ÇóÖú!!mysqlÊý¾Ý¿â²éѯÎÊÌâ - PHP / »ù´¡±à³Ì
ÕâÊÇÎÒµÄÒ»¶Î´úÂë:
<?php
$store_poster=$_POST['poster'];
$store_title=$_POST['title'];
$store_message=$_POST['message'];
$store_parent=$_POST['parent'];£¨parent ÊǸöÊý×Ö£¬ÆäËüµÄ¶¼ÊÇ×Ö·û´®£©
//check not a duplicate
$conn=mysql_connect('localhost','root','lvliangwei');
mysql_select_db('lvyou', $conn) or die ('Can\'t use lvyou : ' . mysql_error());
$query="select header.postid from header ,body where
header.postid=body.postid and
header.parent=".$store_parent." and
header.poster='".$store_poster."' and
header.title='".$store_title."' and
body.message='".$store_message."'";
$result=mysql_query($query)or die("invalid query: " . mysql_error());
if(!$result){return false;}
$num_rows=mysql_num_rows($result);
ÔÚä¯ÀÀÆ÷ÖÐÔËÐÐʱ³öÏÖÈëÏÂÌáʾ£º
invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server
version for the right syntax to use near 'and header.poster= and header.title= and body.message='
ÕâÊÇÔõô»ØÊ ÎÒµÄ$queryÓï¾ä¸³ÖµÓдíô£¿
$store_poster $store_title $store_message ¶¼ÊÇ¿Õ
Äã°ÑÄÇЩֵ給ÉÏ
addslashes
Óï¾äÊÇûÓÐÎÊÌ⣬Ӧ¸ÃÊÇÄã²åÈëµÄÖµµÄÎÊÌâ¡£¿ÉÄÜÊÇûÓн«
Ïà¹ØÎÊ´ð£º
Ä¿Ç°ÔÚÎ人ÕÒ¹¤×÷
·¢Ïִ󲿷ֹ«Ë¾ÎÞÍâºõÁ½ÖÖ
Ò»ÖÖÊǸãÍâ°üµÄ ÒªÓÃzend,cakephpµÈÍâ¹ú¿ò¼Ü
»¹ÒªÊìϤÍâ¹ú¿ªÔ´ÏµÍ³
Ò»ÖÖ¹úÄÚµÄ ÎÞÍâºõ dedecms ecshop shopexÕ⼸ÖÖ¸ÄÕ¾µã ÓеĹ«Ë¾ÉõÖÁÄÃһЩ¸üСµÄϵͳ¸ ......
±±¾©2ÄêPHP¾ÑéÇó¼æÖ°
½Ó·Ö
·¹ý½Ó·Ö£¡.¡£¡£¡£¡£¡£¡£¡£¡£¡£¡£
jf~~~~~~~~~~~~~~Ö§³Ö
ßÀ¡£¡£ÎÒÃÇÐèÒª¼æÖ°£¬¿ÉÊÇÔõôÁªÏµÄãѽ£¿
¶¥¡£¡£¡£ »Ø¸´ÄÚÈÝ »Ø¸´ÄÚÈÝÌ«¶ÌÁË£¡
º¼ÖÝÄãÈ¥²»È¥°¡ ¡£¡£¡£¡£¡ ......
1¡¢ÊDz»ÊÇPHPÖÐÖ»ÄÜʹÓÃmysql_query("update user_aa set money=money2-".$bpanmm." where uid=".$userppp);¸üÐÂÊý¾Ý£¿£¿£¿
2¡¢PHP¸üÐÂmysql_fetch_row($res)Óëmysql_fetch_array($res)ÖеÄÊý¾ ......
¼±Çó£ºÔÚphp½Å±¾ÀïÔõôµ÷ÓÃjsÎļþÀï·½·¨£¿
»òÕßÔÚjsÎļþÀïµ÷ÓÃphpÎļþдµÄseesion£¿
PHP¸ÕÈëÃÅѧϰ,ÓÑÇ鶥һ¸ö
¼±Çó£ºÔÚphp½Å±¾ÀïÔõôµ÷ÓÃjsÎļþÀï·½·¨£¿
//echo '<script>alert("ok");< ......
