Data Breach Query - Secure Data Retrieval with PHP and MySQL
//including the Mysql connect parameters.
$link = mysqli_connect('localhost', 'root', 'root', 'data breach');
if (!$link) {
die('连接失败: ' . mysqli_connect_error());
}
if (isset($_POST['query-menu']) && isset($_POST['input'])) {
$name = $_POST['query-menu'];
$value = mysqli_real_escape_string($link, $_POST['input']);
// 关闭自动提交
mysqli_autocommit($link, FALSE);
// 获取表名
$table_sname_query = 'SELECT table_sname FROM connection WHERE columns_sname='$name'';
$table_sname_result = mysqli_query($link, $table_sname_query);
$table_sname_row = mysqli_fetch_assoc($table_sname_result);//将查询结果返回到数组中
$table_sname = $table_sname_row['table_sname'];//只获取table_name
if($name=='Year' or $name=='Records' or $name=='S_num'){
$value=(int)$value;
// 查询数据
$query_ = 'select * from $table_sname where $name=$value';
$query_result = mysqli_query($link, $query_);
}else{// 查询数据
$query_ = 'select * from $table_sname where $name='$value'';
$query_result = mysqli_query($link, $query_);
}
if ($query_result) {
mysqli_commit($link);
mysqli_close($link);
$data = array();
while ($row = mysqli_fetch_assoc($query_result)) {
$data[] = $row;
}
$query_result_json = json_encode($data);
$url = 'index.php?query_result=' . urlencode($query_result_json);
echo '<script>window.location.href = '$url';</script>';
echo '<script>alert($query_result);</script>';
} else {
echo mysqli_affected_rows($link);
echo $query_result;
//echo mysqli_affected_rows($link);
mysqli_rollback($link);
mysqli_close($link);
echo 'false';
echo gettype($value);
echo $value;
}
}else{
mysqli_close($link);
echo '<script>alert('your input is empty');</script>';
echo '<script>window.location.href = '../welcome/welcome.html';</script>';
}```
**How to Handle Query Results in `index.php`**
To retrieve the query results in `index.php`, use the following code:
```php
if (isset($_GET['query_result'])) {
$query_result_json = $_GET['query_result'];
$query_result = json_decode($query_result_json, true);
// Process query results...
}
原文地址: https://www.cveoy.top/t/topic/obLg 著作权归作者所有。请勿转载和采集!