MySQL - 通过 PHP 中的 ID 从列中获取值
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/13000172/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
MySQL - Get a value from column through ID in PHP
提问by slwr
I have a database with the following structure:
我有一个具有以下结构的数据库:
id msg
1 'Hello'
2 'Bye'
and I need to get "msg" value for the "id".
我需要为“id”获取“msg”值。
This is my try:
这是我的尝试:
$text = mysql_query("SELECT msg FROM text WHERE text (id) ='$msg_num'");
But it doesn't work :( Do you have suggestions? Thanks
但它不起作用:(你有什么建议吗?谢谢
回答by John Woo
remove text
消除 text
$result = mysql_query("SELECT msg FROM text WHERE id ='$msg_num'");
while ($row = mysql_fetch_array($result))
{
$text = $row['msg'];
}
your code is vulnerable with SQL InjectionPlease read the article below,
您的代码易受攻击,SQL Injection请阅读下面的文章,
回答by GBD
Change
改变
mysql_query("SELECT msg FROM text WHERE text (id) ='$msg_num'");
To
到
mysql_query("SELECT msg FROM text WHERE id ='$msg_num'");
This type of query can be cause of MySQL Injectionattacks.. so good to use to stop for 1st order injection using prepared statements.
这种类型的查询可能是MySQL 注入攻击的原因......非常适合使用准备好的语句来停止一阶注入。
1) Mysqli
1) mysqli
2) PDO
2) PDO
回答by cerealy
select id from text where id = '$msg_num'
The difference in this query is that it selects the column. There are no column named 'msg', thats the value.
此查询的不同之处在于它选择列。没有名为“msg”的列,这就是值。
edit: Sorry, read the table wrong (sideways).
编辑:对不起,读错表格(侧身)。
回答by nyson
Bad syntax.
语法错误。
$text = mysql_query("SELECT msg FROM text WHERE text (id) ='$msg_num'");
Should be:
应该:
$text = mysql_query("SELECT msg FROM text WHERE id='$msg_num'");
You can use mysql_error()to diagnose things like this.
你可以mysql_error()用来诊断这样的事情。
回答by nickhar
$text = mysql_query("SELECT msg FROM text WHERE id ='$msg_num'") or die(mysql_error());
