我问过一个关于我的数据来自SQL数据库无法获取数据的问题。 我很好地与服务器建立了数据库连接,并显示"成功连接"但由于我的代码已过时,服务器无法从SQL数据库中获取数据。我被建议使用PDO,但我是初学者,所以,我想帮助纠正我的代码" search.php":
<?php
error_reporting(0);
include("config.php");
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>MySQL table search</title>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.0/jquery.min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js"></script>
<link href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css" rel="stylesheet" type="text/css"/>
<style>
BODY, TD {
font-family:Arial, Helvetica, sans-serif;
font-size:12px;
}
</style>
</head>
<body>
<form id="form1" name="form1" method="post" action="search.php">
<label for="from">From</label>
<input name="from" type="text" id="from" size="10" value="<?php echo $_REQUEST["from"]; ?>" />
<label for="to">to</label>
<input name="to" type="text" id="to" size="10" value="<?php echo $_REQUEST["to"]; ?>"/>
<label>Hotels:</label>
<input type="text" name="string" id="string" value="<?php echo stripcslashes($_REQUEST["string"]); ?>" />
<label>City</label>
<select name="city">
<option value="">--</option>
<?php
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." GROUP BY city ORDER BY city";
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
while ($row = mysql_fetch_assoc($sql_result)) {
echo "<option value='".$row["city"]."'".($row["city"]==$_REQUEST["city"] ? " selected" : "").">".$row["city"]."</option>";
}
?>
</select>
<label>Star</label>
<select name="star">
<option value="">--</option>
<?php
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." GROUP BY star ORDER BY star";
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
while ($row = mysql_fetch_assoc($sql_result)) {
echo "<option value='".$row["star"]."'".($row["star"]==$_REQUEST["star"] ? " selected" : "").">".$row["star"]."</option>";
}
?>
</select>
<input type="submit" name="button" id="button" value="Filter" />
</label>
<button><a style="text-decoration:none;" href="search.php">reset</a></button>
</form>
<br /><br />
<table width="700" border="1" cellspacing="0" cellpadding="4">
<tr>
<td width="90" bgcolor="#CCCCCC"><strong>From date</strong></td>
<td width="95" bgcolor="#CCCCCC"><strong>To date</strong></td>
<td width="159" bgcolor="#CCCCCC"><strong>Hotel Name</strong></td>
<td width="191" bgcolor="#CCCCCC"><strong>Email</strong></td>
<td width="113" bgcolor="#CCCCCC"><strong>City</strong></td>
<td width="113" bgcolor="#CCCCCC"><strong>Star</strong></td>
<td width="113" bgcolor="#CCCCCC"><strong>Links</strong></td>
</tr>
<?php
if ($_REQUEST["string"]<>'') {
$search_string = " AND (hotel LIKE '%".mysql_real_escape_string($_REQUEST["string"])."%' OR email LIKE '%".mysql_real_escape_string($_REQUEST["string"])."%')";
}
if ($_REQUEST["city"]<>'') {
$search_city = " AND city='".mysql_real_escape_string($_REQUEST["city"])."'";
}
if ($_REQUEST["star"]<>'') {
$search_star = " AND star='".mysql_real_escape_string($_REQUEST["star"])."'";
}
if ($_REQUEST["links"]<>'') {
$search_links = " AND links='".mysql_real_escape_string($_REQUEST["links"])."'";
}
if ($_REQUEST["from"]<>'' and $_REQUEST["to"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE from_date >= '".mysql_real_escape_string($_REQUEST["from"])."' AND to_date <= '".mysql_real_escape_string($_REQUEST["to"])."'".$search_string.$search_city.$search_string.$search_star.$search_string.$search_links;
} else if ($_REQUEST["from"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE from_date >= '".mysql_real_escape_string($_REQUEST["from"])."'".$search_string.$search_city.$ search_string.$search_star.$search_string.$search_links;
} else if ($_REQUEST["to"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE to_date <= '".mysql_real_escape_string($_REQUEST["to"])."'".$search_string.$search_city.$search_string.$search_star.$search_string.$search_links;
} else {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE id>0".$search_string.$search_city.$search_string.$search_star.$search_string.$search_links;
}
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
if (mysql_num_rows($sql_result)>0) {
while ($row = mysql_fetch_assoc($sql_result)) {
?>
<tr>
<td><?php echo $row["from_date"]; ?></td>
<td><?php echo $row["to_date"]; ?></td>
<td><?php echo $row["hotel"]; ?></td>
<td><?php echo $row["email"]; ?></td>
<td><?php echo $row["city"]; ?></td>
<td><?php echo $row["star"]; ?></td>
<td><?php echo $row["links"]; ?></td>
</tr>
<?php
}
} else {
?>
<tr><td colspan="7">No results found.</td>
<?php
}
?>
</table>
<script>
$(function() {
var dates = $( "#from, #to" ).datepicker({
defaultDate: "+1w",
changeMonth: true,
numberOfMonths: 2,
dateFormat: 'yy-mm-dd',
onSelect: function( selectedDate ) {
var option = this.id == "from" ? "minDate" : "maxDate",
instance = $( this ).data( "datepicker" ),
date = $.datepicker.parseDate(
instance.settings.dateFormat ||
$.datepicker._defaults.dateFormat,
selectedDate, instance.settings );
dates.not( this ).datepicker( "option", option, date );
}
});
});
</script>
</body>
</html>
答案 0 :(得分:-1)
您需要学习使用PDO和预处理语句。这是您编辑的代码,我只将mysql_部分更改为mysqli_。我希望你的$ sql和$ connection能够完美地运行
