以下是我從MYSQL數據庫中搜索日期範圍的代碼。 我可以搜索日期,它會顯示錶格標題(Product Desc,New或Own和Date),但它不顯示數據庫中的任何結果?PHP不顯示來自MYSQL時間戳的結果搜索
任何想法,我需要如何編輯我的代碼,以便它顯示所選日期範圍的結果?
<?php
if(!isset($_POST['find']))
{
?>
<form method = "post" action = "<?php echo $_SERVER['PHP_SELF'];?>">
<table width = "450" align = "center">
<tr>
<td><b><i>Please enter date in the field below (i.e. 11-09-2012)</i></b></td>
</tr>
<tr>
<td>
From :
<input type = "text" name = "small">
To :
<input type = "text" name = "large"></td>
</tr>
<tr>
<td align = "center">
<input type = "submit" name = "find" value = "SEARCH">
<input type = "reset" value = "CLEAR FORM">
</td>
</tr>
</table>
</form>
<?php
}
else
{
$small = trim($_POST['small']);
$large = trim($_POST['large']);
$connection = mysql_pconnect("localhost", "user_name", "password") or die("Connection failed. ".myslq_error());
mysql_select_db("stock") or die("Unable to select db. ".mysql_error());
//Add 1 to the upper range, $large, else it won't make it inclusive
$query = "SELECT * FROM main_stock WHERE curr_timestamp BETWEEN DATE_FORMAT(curr_timestamp,'%".$small."') AND DATE_FORMAT(curr_timestamp, '%".($large+1)."') ORDER BY curr_timestamp";
$result = mysql_query($query) or die(mysql_error());
echo "<table width = '500' align = 'center'>";
echo "<tr><b>";
echo "<td>Product Description</td>";
echo "<td>New or Own?</td>";
echo "<td>Date</td>";
echo "</b></tr>";
while($record = mysql_fetch_object($result))
{
echo "<tr>";
echo "<td>".$record->product_desc."</td>";
echo "<td>".$record->newown."</td>";
$year_part_of_date = explode('-', $record->curr_timestamp);
echo "<td>".$year_part_of_date[0]."</td>";
//if you want the full date replace the $year_part_of_date[0] with $record->date
echo "</tr>";
}
echo "</table>";
}
?>
你檢查,查詢您產生的作品,那你得到的結果回來? – andrewsi
直接在數據庫上運行查詢會發生什麼?您使用$ small和$ large值來設置日期字符串的格式似乎沒有任何意義。 –
您尚未轉義您的受用戶干擾的變量,因此您可能在此腳本中存在SQL注入漏洞。 – halfer