检查SQL数据库的值

I am trying to use php to check my database to see if a value exists. My main goal is to use this value

$_GET['UDID']

and if it is equal to any value that is in the database it will return

echo 'FOUND';

I am using this code:

<?php

$servername = "*****";
$username = "*****";
$password = "*****";
$dbname = "*****";
$connect = new mysqli($servername, $username, $password, $dbname);
if ($connect->connect_error) {
    die("CONNECTION FAILED: " . $connect->connect_error);
}

$udid = $_GET['UDID'];
$id = mysqli_real_escape_string($connect, $udid);

$result = mysqli_query($connect, "SELECT udid FROM data WHERE udid = '$id'");

if($result === FALSE) {
   die("ERROR: " . mysqli_error($result));
}
else {
    while ($row = mysqli_fetch_array($result)) { 
          if($row['udid'] == $udid) {
              $results = 'Your device is already registered on our servers.';
              $results2 = 'Please click the install button below.';
              $button = 'Install';
              $buttonlink = 'https://**link here**';
          }
          else {
              $results = 'Your device is not registered on our servers';
              $results2 = 'Please click the request access button below.';
              $button = 'Request Access';
              $buttonlink = 'https://**link here**';
          }
    }
}

?>

But for some reason it is not working, I am sure I am over looking something. your help is greatly appreciated.

Try this:

$sql = mysqli_query($connect, "SELECT udid FROM data WHERE udid = '" .$udid. "'");

And also, make sure to set the value from 'GET' to $udid. Should be like this:

$udid = $_GET['UDID'];

We can use mysqli_fetch_array() instead to get the result row. I also include error handling. Now your code must look like this :

$udid = $_GET['UDID'];
$id = mysqli_real_escape_string($connect, $udid);

$result = mysqli_query($connect, "SELECT `udid` FROM `wmaystec_WMT-SS`.`data` = '$id'");

if($result === FALSE) {
   die(mysqli_error("error message for the user")); //error handling
}
else {
    while ($row = mysqli_fetch_array($result)) { 
          echo "FOUND :" .$row['thefieldnameofUDIDfromyourDB'];
    }
}

I would suggest you to first escape the string, using the mysqli_real_escape_string function, and then call the SQL query.

$udid = mysqli_real_escape_string($connect, $udid);
$sql = mysqli_query($connect, "SELECT udid FROM data WHERE udid = '$udid'");