更新时间:2023-02-18 20:59:41
您没有得到日期,因为引号之间有多余的空格
you getting no date because you have extra space betwee the quotes,
$query_getShows = "SELECT * FROM toho_shows WHERE toho_shows.show =' ". $show. " '";
^ HERE ^
然后将被解析为
SELECT * FROM toho_shows WHERE toho_shows.show =' gothaf '
删除它,它将起作用
remove it and it will work
$query_getShows = "SELECT * FROM toho_shows WHERE toho_shows.show ='". $show. "'";
作为附带说明,如果值( s )的变量来自外部.请查看下面的文章,以了解如何防止这种情况的发生.通过使用PreparedStatements
,您可以摆脱在值周围使用单引号的情况.
As a sidenote, the query is vulnerable with SQL Injection
if the value(s) of the variables came from the outside. Please take a look at the article below to learn how to prevent from it. By using PreparedStatements
you can get rid of using single quotes around values.