Php Sql参数警告
我想从我的HTML表单中查询3个表。我尝试了这么多的格式和条件,但这是唯一一个接近我想要实现的。我是新手,我需要帮助。我不知道我错过了什么 这是我的密码:Php Sql参数警告,php,mysql,sql,Php,Mysql,Sql,我想从我的HTML表单中查询3个表。我尝试了这么多的格式和条件,但这是唯一一个接近我想要实现的。我是新手,我需要帮助。我不知道我错过了什么 这是我的密码: if(isset($_POST['submit'])) { $Summary=$_POST['summary']; $Status=$_POST['status']; $Priority=$_POST['priority']; $db=mysql_connect (" ") or die ('I cannot
if(isset($_POST['submit'])) {
$Summary=$_POST['summary'];
$Status=$_POST['status'];
$Priority=$_POST['priority'];
$db=mysql_connect (" ") or die ('I cannot connect to the database because: ' . mysql_error());
$mydb=mysql_select_db(" ");
}
$where = '';
if(isset($Status) && !empty($Status)){
$where .= "status ='$Status' AND ";
}
if(isset($Priority) && !empty($Priority)){
$where .= "priority ='$Priority' AND ";
}
if(isset($Summary) && !empty($Summary)){
$where .= "summary ='$Summary' AND ";
}
$sql= "select * from data $where";
$result = mysql_query($sql);
if (mysql_num_rows($result)==0){
echo "No Match Found";
}else{
while($row = mysql_fetch_array($result)) {
echo $Not_Completed=$row['Not Completed'];
echo $Completed=$row['Completed'];
echo $Miscommunications =$row['Miscommunications'];
echo $Not_Given_Access=$row['Not Given Access'];
echo $Unskilled=$row['Unskilled'];
echo $Missing_Parts=$row['Missing Parts'];
echo $High=$row['High'];
echo $Medium=$row['Medium'];
echo $Low=$row['Low'];
echo $EFirst_name =$row['EFirst_name'];
echo $ELast_name=$row['ELast_name'];
echo $Employee_id=$row['Employee_id'];
}
}
<select name="status">
<option>status</option>
<option>Completed</option>
<option>Not Completed</option>
</select>
<select name="priority">
<option>priority</option>
<option>High</option>
<option>Medium</option>
<option>Low</option>
</select>
<select name="summary">
<option>summary</option>
<option>Miscommunications</option>
<option>Not Given Access</option>
<option>Unskilled</option>
<option>Missing Parts</option>
</select>
<div align="right"><input type="submit" value="Search">
$sql = "select * from data where $where";
if(isset($Status) && !empty($Status)){
$where .= "status ='$Status' AND ";
}
if(isset($Priority) && !empty($Priority)){
$where .= "priority ='$Priority' AND ";
}
if(isset($Summary) && !empty($Summary)){
$where .= "summary ='$Summary' AND ";
}
当mysql_num_rows报告此错误时,99%的情况下您的查询是错误的
$sql= "select * from data $where";
您的查询格式不正确,导致错误。在查询字符串中指定$where时,您忘记了包含where语句。您需要执行:$sql=select*from data where.$where 尝试更改这部分代码
if(isset($Status) && !empty($Status)){
$where .= "status ='$Status' AND ";
}
if(isset($Priority) && !empty($Priority)){
$where .= "priority ='$Priority' AND ";
}
if(isset($Summary) && !empty($Summary)){
$where .= "summary ='$Summary' AND ";
}
$check = 0;
if(isset($Status) && !empty($Status)){
$where .= "status ='$Status'";
$check++;
}
if(isset($Priority) && !empty($Priority)){
if($check != 0){
$where .= " AND ";
}
$where .= "priority ='$Priority'";
$check++;
}
if(isset($Summary) && !empty($Summary)){
if($check != 0){
$where .= " AND ";
}
$where .= "summary ='$Summary'";
}
if(isset($_POST['submit'])) {
$Summary=$_POST['summary'];
$Status=$_POST['status'];
$Priority=$_POST['priority'];
$db=mysql_connect (" ") or die ('I cannot connect to the database because: ' . mysql_error());
$mydb=mysql_select_db(" ");
} else {
echo "I might not be connected to a database...";
}
echo 'Connection error? ' . mysql_error();
echo 'Ping Result: ' . mysql_ping() === FALSE ? 'Not connected.' : 'Connected.';
$conditions = array();
if(isset($Status) && !empty($Status)){
$conditions[] = "status ='$Status'";
}
if(isset($Priority) && !empty($Priority)){
$conditions[] = "priority ='$Priority'";
}
if(isset($Summary) && !empty($Summary)){
$conditions[] = "summary ='$Summary'";
}
$where = '';
if (!empty($conditions)) {
$where = "WHERE " . implode(' AND ', $conditions);
}
$sql= "SELECT * FROM data $where";
echo "SQL Command: $sql";
$result = mysql_query($sql);
echo 'Query error? ' . mysql_error();
if (mysql_num_rows($result)==0){
echo "No Match Found";
}else{
while($row = mysql_fetch_array($result)) {
echo $Not_Completed=$row['Not Completed'];
echo $Completed=$row['Completed'];
