-1

当心,我是一个编码 n00b 并且刚刚得到一个基本的 PHP 任务。当我尝试打开它时,我不断收到此错误消息

Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given in /home/jpl8ce/public_html/php_grocery1.php on line 20

这是我正在做的事情的 .php 和 .html 文件。基本上,它是一个杂货数据库,我试图在其中打印商店营业时间、地址和商店名称,其中包含用户在表单中输入的商品。

<html>
<head>
<title>Grocery Results!</title>
</head>
<body>
<h1>
<?php
$connect = mysqli_connect("localhost","jpl8ce","jpl8ce@siedb","grocery");
$item_name = $_post["input1"];

$query_String = " SELECT Stores.Name, Price, Address, Open_Time, Close_Time
FROM (Stores JOIN Carry ON Stores.Store_ID = Carry.Store_ID) JOIN Items ON Carry.Product_ID = Items.Product_ID
WHERE Items.name = $item_name
ORDER BY Close_Time DESC";


$result = mysqli_query($connect, $query_String);

while ($row = mysqli_fetch_assoc($result)) 
{

echo '<P>'.$row["Stores.Name"].', '.'</P>'; 
//echo '$' number_format($row["Price"],2).', ';
echo '<P>'.$row["Address"] .', '.'</P>';
echo '<P>'.$row["Open_Time"] .', '.'</P>';
echo '<P>'.$row["Close_Time"].'</P>';
}

mysqli_close($connect);  
?>
</h1>
</body>
</html>

这是我的 HTML 代码

<html>
<head>
<title>Grocery Database Search</title>
</head>
<body>
<H1> Grocery Database Search! </H1>
<IMG SRC='grocery_cart_2.jpg'/>
<P> Use this Search Engine to input a name of an item.
After clicking the Search button, the price of the item, as well as the address and hours of the store 
the item is located at will be displayed. </P>

<form action="php_grocery1.php" method="POST">
<p>Item: <input type="text" name="input1"/></p>
<p><input type="submit" value="Search!"/></p>
</form>
</body>
</html>

再次感谢各位!

4

1 回答 1

0

我发现您的代码存在一些问题:

  • 所有超全局变量都必须大写。替换$_post["input1"];$_POST["input1"];
  • 您的查询容易受到 SQL 注入攻击。每当您想将用户提交的数据放入查询中时,请使用转义函数,例如mysql_real_escape_string()请参阅此处的 PHP 文档)。
  • 此外,传递给 SQL 查询的字符串必须在单引号内(注意\'下面的转义引号)

  • 为了准确检测问题(可能正在发生,您应该添加错误处理代码,如下所示:

    <html>
    <head>
        <title>Grocery Results!</title>
    </head>
    <body>
        <?php
            if(!$connect = mysqli_connect("localhost","jpl8ce","jpl8ce@siedb","grocery"))
                die('Error connecting to DB!: ' . mysql_error());

            $item_name = $_POST["input1"];

            $query_String = 'SELECT Stores.Name, Price, Address, Open_Time, Close_Time
                FROM (Stores JOIN Carry ON Stores.Store_ID = Carry.Store_ID) JOIN Items ON Carry.Product_ID = Items.Product_ID
                WHERE Items.name = \'' . mysql_real_escape_string($item_name) . '\' ORDER BY Close_Time DESC';

            if(!$result = mysqli_query($connect, $query_String))
                die('Error on query: ' . mysql_error($connect));

            while ($row = mysqli_fetch_assoc($result)) {
                echo '<P>' . $row["Stores.Name"] . ', ' . '</P>';
                //echo '$' number_format($row["Price"],2).', ';
                echo '<P>' . $row["Address"] . ', ' . '</P>';
                echo '<P>' . $row["Open_Time"] . ', ' . '</P>';
                echo '<P>' . $row["Close_Time"] . '</P>';
            }

            mysqli_close($connect);
        ?>
    </body>
</html>

希望这可以帮助。

于 2012-04-09T06:06:28.717 回答