从数据库查询数据时在php中获取错误_Php_Mysql

从数据库查询数据时在php中获取错误

php mysql

从数据库查询数据时在php中获取错误,php,mysql,Php,Mysql,这是我的php代码 <?php if (isset($_POST['search'])) { require 'config.php'; $department = $_POST['department']; $class = $_POST['class']; $i = 1; $query = "SELECT `student_id` , `name`, `htno`, `department`, `class` FROM student_det

这是我的php代码

 <?php

if (isset($_POST['search'])) {
    require 'config.php';
    $department = $_POST['department'];
    $class = $_POST['class'];
    $i = 1;
    $query = "SELECT `student_id` , `name`, `htno`, `department`, `class` FROM student_detail where department=$department && class=&class";
    $result = mysqli_query($conn, $query);
    while ($row = mysqli_fetch_array($result)) {
        echo "<tr>";
        echo "<td>" . $i++ . "</td>";
        echo "<td>" . $row['name'] . "</td>";
        echo "<td>" . $row['htno'] . "</td>";
        echo "<td>" . $row['department'] . "</td>";
        echo "<td>" . $row['class'] . "</td>";
        echo "<td><a href=\"delete.php?class_id=" . $row['student_id'] . "\" onClick=\"return confirm('Are you sure you want to delete?')\">DELETE</a></td></tr>";
    }
}
?>

错误是

警告：mysqli_fetch_array（）要求参数1为mysqli_结果，布尔值`

当使用此代码时，如果我做错了什么，请帮助我。。我是php的初学者。我无法选择数据库

选择数据时，错误可能在部门和类中

<form method="post" action="" >
    <div class="form-group">
        <label for="department">Department</label>
        <select name="department" class="form-control">
            <option selected="selected">Please select your department</option>
            <?php
            require('config.php');
            $result = mysqli_query($conn, "SELECT * FROM department");

            while ($test = mysqli_fetch_array($result)) {
                echo "<option 
              value='" . $test['department_name'] . "'>" . $test['department_name'] . "</option>";
            }
            ?>
        </select>
    </div>
    <div class="form-group ">
        <label for="class">Class</label>
        <select name="class" class="form-control">
            <option selected="selected">Please select your class</option>
            <?php
            require('config.php');
            $result = mysqli_query($conn, "SELECT * FROM class");

            while ($test = mysqli_fetch_array($result)) {
                echo "<option value='" . $test['class_name'] . "'>" . $test['class_name'] . "
    </option>";
            }
            ?>
        </select>
    </div>
    <button type="submit" name="search" class="btn btn-
            primary">Submit</button>
</form>


部门
请选择您的部门
班
请选择您的班级
提交

试试这种方法。这将在查询中使用准备好的语句

            $query = "SELECT 
            `student_id`,
            `name`,
            `htno`,
            `department`,
            `class`
            FROM student_detail 
            where department = ? && class = ? ";

            $stmt = $conn->prepare($query);
            $stmt->bind_param('ss', $department, $class);  // s - string, i - ints
            $stmt->execute();
            $result = $stmt->get_result();  

            while ($row = $result->fetch_assoc()) {
            //...Do the rest of code here.

以下是有关mysqli准备好的语句的链接：

使用事先准备好的语句。也可以防止sql注入。u在查询末尾键入相同的代码。。您的查询在类前面有一个&而不是$；检查与您的MariaDB服务器版本相对应的手册，了解第1行“as”附近使用的正确语法部门和班级的价值是什么？