您的位置: 首页  >  技术问答  >  在PHP中为空数据库查询生成错误消息

在PHP中为空数据库查询生成错误消息

分类: 技术问答 2022-06-14 20:43:54
问题描述:

以下代码的目的是从用户获取数据库中customerID的输入(来自单独的HTML文件),然后显示订单号,订单日期和装运状态该客户ID。代码工作正常,我能够做到这一点,但我也想创建一个错误消息,如果一个不存在于数据库中的customerID被输入,而不是一个空表。 我是PHP新手,如何做到这一点的任何帮助表示赞赏。 (请注意,它必须在任何PHP或MySQL)在PHP中为空数据库查询生成错误消息

<?xml version="1.0" encoding="UTF-8"?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 
<head> 
<title>Prac 2 Task 8</title> 
</head> 
<body> 
<?php 
$conn = mysql_connect("localhost", "<username>", "<password>"); 
mysql_select_db("warehouse<##>", $conn) 
or die ('Database not found ' . mysql_error()); 
$input = $_GET["custID"]; 
$sql = "select orderNumber, orderDate, shipped from orders where customerID = $input 
order by orderDate"; 
$rs = mysql_query($sql, $conn) 
or die ('Problem with query' . mysql_error()); 
?> 
<?php 
if (orderNumber != "") { ?> 
<p>the following information was received from the user:</p> 
<p><strong>customerID = </strong> <?php echo "$input"; ?><br/><br/> 

<table border="1" summary="Order Details"> 
<tr> 
<th>Order Number</th> 
<th>Order Date</th> 
<th>Shipped</th> 
</tr> 
<?php 
while ($row = mysql_fetch_array($rs)) { ?> 
<tr> 
<td><?php echo $row["orderNumber"]?></td> 
<td><?php echo $row["orderDate"]?></td> 
<td><?php echo $row["shipped"]?></td> 

</tr> 
<?php }} 
else { 
$txt ="The CustomerID you entered was either invalid or does not exist"; 
echo $txt;?> 
<?php } 
mysql_close($conn); ?> 
</table> 
</body></html>
+1

请不要使用mysql_ *功能那些已被弃用看到这http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php/14110189#14110189 –

+0

OP可以使用mysqli或PDO。但是当你是初学者,并且你开始从教你使用Mysql的书开始学习时,他们会首先尝试理解通过不推荐使用的mysql的过程方法,然后最终继续并打开mysqli或者PDO。 – 

<?xml version="1.0" encoding="UTF-8"?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 
<head> 
<title>Prac 2 Task 8</title> 
</head> 
<body> 
<?php 
$conn = mysql_connect("localhost", "<username>", "<password>"); 
mysql_select_db("warehouse<##>", $conn) 
or die ('Database not found ' . mysql_error()); 
$input = $_GET["custID"]; 
$sql = "select orderNumber, orderDate, shipped from orders where customerID = $input 
order by orderDate"; 
$rs = mysql_query($sql, $conn) 
or die ('Problem with query' . mysql_error()); 
//validate result set here 
if(mysql_num_rows($rs)>0) 
{ 
?> 
<?php 
if (orderNumber != "") { ?> 
<p>the following information was received from the user:</p> 
<p><strong>customerID = </strong> <?php echo "$input"; ?><br/><br/> 

<table border="1" summary="Order Details"> 
<tr> 
<th>Order Number</th> 
<th>Order Date</th> 
<th>Shipped</th> 
</tr> 
<?php 
while ($row = mysql_fetch_array($rs)) { ?> 
<tr> 
<td><?php echo $row["orderNumber"]?></td> 
<td><?php echo $row["orderDate"]?></td> 
<td><?php echo $row["shipped"]?></td> 

</tr> 
<?php }} 
else { 
$txt ="The CustomerID you entered was either invalid or does not exist"; 
echo $txt;?> 
<?php } 

}//endif 
else{ 

//you error message here 
} 

mysql_close($conn); ?> 
</table> 
</body></html>
+0

非常感谢@Sundar它完美的工作^^ – ramnik5

你有很多方法可以做到这一点,这是这么多的一个:

  1. 封装你的代码一个try-catch所以很容易管理错误,比使用“或死”更好的方法
  2. 验证你的GET和POST变量的有效性,以避免SQL注入安全
  3. 你可以使用“select count (*)...“b安伏主查询,或只算主查询的结果(我放在那里)的数量

这给了约说:

<body> 
<?php 
$conn = mysql_connect("localhost", "<username>", "<password>"); 
mysql_select_db("warehouse<##>", $conn) 
or die ('Database not found ' . mysql_error()); 

try 
{ 
    $input = $_GET["custID"]; 
    // Protect yourself from SQL injection 
    if (!is_numeric($input)) 
    throw new Exception('Error: the customer ID is not a number'); 

    $sql = "select orderNumber, orderDate, shipped from orders where customerID = $input 
    order by orderDate"; 
    $rs = mysql_query($sql, $conn) 
    or die ('Problem with query' . mysql_error()); 
    ?> 
    <?php 
    if (mysql_num_rows($rs) > 0) 
    { ?> 
    <p>the following information was received from the user:</p> 
    <p><strong>customerID = </strong> <?php echo "$input"; ?><br/><br/> 

    <table border="1" summary="Order Details"> 
    <tr> 
    <th>Order Number</th> 
    <th>Order Date</th> 
    <th>Shipped</th> 
    </tr> 
    <?php 
    while ($row = mysql_fetch_array($rs)) { ?> 
    <tr> 
    <td><?php echo $row["orderNumber"]?></td> 
    <td><?php echo $row["orderDate"]?></td> 
    <td><?php echo $row["shipped"]?></td> 

    </tr> 
    <?php } 
    else 
    { 
     echo "There is no results for this customer"; 
    } 
    } 
    else { 
    $txt ="The CustomerID you entered was either invalid or does not exist"; 
    echo $txt;?> 
    <?php } 
} 
catch (Exception $e) 
{ 
    echo "Error: ".$e; 
} 
mysql_close($conn); ?> 
</table> 
</body>

相关推荐