Php 我的sql查询是对的还是错的?它向我显示类似警告的错误:mysqli_num_rows()期望参数1是mysqli_result,布尔值
我的问题是Php 我的sql查询是对的还是错的?它向我显示类似警告的错误:mysqli_num_rows()期望参数1是mysqli_result,布尔值,php,mysql,mariadb,Php,Mysql,Mariadb,我的问题是 $statement = "SELECT * FROM profile_details WHERE YEAR(CURDATE())-YEAR(dob) BETWEEN '$search_age' AND '$search_age1' AND gender LIKE '$search_gender' OR main_caste LIKE
$statement = "SELECT * FROM profile_details
WHERE YEAR(CURDATE())-YEAR(dob) BETWEEN '$search_age'
AND '$search_age1'
AND gender LIKE '$search_gender'
OR main_caste LIKE '$search_relegion'
OR education_type LIKE '$search_qualification'
OR occupation LIKE '$search_occupation'";
当我回显mysqli_错误($con)时代码>它正在显示消息
You have an error in your SQL syntax; check the manual that corresponds
to your MariaDB server version for the right syntax
to use near
'SELECT * FROM profile_details
WHERE YEAR(CURDATE())-YEAR(dob) BETWEEN '20' AND '' at line 1
下面给出了我的连接文件
<?php
/*Default time zone ,to be able to send mail */
date_default_timezone_set('Asia/Kolkata');
//connect database
$con = mysqli_connect ("localhost","root","root","testdb") or die ("Unable to connect. Check your connection parameters."); //host, username, password, database name
//database connect error
if (mysqli_connect_errno())
{
echo "Failed to connect to MySql: " . mysqli_connect_errno();
}
?>
搜索结果php文件为。。我正在对搜索结果使用分页。。。在这一页上,我得到了一个错误:您的SQL语法有一个错误;查看与您的MariaDB服务器版本相对应的手册,以了解在“从概要文件中选择*详细信息”附近使用的正确语法,其中
<?php
date_default_timezone_set('Asia/Kolkata');
require_once("includes/config.php");
require_once("includes/user_pagination.php");
global $con;
//if(isset($_POST['home_quick_search'])){
//get serch data from index.php
$search_gender = $_GET['s_gender'];
$search_relegion = $_GET['s_religion'];
$search_occupation = $_GET['s_occupation'];
$search_age = $_GET['s_age'];
$search_age1 = $_GET['s_age1'];
$search_qualification = $_GET['s_qualification'];
$page = (int)(!isset($_GET["page"]) ? 1 : $_GET["page"]);
if ($page <= 0) $page = 1;
$per_page = 10; // Set how many records do you want to display per page.
$startpoint = ($page * $per_page) - $per_page;
$statement = "`profile_details` WHERE `DATEDIFF(YEAR,dob,CURDATE())` AS dob BETWEEN '$search_age' AND '$search_age1' AND `gender` LIKE '$search_gender' OR `main_caste` LIKE '$search_relegion' OR `education_type` LIKE '$search_qualification' OR `occupation` LIKE '$search_occupation' ORDER BY `user_id` ASC";
//$statement = "SELECT * FROM profile_details WHERE YEAR(CURDATE())-YEAR(dob) BETWEEN '$search_age' AND '$search_age1' AND gender LIKE '$search_gender' AND main_caste LIKE '$search_relegion' AND education_type LIKE '$search_qualification' AND occupation LIKE '$search_occupation'";
$results = mysqli_query($con,"SELECT * FROM {$statement} LIMIT {$startpoint} , {$per_page}") or die (mysqli_error($con));
if (mysqli_num_rows($results) != 0) {
// displaying records.
$i = 0;
while ($row_user = mysqli_fetch_array($results)) {
$u_id = $row_user['user_id'];
$u_pid = $row_user['profile_id'];
$u_gender = $row_user['gender'];
$u_fname = $row_user['first_name'];
$u_relegion = $row_user['main_caste'];
$u_city = $row_user['city'];
$u_image = $row_user['photo'];
$u_dob = $row_user['dob'];
//age calculation
$dateOfBirth = $u_dob;
$today = date("Y-m-d");
$diff = date_diff(date_create($dateOfBirth), date_create($today));
//echo 'Age is '.$diff->format('%y');
$age = $diff->format('%y');
//age calculation ends
$u_status_all = $row_user['user_status'];
$u_status_of = $row_user['user_status']=='OFFLINE';
$u_status_on = $row_user['user_status']=='ONLINE';
echo'
<div class="col-sm-6 paid_people-left">
<ul class="profile_item">
<a href="view_profile.php?userdetail_id=$u_id">
<li class="profile_item-img">';
if (!empty($u_image)){
echo '<img src="users-photo/resized_'.$u_image.'" class="img-responsive" alt="'.$u_fname.'"/>';
}
else{
echo '<img src="images/s2.jpg" class="img-responsive" alt=""/>';
}
echo ' </li>
<li class="profile_item-desc">
<h4>Profile ID: '.$u_pid.'</h4>
<p>Age: '.$age.' Yrs, '.$u_gender.'</p>
<h5>View Full Profile</h5>
<p>';
if (!isset($u_status_on) && $u_status_of){
echo "Nope";
}
elseif (isset ($u_status_of) && $u_status_on){
echo "<img src='images/online.png' /> <span class='label label-success'>";
}
else {
if (isset ($u_status_of)){
echo "<img src='images/offline.png' /> <span class='label label-default'>";
}
}
echo "
$u_status_all</span><p>
</li>
<div class='clearfix'> </div>
</a>
</ul>
</div>";
}
} else {
echo "Sorry ! No Profiles are found.";
}
// }
?>
<div class="pagination-div">
<ul class="pagination">
<?php echo pagination($statement,$per_page,$page,$url='?'); ?>
</ul>
</div>
几个注意事项:
和
运算符的优先级高于或
运算符。添加paren可以让未来的读者更清楚地了解您的意图。您是否打算仅在性别匹配时检查年龄,否则忽略年龄条件
年龄的计算似乎有点奇怪,因为它完全忽略了月份和日期。标准模式是将裸日期列与返回日期值的表达式进行比较
WHERE ( t.dob > DATE(NOW()) - INTERVAL 25 YEAR AND
t.dob <= DATE(NOW()) - INTERVAL 19 YEAR
)
返回
b e
---------- ----------
1992-02-10 1998-02-10
为了调试SQL问题,echo或var_在提交SQL文本以供执行之前转储该文本的值
然后检查SQL
问题中显示的代码模式,包括SQL文本中的值,是我们在易受SQL注入攻击的代码中经常看到的模式。我们无法判断此代码是否易受攻击,因为我们无法判断这些值是否已正确转义
SELECT ...
FROM ( SELECT ... ) AS x -- You need parens around derived query
a AND b OR c
is treated as
( a AND b ) OR c
请在布尔表达式中添加paren,让我们相信您做得对。好吧,执行echo$语句并打印结果。它就在那里!语法错误。检查您的SQL查询,它显然是错误的。@Dimi谢谢。。。我正在尝试将出生日期转换为年龄格式…如何转换…TIMESTAMPDIFF(YEAR,dob,CURDATE())为age@Dimi谢谢我在上面试过,但它显示出同样的错误。。。。我的dob
类型是date
。。。。。。。。
SELECT ...
FROM ( SELECT ... ) AS x -- You need parens around derived query
a AND b OR c
is treated as
( a AND b ) OR c