Fatal编程技术网
  • php/
  • Php mysql_fetch_array()向self提交表单时出错

Php mysql_fetch_array()向self提交表单时出错

php mysql html forms

Php mysql_fetch_array()向self提交表单时出错,php,mysql,html,forms,Php,Mysql,Html,Forms,我有一个名为index.html的页面,它从用户那里接收一些变量,当用户提交它们时,它会转到results.php上的下一个页面(result.php)。index.html上表单中的变量会被发布。php连接到数据库,运行查询等。所有这些都可以正常工作。results.php如下所示: <?php $h = "localhost"; $u = "root"; $p = "******"; $d = "********"; //connectipn to mysql $conn = mysq

我有一个名为index.html的页面,它从用户那里接收一些变量,当用户提交它们时,它会转到results.php上的下一个页面(result.php)。index.html上表单中的变量会被发布。php连接到数据库,运行查询等。所有这些都可以正常工作。results.php如下所示:

<?php
$h = "localhost";
$u = "root";
$p = "******";
$d = "********";
//connectipn to mysql
$conn = mysql_connect( $h, $u, $p );
//connection to database
mysql_select_db($d);
$code = $_POST['code'];
$usage = $_POST['usage'];
$days = $_POST['days'];
$value = $_POST['value];
$sql_runners_up = "SELECT code
from some_table
where number = $value;"
$plans['p_h10'] = array();
$rs2 = mysql_query( $sql_runners_up, $conn );
while ( $row = mysql_fetch_array( $rs2 ))
{
    $plans['p_h10'][] = $row["p_h10"];
}
?>

看起来你打字打错了


    <?php
    $h = "localhost";
    $u = "root";
    $p = "******";
    $d = "********";
    //connectipn to mysql
    $conn = mysql_connect( $h, $u, $p );
    //connection to database
    mysql_select_db($d);
    $code = $_POST['code'];
    $usage = $_POST['usage'];
    $days = $_POST['days'];
    $value = $_POST['value']; // here
    $sql_runners_up = "SELECT code
    from some_table
    where number = $value"; // and here
    $plans['p_h10'] = array();
    $rs2 = mysql_query( $sql_runners_up, $conn );
    while ( $row = mysql_fetch_array( $rs2 ))
    {
        $plans['p_h10'][] = $row["p_h10"];
    } ?>



这是因为
mysql\u query
返回false。
另外,在您的代码中,有一个语法错误


$value = $_POST['value'];


此外,您的代码易受攻击。不要相信用户的输入

所以,正确的代码应该是


$value = intval($_POST['value']);



首先,此行无效:


$value = $_POST['value]; 


它应该是
$\u POST['value']

但是,此错误通常发生在查询出错或连接不好时。检查您的
mysql\u connect()
&
mysql\u select\u db()
设置,可能不好。
尝试以下方法:


$sql_runners_up = "SELECT * from some_table where number = '$value';"


并检查
$value
是否包含该值

编辑:在上面的代码中,我使用
*
选择所有字段,因为您在代码中看到的是:


$sql_runners_up = "SELECT code from some_table where number = $value;"


在fetch查询中,您正在调用字段名
p_h10


while ( $row = mysql_fetch_array( $rs2 ))
{
   // didn't selected $row["p_h10"] in your query
   $plans['p_h10'][] = $row["p_h10"];
}


尝试:


您的代码易受攻击。查看一些关于SQLi的文章

$sql_runners_up = "SELECT code from some_table where number = $value;"



while ( $row = mysql_fetch_array( $rs2 ))
{
   // didn't selected $row["p_h10"] in your query
   $plans['p_h10'][] = $row["p_h10"];
}




$value = (int) $value;
$sql_runners_up = "SELECT code from some_table where number = $value";
$plans['p_h10'] = array();
$rs2 = mysql_query( $sql_runners_up);