<?php
error_reporting(0);
include("config.php");
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>MySQL table search</title>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.0/jquery.min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js"></script>
<link href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css" rel="stylesheet" type="text/css"/>
<style>
BODY, TD {
font-family:Arial, Helvetica, sans-serif;
font-size:12px;
}
</style>
</head>
<body>
<form id="form1" name="form1" method="post" action="search.php">
<label for="from">From</label>
<input name="from" type="text" id="from" size="10" value="<?php echo $_REQUEST["from"]; ?>" />
<label for="to">to</label>
<input name="to" type="text" id="to" size="10" value="<?php echo $_REQUEST["to"]; ?>"/>
<label>Hotels:</label>
<input type="text" name="string" id="string" value="<?php echo stripcslashes($_REQUEST["string"]); ?>" />
<label>City</label>
<select name="city">
<option value="">--</option>
<?php
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." GROUP BY city ORDER BY city";
$sql_result = mysql_query ($connection, $sql) or die ('request "Could not execute SQL query" '.$sql);
while ($row = mysqli_fetch_assoc($sql_result)) {
echo "<option value='".$row["city"]."'".($row["city"]==$_REQUEST["city"] ? " selected" : "").">".$row["city"]."</option>";
}
?>
</select>
<label>Star</label>
<select name="star">
<option value="">--</option>
<?php
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." GROUP BY star ORDER BY star";
$sql_result = mysqli_query ($connection, $sql) or die ('request "Could not execute SQL query" '.$sql);
while ($row = mysqli_fetch_assoc($sql_result)) {
echo "<option value='".$row["star"]."'".($row["star"]==$_REQUEST["star"] ? " selected" : "").">".$row["star"]."</option>";
}
?>
</select>
<input type="submit" name="button" id="button" value="Filter" />
</label>
<button><a style="text-decoration:none;" href="search.php">reset</a></button>
</form>
<br /><br />
<table width="700" border="1" cellspacing="0" cellpadding="4">
<tr>
<td width="90" bgcolor="#CCCCCC"><strong>From date</strong></td>
<td width="95" bgcolor="#CCCCCC"><strong>To date</strong></td>
<td width="159" bgcolor="#CCCCCC"><strong>Hotel Name</strong></td>
<td width="191" bgcolor="#CCCCCC"><strong>Email</strong></td>
<td width="113" bgcolor="#CCCCCC"><strong>City</strong></td>
<td width="113" bgcolor="#CCCCCC"><strong>Star</strong></td>
<td width="113" bgcolor="#CCCCCC"><strong>Links</strong></td>
</tr>
<?php
if ($_REQUEST["string"]<>'') {
$search_string = " AND (hotel LIKE '%".mysql_real_escape_string($_REQUEST["string"])."%' OR email LIKE '%".mysql_real_escape_string($_REQUEST["string"])."%')";
}
if ($_REQUEST["city"]<>'') {
$search_city = " AND city='".mysql_real_escape_string($_REQUEST["city"])."'";
}
if ($_REQUEST["star"]<>'') {
$search_star = " AND star='".mysql_real_escape_string($_REQUEST["star"])."'";
}
if ($_REQUEST["links"]<>'') {
$search_links = " AND links='".mysql_real_escape_string($_REQUEST["links"])."'";
}
if ($_REQUEST["from"]<>'' and $_REQUEST["to"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE from_date >= '".mysql_real_escape_string($_REQUEST["from"])."' AND to_date <= '".mysql_real_escape_string($_REQUEST["to"])."'".$search_string.$search_city.$search_string.$search_star.$search_string.$search_links;
} else if ($_REQUEST["from"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE from_date >= '".mysql_real_escape_string($_REQUEST["from"])."'".$search_string.$search_city.$search_string.$search_star.$search_string.$search_links;
} else if ($_REQUEST["to"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE to_date <= '".mysql_real_escape_string($_REQUEST["to"])."'".$search_string.$search_city.$search_string.$search_star.$search_string.$search_links;
} else {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE id>0".$search_string.$search_city.$search_string.$search_star.$search_string.$search_links;
}
$sql_result = mysqli_query ($connection,$sql) or die ('request "Could not execute SQL query" '.$sql);
if (mysqli_num_rows($sql_result)>0) {
while ($row = mysqli_fetch_assoc($sql_result)) {
?>
<tr>
<td><?php echo $row["from_date"]; ?></td>
<td><?php echo $row["to_date"]; ?></td>
<td><?php echo $row["hotel"]; ?></td>
<td><?php echo $row["email"]; ?></td>
<td><?php echo $row["city"]; ?></td>
<td><?php echo $row["star"]; ?></td>
<td><?php echo $row["links"]; ?></td>
</tr>
<?php
}
} else {
?>
<tr><td colspan="7">No results found.</td>
<?php
}
?>
</table>
<script>
$(function() {
var dates = $( "#from, #to" ).datepicker({
defaultDate: "+1w",
changeMonth: true,
numberOfMonths: 2,
dateFormat: 'yy-mm-dd',
onSelect: function( selectedDate ) {
var option = this.id == "from" ? "minDate" : "maxDate",
instance = $( this ).data( "datepicker" ),
date = $.datepicker.parseDate(
instance.settings.dateFormat ||
$.datepicker._defaults.dateFormat,
selectedDate, instance.settings );
dates.not( this ).datepicker( "option", option, date );
}
});
});
</script>
</body>
</html>