开发者

How to use mySQL WHERE clause in PHP?

问答 作者:

Can't seem to pass anything from the securityinfo field. 

for ($k = 1; $k < $fieldscnt; $k++)
{
    $selectsecurityname = mysql_query("SELECT `security name` FROM securityinfo WHERE symbol = '$symbol[$k]'") or die(mysql_error());
    $securityname = mysql_fetch_array($selectsecurityname);
    $sym = $symbol[$k]

    echo "<td>$securityname[$sym]<开发者_StackOverflow社区;/td>";
}

Basically, I want to to search for the row that has a match in the symbol field, then return the value from the securityinfo field in the same row.

PHP has some limitations on how you can use variables inside quoted strings. So you can't get array elements like you are doing.

Also you should be sure to use escaping when you interpolate variables into SQL expressions like that.

$selectsecurityname = mysql_query("
    SELECT `security name` FROM securityinfo 
    WHERE symbol = '" . mysql_real_escape_string($symbol[$k]) . "'") 
  or die(mysql_error());

Or if it makes more sense to do it this way:

$sym = mysql_real_escape_string($symbol[$k]);
$selectsecurityname = mysql_query("
    SELECT `security name` FROM securityinfo 
    WHERE symbol = '{$sym}'") 
  or die(mysql_error());

$securityname is not full array immediately. If you'd like to pull out values via a key, we need to cycle through each returned row and add it to our own array:

while ($row = mysql_fetch_array($selectsecurityname) {
  $myArray[] = $row;
}

$sym = $symbol[$k];
echo "<td>".$myArray[$sym]."</td>";

For more information on mysql_fetch_array(), see the documentation: http://php.net/manual/en/function.mysql-fetch-array.php

Besides the answers of the others fixing parts of your example, there is another problem:
You (try to) grab a value from a table in your example. But when using it you access it as an array while it probably is just a string (a name).

A complete example with all things fixed would look like this:

for ($k = 1; $k < $fieldscnt; $k++)
{
    $sym = mysql_real_escape_string($symbol[$k]);
    $selectsecurityname = mysql_query("SELECT `security name` FROM securityinfo WHERE symbol='$sym'") or die(mysql_error());
    $securitynamearray = mysql_fetch_array($selectsecurityname);
    $securityname = $securitynamearray['security name'];

    echo "<td>$securityname</td>";
}

PS Curly brackets are not required for regular variables, so I omitted them.

PPS You could use mysql_fetch_row instead of mysql_fetch_array to prevent (eventually) problems with your fieldname and the space it contains:

$securitynamerow = mysql_fetch_row($selectsecurityname);
$securityname = $securitynamerow[0];

If you want to access array indexes in a string, enclose them in curly braces:

$a= array(
 'hello'=> 'world',
 'nice'=> 'one',
);

var_dump("This is the value of \$a['hello']: {$a['hello']}");

And re-write your original statement as:

for ($k = 1; $k < $fieldscnt; $k++)
    {
    $selectsecurityname = mysql_query("SELECT `security name` FROM securityinfo WHERE symbol = '{$symbol[$k]}'") or die(mysql_error());
    $securityname = mysql_fetch_array($selectsecurityname);
    $sym = $symbol[$k]

    echo "<td>{$securityname[$sym]}</td>";

Of course, you'll need to make sure that $symbol[$k] is escaped correctly for use in a mysql statement.

继续阅读:phpwhere-clause

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9