试试下面的代码。它可能会工作得很好。

$username = $_POST['username'];
$password = $_POST['password'];
$result = mysql_query("SELECT * FROM Users WHERE UserName ='$username'");

while($row = mysql_fetch_array($result))
{
    echo $row['FirstName'];
}

当查询中出现错误导致查询失败时，将显示此错误消息。它会在使用时显现出来:

mysql_fetch_array / mysqli_fetch_array () 作用是()/ mysqli_fetch_assoc () mysql_num_rows () / mysqli_num_rows ()

注意:如果查询不影响任何行，则不会出现此错误。只有语法无效的查询才会产生此错误。

故障排除步骤

Make sure you have your development server configured to display all errors. You can do this by placing this at the top of your files or in your config file: error_reporting(-1);. If you have any syntax errors this will point them out to you. Use mysql_error(). mysql_error() will report any errors MySQL encountered while performing your query. Sample usage: mysql_connect($host, $username, $password) or die("cannot connect"); mysql_select_db($db_name) or die("cannot select DB"); $sql = "SELECT * FROM table_name"; $result = mysql_query($sql); if (false === $result) { echo mysql_error(); } Run your query from the MySQL command line or a tool like phpMyAdmin. If you have a syntax error in your query this will tell you what it is. Make sure your quotes are correct. A missing quote around the query or a value can cause a query to fail. Make sure you are escaping your values. Quotes in your query can cause a query to fail (and also leave you open to SQL injections). Use mysql_real_escape_string() to escape your input. Make sure you are not mixing mysqli_* and mysql_* functions. They are not the same thing and cannot be used together. (If you're going to choose one or the other stick with mysqli_*. See below for why.)

其他技巧

Mysql_ *函数不应该用于新代码。它们不再被维护，社区已经开始了弃用过程。相反，你应该学习准备语句并使用PDO或MySQLi。如果你不能决定，这篇文章将帮助你选择。如果你想学习，这里有一个很好的PDO教程。

在执行取回数组之前，你也可以检查$result是否失败

$username = $_POST['username'];
$password = $_POST['password'];
$result = mysql_query('SELECT * FROM Users WHERE UserName LIKE $username');
if(!$result)
{
     echo "error executing query: "+mysql_error(); 
}else{
       while($row = mysql_fetch_array($result))
       {
         echo $row['FirstName'];
       }
}

这里发生的错误是由于使用了单引号(')。你可以这样写你的查询:

mysql_query("
SELECT * FROM Users 
WHERE UserName 
LIKE '".mysql_real_escape_string ($username)."'
");

它使用mysql_real_escape_string来防止SQL注入。 虽然我们应该使用MySQLi或PDO_MYSQL扩展的升级版本的PHP (PHP 5.5.0及以后)，但对于旧版本mysql_real_escape_string将做的把戏。

这个查询应该工作:

$result = mysql_query("SELECT * FROM Users WHERE UserName LIKE '%$username%'");
while($row = mysql_fetch_array($result))
{
    echo $row['FirstName'];
}

问题是单引号，因此你的查询失败并返回FALSE，你的WHILE循环不能执行。使用%可以匹配任何包含字符串的结果(例如SomeText-$username-SomeText)。

这只是对你的问题的回答，你应该实现其他帖子中提到的东西:错误处理，使用转义字符串(用户可以在字段中输入任何内容，并且你必须确保它不是任意代码)，使用PDO代替mysql_connect，现在已经被废弃了。

在MySQL查询之前包含一个连接字符串变量。例如，下面代码中的$ connect:

$results = mysql_query($connt, "SELECT * FROM users");