Php 当使用mysqli_num_rows()时,没有任何内容被回显
如果这是一个noob问题,我很抱歉,但我一直在互联网上寻找答案,却找不到任何可以解决我问题的方法。无论如何,我已经看了关于mysqli_num_行的php文档,这是因为我试图查找列中的行数。我的桌子看起来像这样:Php 当使用mysqli_num_rows()时,没有任何内容被回显,php,mysqli,Php,Mysqli,如果这是一个noob问题,我很抱歉,但我一直在互联网上寻找答案,却找不到任何可以解决我问题的方法。无论如何,我已经看了关于mysqli_num_行的php文档,这是因为我试图查找列中的行数。我的桌子看起来像这样: id | follower | followee 1 Xp10d3 IiBlurBeriI 2 IiBlurBeriI Xp10d3 Username followers. following. Username 5 followers. 2 fo
id | follower | followee
1 Xp10d3 IiBlurBeriI
2 IiBlurBeriI Xp10d3
Username
followers.
following.
Username
5 followers.
2 following.
id | follower | followee
1 Xp10d3 IiBlurBeriI
2 IiBlurBeriI Xp10d3
Username
followers.
following.
Username
5 followers.
2 following.
id | follower | followee
1 Xp10d3 IiBlurBeriI
2 IiBlurBeriI Xp10d3
Username
followers.
following.
Username
5 followers.
2 following.
<?php
session_start();
$servername = "localhost"; // Host name
$user = "xxxx"; // Mysql username
$pass = "xxxx"; // Mysql password
$dbname = "xxxx"; // Database name
$tbl_name = "forum_question"; // Table name
// Connect to server and select databse.
$conn = new mysqli($servername, $user, $pass, $dbname);
$userGet = $_GET['username'];
$userGetSQL = "SELECT USERNAME FROM data WHERE USERNAME='".$userGet."'";
$result = $conn->query($userGetSQL);
$userRow = $result->fetch_assoc();
$pfp = "SELECT PFP FROM data WHERE USERNAME = '".$_GET['username']."'";
$pfpresult = $conn->query($pfp);
$pfprow = $pfpresult->fetch_assoc();
$rank = "SELECT LEVEL FROM data WHERE USERNAME = '".$_GET['username']."'";
$rresult = $conn->query($rank);
$followers = "SELECT * FROM subscribers WHERE follower = '".$_GET['username']."'";
$fresult = $conn->query($followers);
$fcnt = $fresult->num_rows;
//echo "FOR TESTING PURPOSES! Followers query: " . $followers . ". Result: " . $fresult . ". num_rows: " . $fcnt . ".";
$following = "SELECT * FROM subscribers WHERE followee = '".$_GET['username']."'";
$ffresult = $conn->query($following);
$ffcnt = $ffresult->num_rows;
//echo "FOR TESTING PURPOSES! Following query: " . $following . ". Result: " . $ffresult . ". num_rows: " . $ffcnt. ".";
$desc = "SELECT DESCRIPTON FROM data WHERE USERNAME = '".$_GET['username']."'";
$descresult = $conn->query($desc);
$descRow = $descresult->fetch_assoc();
if (!isset($_SESSION['username']) && empty($_SESSION['username'])) {
echo 'You are not logged in! Go <a href="main_forum.php">home</a> to login!';
} else {
?>
<!DOCTYPE HTML>
<html>
<head>
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css">
<style>
body {
text-align: center;
font-family: sans-serif;
}
.card {
box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2);
max-width: 300px;
margin: auto;
text-align: center;
}
.title {
color: grey;
font-size: 18px;
}
.msg{
border: none;
outline: 0;
display: inline-block;
padding: 8px;
color: white;
background-color: #000;
text-align: center;
cursor: pointer;
width: 100%;
font-size: 18px;
}
a {
text-decoration: none;
font-size: 22px;
color: black;
}
.msg:hover, a:hover {
opacity: 0.7;
}
</style>
</head>
<body>
<button type="button" style="cursor:pointer">
<a href="main_forum.php">Home</a>
</button>
<br />
<?php
$check = mysqli_query($conn, "SELECT * FROM subscribers WHERE follower = '".$_SESSION['username']."' AND followee = '".$_GET['username']."'");
if (mysqli_num_rows($check) > 0) {
?>
<button type="button" style="cursor:pointer">
<a href='unfollow.php?username=<?php echo $userGet ?>'>Unfollow</a>
</button>
<?php
} else {
?>
<button type="button" style="cursor:pointer">
<a href='follow.php?username=<?php echo $userGet ?>'>Follow</a>
</button>
<?php
}
?>
<div class="card">
<?php
if ($pfprow['PFP'] == none.png) {
?>
<img src="<?php echo $pfprow['PFP'] ?>" id="pfp" style="width:100%" />
<?php
} else {
?>
<img src="pfp/<?php echo $pfprow['PFP'] ?>" id="pfp" style="width:100%" />
<?php
}
?>
<h1 id="username"><?php echo $_GET['username'] ?></h2>
<p id="title"><?php echo $rrow['LEVEL'] ?></p>
<p><strong><?php echo $fcount ?></strong> followers.</p>
<p><strong><?php echo $ffcount ?></strong> following.</p>
<div class="desc">
<?php
echo $descRow['DESCRIPTON'];
?>
</div>
<p><button class="msg"><i class="fa fa-envelope-o" aria-hidden="true"></i> Send Message</button></p>
</div>
</body>
</html>
<?php
}
exit();
?>
顺便说一句,是的,我知道我的代码容易受到SQL注入的攻击。我正在尝试学习如何使用预先准备好的语句。我是PHP新手,但已经使用HTML+CSS好几年了,所以我可以在以后更改代码。我不相信我有任何INSERT语句,所以这应该没问题。抛开您已经提到的SQL注入漏洞,如果您想知道有多少行,例如,follower='some_follower',请进行计数:
SELECT COUNT(1) FROM subscribers WHERE follower = 'some_follower'
$result = $conn->query("SELECT COUNT(1) FROM subscribers WHERE follower = 'some_follower'");
$row = $result->fetch_row();
echo '#: ', $row[0];
在PHP代码中,您使用fcnt和ffcnt存储行数,但在HTML表中,您使用fcount和ffcount,这是未定义的变量。您还可以接受SQL注入。参数化并使用准备好的语句。如果您只需要计数,您还应该选择count*。SQL注入也与您要执行的语句类型无关。@JoffreySchmitz哇哇;我没听清楚,谢谢!user3783243和Dharman是的,我对PHP非常陌生,正在尝试学习如何使用准备好的语句。我意识到风险。我忘记了伯爵;很抱歉。我应该调查一下。