echo $Miscommunications =$row['Miscommunications'];
echo $Not_Given_Access=$row['Not Given Access'];
echo $Unskilled=$row['Unskilled'];
echo $Missing_Parts=$row['Missing Parts'];
echo $High=$row['High'];
echo $Medium=$row['Medium'];
echo $Low=$row['Low'];
echo $EFirst_name =$row['EFirst_name'];
echo $ELast_name=$row['ELast_name'];
echo $Employee_id=$row['Employee_id'];
}
}
$sql=从数据$where中选择*;错误,你总是会有,最后,回显查询并查看你得到了什么。你的脚本似乎容易受到SQL注入的攻击。如果这是一个新项目,你应该切换到MySQLi或PDO_MySQL。点击查看更多信息。@Mr.Alien Sameresult@rtcherry抱歉,这是一个正在进行的项目。我在MySQL 5.5中使用phpmyadmin。有没有其他方法可以让我通过表单查询这个数据库以获得相同的结果?我仍然得到一个警告:警告:mysql_num_rows期望参数1是resource,布尔值在191行的C:\wamp\www\search.php中给出//如果mysql_num_rows$result==0…@rtcherry看到我的substr了吗?@bwoebi啊,不,我误读了。我的错。已删除注释。@bwoebi它返回以下内容:尖叫:错误抑制已忽略!警告:mysql_num_rows期望参数1是resource,布尔值在C:\wamp\www\search.php第200行给出//如果mysql_num_rows$result==0{未找到匹配项;}否则{@bwoebi我该怎么做?@print mysql_error;我不熟悉这个,但我确实很努力…如果设置$Priority而不是$Status,这将导致问题。虽然这样做有效,但通过执行以下操作,实现可能会更干净。更改此代码$sql=select*from data where$where;,您忘记添加where子句:-@DepH where子句???是否ean来自我的原始sql???$sql=选择状态、优先级、员工\员工\ id、EFirst \ U名称、项目中的ELast \ U名称、状态为“未完成”、“已完成”的员工、优先级为“高”、“中”、“低”的员工、员工\员工\ id=员工\ id不存在,我正在谈论的代码$sql=从数据$WHERE;中选择*,将此代码更改为$sql=select*from data,其中$WHERE;如果未设置$Status、$Priority或$Summary,则此选项将不起作用。此外,无论发生什么情况,都会有尾随和。@DRAXXEUS仍然相同outcome@draxxxeus我把它改成了Rcherry在上面发布的内容,结果仍然一样。这不是特别有用的信息。你确定你成功了吗连接到数据库?请查看我的编辑。搜索项目详细信息SQL命令:从数据搜索员工或客户中按字母、名字或姓氏A | B | C | D | E | F | G | H | I | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | M | U!错误警告pects参数1为资源,在第201行调用堆栈时间内存函数位置1 0.0019 168328{main}的C:\wamp\www\search.php中给出布尔值..\search.php:0 2 0.0077 175288 mysql\u num\u行..\search.php:201不匹配Found@drscmd1我想我是在您运行该代码后编辑的。我希望在输出中看到连接错误?和查询错误?。此外,我希望从Ping结果中看到一些内容:。我认为我设置HTML页面的方式有问题。我的表单操作=search.php?去吧,我可以通过字母、名字或姓氏显示搜索结果,但当我将此脚本从上面添加到Search.php文件时,我什么都没有得到。是否有电子邮件可以联系您并发送此文件给您以供我查看?结果:我可能没有连接到数据库…连接错误?connected.SQL Command:从数据查询中选择*错误?未选择数据库
$check = 0;
if(isset($Status) && !empty($Status)){
$where .= "status ='$Status'";
$check++;
}
if(isset($Priority) && !empty($Priority)){
if($check != 0){
$where .= " AND ";
}
$where .= "priority ='$Priority'";
$check++;
}
if(isset($Summary) && !empty($Summary)){
if($check != 0){
$where .= " AND ";
}
$where .= "summary ='$Summary'";
}
$conditions = array();
if(isset($Status) && !empty($Status)){
$conditions[] = "status ='$Status'";
}
if(isset($Priority) && !empty($Priority)){
$conditions[] = "priority ='$Priority'";
}
if(isset($Summary) && !empty($Summary)){
$conditions[] = "summary ='$Summary'";
}
$where = '';
if (!empty($conditions)) {
$where = "WHERE " . implode(' AND ', $conditions);
}
$sql= "SELECT * FROM data $where";
if(isset($_POST['submit'])) {
$Summary=$_POST['summary'];
$Status=$_POST['status'];
$Priority=$_POST['priority'];
$db=mysql_connect (" ") or die ('I cannot connect to the database because: ' . mysql_error());
$mydb=mysql_select_db(" ");
} else {
echo "I might not be connected to a database...";
}
echo 'Connection error? ' . mysql_error();
echo 'Ping Result: ' . mysql_ping() === FALSE ? 'Not connected.' : 'Connected.';
$conditions = array();
if(isset($Status) && !empty($Status)){
$conditions[] = "status ='$Status'";
}
if(isset($Priority) && !empty($Priority)){
$conditions[] = "priority ='$Priority'";
}
if(isset($Summary) && !empty($Summary)){
$conditions[] = "summary ='$Summary'";
}
$where = '';
if (!empty($conditions)) {
$where = "WHERE " . implode(' AND ', $conditions);
}
$sql= "SELECT * FROM data $where";
echo "SQL Command: $sql";
$result = mysql_query($sql);
echo 'Query error? ' . mysql_error();
if (mysql_num_rows($result)==0){
echo "No Match Found";
}else{
while($row = mysql_fetch_array($result)) {
echo $Not_Completed=$row['Not Completed'];
echo $Completed=$row['Completed'];
echo $Miscommunications =$row['Miscommunications'];
echo $Not_Given_Access=$row['Not Given Access'];
echo $Unskilled=$row['Unskilled'];
echo $Missing_Parts=$row['Missing Parts'];
echo $High=$row['High'];
echo $Medium=$row['Medium'];
echo $Low=$row['Low'];
echo $EFirst_name =$row['EFirst_name'];
echo $ELast_name=$row['ELast_name'];
echo $Employee_id=$row['Employee_id'];
}
}