English 中文(简体)
List records in mysql using php
原标题:

This is the last thing I m gonna do, after I can make this work, I can produce to designing which might be a lot easier. Thanks for all your help. I want to list a record from mysql using php by typing a query in the text box. Then the program will list all the records that has that element, for example address. Here is my code:

      <?php
         $con = mysql_connect("localhost","root","");
         if (!$con)
         {
            die( Could not connect:   . mysql_error());
         }

         mysql_select_db("koro", $con);

         \what will I put in the WHERE ADDRESS="?
         $result = mysql_query("SELECT * FROM students WHERE ADDRESS=");

         echo "<table border= 1 >
               <tr><th>Firstname</th>
               <th>Lastname</th></tr>";

         while($row = mysql_fetch_array($result))
         {
            echo "<tr>";
            echo "<td>" . $row[ IDNUMBER ] . "</td>";
            echo "<td>" . $row[ LNAME ] . "</td>";
            echo "<td>" . $row[ FNAME ] . "</td>";
            echo "<td>" . $row[ MNAME ] . "</td>";
            echo "<td>" . $row[ GRADEYR ] . "</td>";
            echo "<td>" . $row[ ADDRESS ] . "</td>";
            echo "</tr>";
         }
         echo "</table>";

         mysql_close($con);
      ?>

The listform.html:

         <html>
         <head>
         <form action="list.php" method="post">
         address:<input type="text" name="grup" value="" /><br/>
         <input type="submit" name="List" value="" /><br/>
         </form>
         </head>
         </html>

what will I put in the WHERE ADDRESS="?thanks

最佳回答

You will find the value in the $_POST[] array.

$result = mysql_query("SELECT * FROM students WHERE ADDRESS =  {$_POST["grup"]} ");

This approach can be dangerous though - you ll want to also sanitize your $_POST[] data against SQL injection attacks - of which there are plenty of tutorials available.

时间:2010-01-18 13:38:25
问题回答

$_POST[ grup ] will contain the value in the field when posted.

Then do something like:

$result = mysql_query(sprintf("SELECT * FROM students WHERE ADDRESS= %s ", mysql_real_escape_string($_POST[ grup ], $con)));

If you dont escape the POST value with sprintf and mysql_real_escape_string you can be targeted by SQL injection attacks.

http://en.wikipedia.org/wiki/SQL_injection

时间:2010-01-18 13:40:34


上一篇:
下一篇:


相关问题
SQL SubQuery getting particular column

I noticed that there were some threads with similar questions, and I did look through them but did not really get a convincing answer. Here s my question: The subquery below returns a Table with 3 ...

时间:2009-11-13 05:35:38 回答:3 展示:1
please can anyone check this while loop and if condition

<?php $con=mysql_connect("localhost","mts","mts"); if(!con) { die( unable to connect . mysql_error()); } mysql_select_db("mts",$con); /* date_default_timezone_set ("Asia/Calcutta"); $date = ...

时间:2009-11-13 05:25:03 回答:3 展示:1
php return a specific row from query

Is it possible in php to return a specific row of data from a mysql query? None of the fetch statements that I ve found return a 2 dimensional array to access specific rows. I want to be able to ...

时间:2009-11-09 16:40:04 回答:2 展示:1
Character Encodings in PHP and MySQL

Our website was developed with a meta tag set to... <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> This works fine for M-dashes and special quotes, etc. However, I ...

时间:2009-11-09 16:15:32 回答:3 展示:1
Pagination Strategies for Complex (slow) Datasets

What are some of the strategies being used for pagination of data sets that involve complex queries? count(*) takes ~1.5 sec so we don t want to hit the DB for every page view. Currently there are ~...

时间:2009-11-09 16:02:04 回答:5 展示:1
Averaging a total in mySQL

My table looks like person_id | car_id | miles ------------------------------ 1 | 1 | 100 1 | 2 | 200 2 | 3 | 1000 2 | 4 | 500 I need to ...

时间:2009-11-09 14:43:41 回答:4 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全