我试图从一个MySQL表中选择数据,但我得到以下错误消息之一:
Mysql_fetch_array()期望参数1为给定的资源布尔值
这是我的代码:
$username = $_POST['username'];
$password = $_POST['password'];
$result = mysql_query('SELECT * FROM Users WHERE UserName LIKE $username');
while($row = mysql_fetch_array($result)) {
echo $row['FirstName'];
}
当前回答
任何时候你得到…
“警告:mysqli_fetch_object()期望参数1为mysqli_result,布尔给定”
…这很可能是因为您的查询有问题。prepare()或query()可能返回FALSE(一个布尔值),但是这个通用的失败消息不会给您留下太多线索。您如何发现您的查询有什么问题?你问!
首先,确保错误报告已打开并且可见:将这两行添加到文件的顶部,就在<?php标签:
error_reporting(E_ALL);
ini_set('display_errors', 1);
If your error reporting has been set in the php.ini you won't have to worry about this. Just make sure you handle errors gracefully and never reveal the true cause of any issues to your users. Revealing the true cause to the public can be a gold engraved invitation for those wanting to harm your sites and servers. If you do not want to send errors to the browser you can always monitor your web server error logs. Log locations will vary from server to server e.g., on Ubuntu the error log is typically located at /var/log/apache2/error.log. If you're examining error logs in a Linux environment you can use tail -f /path/to/log in a console window to see errors as they occur in real-time....or as you make them.
一旦您掌握了标准错误报告,在数据库连接和查询上添加错误检查将为您提供有关正在发生的问题的更多详细信息。看看这个列名不正确的例子。首先,返回通用致命错误消息的代码:
$sql = "SELECT `foo` FROM `weird_words` WHERE `definition` = ?";
$query = $mysqli->prepare($sql)); // assuming $mysqli is the connection
$query->bind_param('s', $definition);
$query->execute();
这个错误是一般的,对您解决正在发生的问题没有多大帮助。
再写几行代码,就可以得到非常详细的信息,可以立即用来解决问题。检查prepare()语句的真实性,如果它是好的,你可以继续绑定和执行。
$sql = "SELECT `foo` FROM `weird_words` WHERE `definition` = ?";
if($query = $mysqli->prepare($sql)) { // assuming $mysqli is the connection
$query->bind_param('s', $definition);
$query->execute();
// any additional code you need would go here.
} else {
$error = $mysqli->errno . ' ' . $mysqli->error; // 1054 Unknown column 'foo' in 'field list'
// handle error
}
如果出现问题,你可以发出一条错误消息,直接找到问题所在。在这种情况下,表中没有foo列,解决问题是微不足道的。
如果您愿意,可以将这种检查包含在函数或类中,并像前面提到的那样通过优雅地处理错误来扩展它。
其他回答
正如scompt.com所解释的,查询可能会失败。使用此代码获取查询的错误或正确的结果:
$username = $_POST['username'];
$password = $_POST['password'];
$result = mysql_query("
SELECT * FROM Users
WHERE UserName LIKE '".mysql_real_escape_string($username)."'
");
if($result)
{
while($row = mysql_fetch_array($result))
{
echo $row['FirstName'];
}
} else {
echo 'Invalid query: ' . mysql_error() . "\n";
echo 'Whole query: ' . $query;
}
有关更多信息,请参阅mysql_query()的文档。
实际的错误是单引号,因此没有解析变量$username。但是你应该使用mysql_real_escape_string($username)来避免SQL注入。
在$username周围加上引号。字符串值,与数字值不同,必须用引号括起来。
$result = mysql_query("SELECT * FROM Users WHERE UserName LIKE '$username'");
同样,如果不使用通配符,使用LIKE条件也没有意义:如果需要精确匹配,则使用=而不是LIKE。
<?php
$username = $_POST['username'];
$password = $_POST['password'];
$result = mysql_query("SELECT * FROM Users WHERE UserName LIKE '".$username."'");
while($row = mysql_fetch_array($result))
{
echo $row['FirstName'];
}
?>
如果有一个用户具有唯一的用户名,您可以使用“=”表示。没有必要喜欢。
您的查询将是:
mysql_query("SELECT * FROM Users WHERE UserName ='".$username."'");
在MySQL查询之前包含一个连接字符串变量。例如,下面代码中的$ connect:
$results = mysql_query($connt, "SELECT * FROM users");
首先,检查到数据库的连接。连接是否成功?
如果它完成了,那么之后我就写了这段代码,它工作得很好:
if (isset($_GET['q1mrks']) && isset($_GET['marks']) && isset($_GET['qt1'])) {
$Q1mrks = $_GET['q1mrks'];
$marks = $_GET['marks'];
$qt1 = $_GET['qt1'];
$qtype_qry = mysql_query("
SELECT *
FROM s_questiontypes
WHERE quetype_id = '$qt1'
");
$row = mysql_fetch_assoc($qtype_qry);
$qcode = $row['quetype_code'];
$sq_qry = "
SELECT *
FROM s_question
WHERE quetype_code = '$qcode'
ORDER BY RAND() LIMIT $Q1mrks
";
$sq_qry = mysql_query("
SELECT *
FROM s_question
WHERE quetype_code = '$qcode'
LIMIT $Q1mrks
");
while ($qrow = mysql_fetch_array($sq_qry)) {
$qm = $qrow['marks'] . "<br />";
$total += $qm . "<br />";
}
echo $total . "/" . $marks;
}
