0

每次我尝试使用 php 连接到数据库时,我都会不断收到此错误:Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in /homepages/12/d441172468/htdocs/Organizer/dashboard/index.php on line 258如何解决此问题?我的代码是

            $email = 'redacted@me.com_classes';

            echo $email;

            $result = mysqli_query($con,"SELECT * FROM $email");

            $classcount = 1;

            while($row = mysqli_fetch_array($result))
              {

              $period = $row['period'];
              $teacher = $row['teacher'];
              $subject = $row['subject'];
              $subjecto = strtolower($subject);
              $subjecto = str_replace(' ', '', $subjecto);
              $grade = $row['grade'];

              echo "<li id='button" . $classcount . "' onclick='" . $subjecto . "(),homework" . $classcount . "()'>" . $classcount . ". " . $subject . "-" . $grade . "</li>\n";

              $classcount += 1;

              }

当我回显它时,该$email变量工作正常。第128行是while($row = mysqli_fetch_array($result))部分

4

2 回答 2

1

如果值$email真的是你的表名,你需要引用它,因为它包含不带引号的表名@中不允许的字符(the ):

 $result = mysqli_query($con,"SELECT * FROM `$email`");

请注意,您需要在 mysql 中使用反引号引用表名和列名。

于 2013-03-08T01:56:14.273 回答
0

表名允许在ASCIIhttp ://dev.mysql.com/doc/refman/5.1/en/identifiers.html

    Permitted characters in unquoted identifiers:

    ASCII: [0-9,a-z,A-Z$_] (basic Latin letters, digits 0-9, dollar, underscore)

    Extended: U+0080 .. U+FFFF 

    Permitted characters in quoted identifiers include the full Unicode Basic Multilingual Plane (BMP), except U+0000:

    ASCII: U+0001 .. U+007F

    Extended: U+0080 .. U+FFFF 

    ASCII NUL (U+0000) and supplementary characters (U+10000 and higher) are not permitted in quoted or unquoted identifiers.

    Identifiers may begin with a digit but unless quoted may not consist solely of digits.

    Database, table, and column names cannot end with space characters.

    Before MySQL 5.1.6, database and table names cannot contain “/”, “\”, “.”, or characters that are not permitted in file names.

很奇怪,您是否已经手动添加了带有 string 的表@。我认为这不能作为表名处理?

下面略过

您的查询无效,例如更改您的代码:

mysqli_query($con,"SELECT * FROM TABLE_NAME WHERE 'email' = $email");

更改TABLE_NAME为表的名称。更改email为表 TABLE_NAME 上的电子邮件列名称。

您是 mysql 注入的受害者,因此也不会检查实体和特殊字符!

如果您的 VALUE $email 是 TABLE_NAME,那应该是 LIMITED 个字符!

于 2013-03-08T01:54:25.050 回答