如何使用 MySQLi 和 PHP 从 MySQL 数据库中获取单行?
How to fetch a single row from a MySQL DB using MySQLi with PHP?
我在 MySQli 中使用 PHP,我想从整个 SQL 数据库中获取一行,这符合我的条件。请注意,这就是我当前的数据库的样子:
我想得到那一行,例如。 txnid 列的值 == $txnid (a variable)。我尝试构建符合我要求的 SQL 查询,它看起来像这样:$sql = "SELECT * FROM 'table1' WHERE 'txnid' = " . $txnid;。当我在 phpMyAdmin 中使用 raw-运行 这个查询时,它按预期工作。我只想知道,在我 运行 PHP 中的查询之后,如何使用 MySQLi 获取作为查询响应的那一行数据?
这是我用于 运行 查询的代码:
$servername = "localhost";
$username = "XXXXXXXXXXXXXX";
$password = "XXXXXXXXXXXXXX";
$dbname = "XXXXXXXXXXXXXXXX";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$txnid = $_GET['id'];
$sql = "SELECT * FROM `testtable1` WHERE `txnid` = " . $txnid;
if ($conn->query($sql) === TRUE) {
echo ""; //what should I do here, if I want to echo the 'date' param of the fetched row?
} else {
echo "Error: " . $sql . "<br>" . $conn->error . "<br>";
}
将 LIMIT 1 添加到查询的末尾以生成单行数据。
您的方法容易受到 SQL 注入攻击。使用准备好的语句来避免这种情况。以下是您可以查看的一些链接:
What is SQL injection?
-
-
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
// Create connection
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$conn = new mysqli($servername, $username, $password, $dbname);
$conn->set_charset("utf8mb4");
$txnid= $_GET['name_of_txnid_input_field'];
// prepare and bind
$stmt = $conn->prepare("SELECT * FROM `testtable1` WHERE `txnid` = ? LIMIT 1");
$stmt->bind_param("i", $txnid);
// set parameters and execute
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_assoc();
echo $row['date_field_you_want_to_display'];
$txnid = $_POST['txnid'];
$sql = "SELECT * FROM tableName WHERE txnid = $txnid";
$result = $conn->query($sql);
我在 MySQli 中使用 PHP,我想从整个 SQL 数据库中获取一行,这符合我的条件。请注意,这就是我当前的数据库的样子:
我想得到那一行,例如。 txnid 列的值 == $txnid (a variable)。我尝试构建符合我要求的 SQL 查询,它看起来像这样:$sql = "SELECT * FROM 'table1' WHERE 'txnid' = " . $txnid;。当我在 phpMyAdmin 中使用 raw-运行 这个查询时,它按预期工作。我只想知道,在我 运行 PHP 中的查询之后,如何使用 MySQLi 获取作为查询响应的那一行数据?
这是我用于 运行 查询的代码:
$servername = "localhost";
$username = "XXXXXXXXXXXXXX";
$password = "XXXXXXXXXXXXXX";
$dbname = "XXXXXXXXXXXXXXXX";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$txnid = $_GET['id'];
$sql = "SELECT * FROM `testtable1` WHERE `txnid` = " . $txnid;
if ($conn->query($sql) === TRUE) {
echo ""; //what should I do here, if I want to echo the 'date' param of the fetched row?
} else {
echo "Error: " . $sql . "<br>" . $conn->error . "<br>";
}
将 LIMIT 1 添加到查询的末尾以生成单行数据。
您的方法容易受到 SQL 注入攻击。使用准备好的语句来避免这种情况。以下是您可以查看的一些链接:
What is SQL injection?
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
// Create connection
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$conn = new mysqli($servername, $username, $password, $dbname);
$conn->set_charset("utf8mb4");
$txnid= $_GET['name_of_txnid_input_field'];
// prepare and bind
$stmt = $conn->prepare("SELECT * FROM `testtable1` WHERE `txnid` = ? LIMIT 1");
$stmt->bind_param("i", $txnid);
// set parameters and execute
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_assoc();
echo $row['date_field_you_want_to_display'];
$txnid = $_POST['txnid'];
$sql = "SELECT * FROM tableName WHERE txnid = $txnid";
$result = $conn->query($sql);