php Mysql 查询返回资源 ID #8 而不是所需的值
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/14744528/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Mysql query returning resource id #8 instead of desired value
提问by enifeder
Hi I am trying to discover how to fix my query to return the correct result. Here is my query:
嗨,我正在尝试发现如何修复我的查询以返回正确的结果。这是我的查询:
$selectShoeRatingQuery = "SELECT cast(round(AVG(rating)*2)/ 2 as decimal(10,1)) FROM rating WHERE shoe_id = '$_GET[id]'";
$shoeRating = mysql_query($selectShoeRatingQuery);
The query should return a number with one decimal place (3.5). It works fine when testing in PhpMyAdmin, however on my site it returns resource id #8.
查询应返回一个带一位小数的数字 (3.5)。在 PhpMyAdmin 中测试时它工作正常,但是在我的网站上它返回resource id #8.
The database connection all works fine.
数据库连接一切正常。
回答by Ry-
mysql_queryreturns a resource. You need to get a row from it:
mysql_query返回一个资源。您需要从中获取一行:
$query = mysql_query($selectShoeRatingQuery);
$row = mysql_fetch_row($query);
$shoeRating = $row[0];
And, unless you have no choice - don't use the mysql_set of extensions! They're deprecated, and PDO et al. are better. And your query is vulnerable.
而且,除非您别无选择 - 不要使用mysql_扩展集!它们已被弃用,PDO 等人。更好。而且您的查询很容易受到攻击。
回答by NullPoiиteя
Quoting from Php Manual
For SELECT, SHOW, DESCRIBE, EXPLAIN and other statements returning resultset, mysql_query() returns a resource on success, or FALSE on error.
引用PHP 手册
对于 SELECT、SHOW、DESCRIBE、EXPLAIN 和其他返回结果集的语句,mysql_query() 在成功时返回资源,在错误时返回 FALSE。
you need to fetch it for that you can use
您需要获取它才能使用
$row = MySQL_fetch_row($query);
if you dont use Prepared statements now atleast use mysql_real_escape_string
如果你现在不使用准备好的语句,至少使用 mysql_real_escape_string
'mysql_real_escape_string($_GET[id])'"
Warning
警告
your code is vulnerable to sql injectionyou need to escape all getand postand the better approach will be using Prepared statement
您的代码容易受到sql 注入的影响,您需要全部转义get,post并且更好的方法是使用Prepared 语句
Good Read
好读
- How to prevent SQL injection in PHP?
- Are PDO prepared statements sufficient to prevent SQL injection?
Note
笔记
- The entire
ext/mysqlPHP extension, which provides all functions named with the prefix mysql_, is officially deprecated as of PHP v5.5.0and will be removed in the future. So use eitherPDOorMySQLi
Good read
好读
回答by Achrome
When invoked through PHP, a select query returns a Resource, which is essentially a pointer to the first row of the result. To fetch data, you will have to use mysql_fetch_array, which will get you the row referred to by the pointer.
当通过 PHP 调用时,选择查询返回一个Resource,它本质上是一个指向结果第一行的指针。要获取数据,您必须使用mysql_fetch_array,这将为您提供指针引用的行。
After reading through the row, the pointer will auto increment to point to the next row.
读完一行后,指针将自动递增以指向下一行。
So, your code will be something like this
所以,你的代码将是这样的
$connection = mysqli_connect(...);
$query = ""; //put your query here
$result = mysqli_query($connection, $query);
while($row = mysqli_fetch_array($result, MYSQL_ASSOC)) {
//$row will contain the data of the row in an array format. Use it here.
}
Moreover, please don't use mysqlfunctions as they are deprecated now. Use MySQLi, or PDO.
此外,请不要使用mysql函数,因为它们现在已被弃用。使用 MySQLi 或 PDO。
回答by Ripa Saha
$selectShoeRatingQuery = "SELECT cast(round(AVG(rating)*2)/ 2 as decimal(10,1)) as
rating
FROM rating WHERE shoe_id = '$_GET[id]'";
$shoeRating = mysql_query($selectShoeRatingQuery);
$result = mysql_fetch_array($shoeRating);
echo $result["rating"];
回答by John Woo
try,
尝试,
SELECT round(AVG(rating) * 2.0) / 2.0 AS result
FROM rating
WHERE ....
回答by asprin
$selectShoeRatingQuery = "SELECT cast(round(AVG(rating)*2)/ 2 as decimal(10,1)) as `num` FROM rating WHERE shoe_id = '$_GET[id]'";
$shoeRating = mysql_query($selectShoeRatingQuery);
$r = mysql_fetch_row($shoeRating);
echo $r['num'];// <--- alias
