行查询会发生什么?您使用$ small和$ large值来设置日期字符串的格式似乎没有任何意义。 –
您尚未转义您的受用户干扰的变量,因此您可能在此脚本中存在SQL注入漏洞。 – halfer