Fatal编程技术网
  • php/
  • Php 在mysql结果上运行if函数时出错

Php 在mysql结果上运行if函数时出错

php

Php 在mysql结果上运行if函数时出错,php,mysqli,Php,Mysqli,我试图在MySQL表中设置权限,但出现错误: Warning: mysqli::query() expects parameter 1 to be string, object given in /public/sites/staffpaneel.mc-wonderland.nl/index.php on line 656 Catchable fatal error: Object of class mysqli_result could not be converted to strin

我试图在MySQL表中设置权限,但出现错误:

Warning: mysqli::query() expects parameter 1 to be string, object given in 
/public/sites/staffpaneel.mc-wonderland.nl/index.php on line 656

Catchable fatal error: Object of class mysqli_result could not be converted 
to string in /public/sites/staffpaneel.mc-wonderland.nl/index.php on line 679
我已经尝试了很多方法,但都没有效果

    <?php
    //Perms
    $PermissiesUitlezen = mysqli_query($conn, "SELECT * FROM `RankPermissies` WHERE RankID ° '".$sqlDataIngelogd['RankID']."'");
    $sqlDataPermissies = mysqli_fetch_assoc($PermissiesUitlezen);

if ($conn->query($PermissiesUitlezen) === TRUE) {
    if ($sqlDataPermissies['AccountMakenMag'] == 1) {
        AccountMakenMag();
    }
    if ($sqlDataPermissies['AccountsMag'] == 1) {
        AccountsMag();
    }
    if ($sqlDataPermissies['MeldingMakenMag'] == 1) {
        MeldingMakenMag();
    }
    if ($sqlDataPermissies['RankAanmakenMag'] == 1) {
        RankAanmakenMag();
    }
    if ($sqlDataPermissies['RanksMag'] == 1) {
        RanksMag();
    }
    if ($sqlDataPermissies['StoringMakenMag'] == 1) {
        StoringMakenMag();
    }
    if ($sqlDataPermissies['StoringenMag'] == 1) {
        StoringenMag();
    }
} else {
    echo "Fout: " . $PermissiesUitlezen . "<br>" . $conn->error;
}
    ?>
您可以从

SELECT * FROM `RankPermissies` WHERE RankID ° '".$sqlDataIngelogd['RankID']."' 从“RankPermissies`WHERE RankID°”中选择*。“$sqlDataIngelogd['RankID']” 到

从'RankPermissies'中选择*其中RankID='“$sqlDataIngelogd['RankID']”
然后检查。

问题在于
$permissiesuitelizen
保存
mysqli\u query()
调用的结果,并且在
if
中,您将其用作另一个
mysqli\u query()调用的参数。这没有任何意义

实际上,如果您阅读了php.net上的手册,您将知道如何正确检查错误:


 if ($PermissiesUitlezen = mysqli_query($conn, "SELECT * FROM `RankPermissies` WHERE RankID = '".$sqlDataIngelogd['RankID']."'")) {
     $sqlDataPermissies = mysqli_fetch_assoc($PermissiesUitlezen);
     ...



注意,我还更正了sql语句(将
°
替换为
=
。但请注意,如果sql查询中有参数,则应使用准备好的语句。
警告:使用
mysqli
时,应使用和将用户数据添加到查询中。不要使用字符串插值或连接来完成此操作,因为您已创建了服务器不要将
$\u POST
$\u GET
或任何用户数据直接放入查询中,如果有人试图利用您的错误,这可能是非常有害的。php和mysqli会准确地告诉您在这种特殊情况下的错误……注意:
mysqli
的面向对象接口明显不那么冗长,使代码更易于阅读d审计,并且不容易与过时的
mysql\u查询接口混淆。在您对过程式风格投入太多之前,它值得切换。例如:
$db=new mysqli(…)
$db->prepare(“…”)
我现在有:`$sqlRankIngelogdPerms=$sqlDataIngelogd['RankID']$PermissiesUitlezen=mysqli_query($conn,“SELECT*FROM
rankpermises
WHERE RankID=”“$sqlRankIngelogdPerms.”)。

 if ($PermissiesUitlezen = mysqli_query($conn, "SELECT * FROM `RankPermissies` WHERE RankID = '".$sqlDataIngelogd['RankID']."'")) {
     $sqlDataPermissies = mysqli_fetch_assoc($PermissiesUitlezen);
     ...