-3 
   <?php

   if (isset($_COOKIE["username"])) {

$listType = $_POST['listType'];
$uid = $_COOKIE['username'];
$con = mysql_connect('localhost','xxxx','xxxx');
if(!$con)
{
        die("Could not connect: " . mysql_error());
}

$db = mysql_select_db('xxx');

$getUseridquery = mysql_query("SELECT * FROM user WHERE membername='".$uid."'") or die("error1" .mysql_error());
while ($row = mysql_fetch_array($getUseridquery)or die("error11" .mysql_error())) {
    $user_id = $row['uid'];
    typeHandler($listType, $user_id);
}

   } else {
       //something wrong
       return failure;
   }

   function typeHandler($type, $id) {
       if ($type == 'sub') {
        //get the list of subscibers if there's any
        $getSubscribe_query = mysql_query("SELECT target_id FROM subscribes WHERE owner_id='" . $id . "'") or die("error2".mysql_error());
           $subArray = mysql_fetch_array($getSubscribe_query);
           $rowcount = mysql_num_rows($getSubscribe_query) or die("error22".mysql_error());
           if ($rowcount > 0) {
            makeSubList($subArray, $id, TRUE);
           } else {
            makeSubList($subArray, $id, FALSE);
           }

       }

       if ($type == '') {

       }

   }

   function makeSubList($iArray, $id, $hasSub) {

if ($hasSub = TRUE) {
    //if user subscribed to others
    $responseArray = array();
    for ($a = 0; $a <= count($iArray); $a++) {
        makeListEntry($iArray[$a], $responseArray);
    }

    //add owner's scene
    makeListEntry($id, $responseArray);
    return $responseArray;
} else {
    //just add ower to the list
    $responseArray = array();
    makeListEntry($id, $responseArray);
    return $responseArray;
}

   }

   function makeListEntry($user_id, $responseArray) {

//scene count
$getSceneInfo = mysql_query("SELECT * FROM scene WHERE uid='" . $user_id."'") or die("error3".mysql_error());
$sceneCount = mysql_num_rows($getSubscribe_query)or die("error34".mysql_error());

//latest scene
$getLatestScene = mysql_query("SELECT * FROM scene WHERE uid='" . $user_id . "' ORDER BY time_created DESC LIMIT 1") or die("error4".mysql_error());
while($row = mysql_fetch_array($getLatestScene) or die("error44".mysql_error())){
    $title = $row['title'];
    $time = $row['time_created'];
}


//count follower
$getFollower = mysql_query("SELECT * FROM subscribes WHERE target_id='" . $user_id . "'") or die("error5".mysql_error());
$followerCount = mysql_num_rows($getFollower) or die("error54".mysql_error());

//get subscriber info
$getSubInfo = mysql_query("SELECT * FROM user WHERE uid='" . $user_id . "'") or die("error6".mysql_error());
while ($row = mysql_fetch_array($getSubInfo)or die("error66".mysql_error())){
    $dp = $row['dp_file'];
    $name = $row['name'];
}

//store data response to array
$response = array('name' => $name, 'dp' => $dp, 'title' => $title, 'uploadtime' => $time, 'scenecount' => $sceneCount, 'followercount' => $followerCount);
//store response to page
$responseArray . array_push($response);
   }

   ?>

基本上,我试图从 mySQL 中的不同表中检索一些信息,并将这些数据存储在一个数组中,这样我就可以使用 AJAX 将它们传递给其他 JavaScript 文件。

这些代码以某种方式抛出 MySQL 错误框,其中没有错误消息。

我尝试分配额外的字符串来识别每条错误消息,但它只显示我写的字符串,并没有解决任何错误。

PS 我正在使用 PhpMyAdmin。

请帮忙。

4

2 回答 2

2

很难说这是否是唯一的问题,但您无法在获取时检查错误。当没有剩余行时mysql_fetch_*()返回,但这不是错误条件:FALSE

// Don't do this!
// If no rows are found, or as soon as you have fetched all rows,
// it will exit with a bogus error.
while($row = mysql_fetch_array($getLatestScene) or die("error44".mysql_error())){}

// Instead check for errors first, then just loop:
$getLatestScene = mysql_query("SELECT * FROM scene WHERE uid='" . $user_id . "' ORDER BY time_created DESC LIMIT 1") or die("error4".mysql_error());
while($row = mysql_fetch_array($getLatestScene)){}

注意:您的脚本容易受到 SQL 注入的攻击。过滤您的输入值:

$listType = mysql_real_escape_string($_POST['listType']);
$uid = mysql_real_escape_string($_COOKIE['username']);

但是.. 将用户名存储在$_COOKIE. 相反,您应该将该值存储在$_SESSION. 任何用户都可以通过伪造 cookie 来伪装成任何其他用户。我们看不到你在哪里打电话setcookie(),但你不应该那样做。而是这样做:

// at start of script
session_start();
// Later, store the user in $_SESSION
$_SESSION['username'] = 'the username';
于 2012-09-04T14:55:19.880 回答
0

为了您的 AJAX 调试目的,您的 AJAX 模块可以

die(JSON_encode("mysql_error",mysql_error()))

使您的调试时间更容易。

于 2012-09-04T14:55:41.693 回答