首页
学习
活动
专区
工具
TVP
发布
社区首页 >问答首页 >无法将PHP检查到数据库

无法将PHP检查到数据库
EN

Stack Overflow用户
提问于 2018-06-06 04:29:30
回答 2查看 40关注 0票数 -1

我试图在PHP上做一个项目,只输入3个选项中的一个,并从数据库中获得其他2个详细信息。当我输入$acecode时,我得到了完美的结果,即员工的详细信息。但是,当我尝试输入$acename$acemail时,我得到一个错误:

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\WorkArea\HCLProject\submit.php on line 71

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\WorkArea\HCLProject\submit.php on line 80
No such record exists

虽然记录存在,但仍为-even。

请帮帮忙。

我的PHP代码

1    <?php 
2    
3    $conn = mysqli_connect("localhost","root","","project");
4    if(!$conn)
5       die("Connection failed" . mysqli_connect_error());
6    
7    $descr = $_POST['descr'];
8    $acecode = $_POST['acecode'];
9    $acename = $_POST['acename'];
10    $acemail = $_POST['acemail'];
11    $status = $_POST['status'];
12    $comments = $_POST['comments'];
13    
14    //check for acemail
15    if($acecode == NULL and $acename == NULL and $acemail != NULL)
16    {
17      $search = "SELECT * from empmaster where empmail=".$acemail;
18      $result = mysqli_query($conn,$search);
19      if(mysqli_num_rows($result) == 1)
20      {
21          while($row = mysqli_fetch_assoc($result))
22          {
23              $acecode = $row['empcode'];
24              $acename = $row['empname'];
25          }
26      }
27      
28      else if(mysqli_num_rows($result) == 0)
29      {
30          echo "No such record exists";
31          $acemail = NULL;
32      }
33      else
34      {
35          echo 'Conflicting values found in Table "empmaster".';
36          $acemail = NULL;
37      }
38    }
39    
40    //check for acecode
41    else if($acename == NULL and $acemail == NULL and $acecode != NULL)
42    {
43      $search = "SELECT * from empmaster where empcode=".$acecode;
44      $result = mysqli_query($conn,$search);
45      if(mysqli_num_rows($result) == 1)
46      {
47          while($row = mysqli_fetch_assoc($result))
48          {
49              $acemail = $row['empmail'];
50              $acename = $row['empname'];
51          }
52      }
53      
54      else if(mysqli_num_rows($result) == 0)
55      {
56          echo "No such record exists";
57          $acecode = NULL;
58      }
59      else
60      {
61          echo 'Conflicting values found in Table "empmaster".';
62          $acecode = NULL;
63      }
64    }
65    
66    //check for acename
67    else if($acecode == NULL and $acemail == NULL and $acename != NULL)
68    {
69      $search = "SELECT * from empmaster where empname like ".$acename;
70      $result = mysqli_query($conn,$search);
71      if(mysqli_num_rows($result) == 1)
72      {
73          while($row = mysqli_fetch_assoc($result))
74          {
75              $acecode = $row['empcode'];
76              $acemail = $row['empmail'];
77          }
78      }
79      
80      else if(mysqli_num_rows($result) == 0)
81      {
82          echo "No such record exists";
83          $acename = NULL;
84      }
85      else
86      {
87          echo 'Conflicting values found in Table "empmaster".';
88          $acename = NULL;
89      }
90    }
91    
92    //last condition
93    else
94    {
95      $acecode=NULL;
96      $acename=NULL;
97      $acemail=NULL;
98      echo "Input only one value of Task Actionee";
99    }
100    
101    echo $acecode."<br>".$acename."<br>".$acemail;
102    ?>
EN

回答 2

Stack Overflow用户

回答已采纳

发布于 2018-06-06 04:34:39

SQL查询错误。您需要在字段两边使用引号:

$search = "SELECT * from empmaster where empmail='".$acemail."';

再说一遍:

$search = "SELECT * from empmaster where empname like '%".$acename."%';

而且你的代码对SQL注入攻击是不敏感的。您应该改用prepared statements

票数 3
EN

Stack Overflow用户

发布于 2018-06-06 04:34:21

在SQL语句中使用输入之前,需要对输入进行清理。您还需要在select中用单引号将变量括起来。

// this needed single quotes around the variable
$search = "SELECT * from empmaster where empmail = '".$acemail."'";
票数 -1
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/50708464

复制
相关文章

相似问题

领券
问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档