0

我为我的网站创建了一个搜索页面,你可以在这里看到

我从本教程中得到的

在搜索框中输入任何内容并点击搜索时,我收到一些错误消息:

* *警告:mysql_real_escape_string() [function.mysql-real-escape-string]:第 46 行 article.php 中用户 'root'@'localhost' 的访问被拒绝(使用密码:否)

警告:mysql_real_escape_string() [function.mysql-real-escape-string]:无法在第 46 行的 article.php 中建立到服务器的链接

警告:mysql_query() [function.mysql-query]:第 61 行 article.php 中用户 'root'@'localhost' 的访问被拒绝(使用密码:否)

警告:mysql_query() [function.mysql-query]:无法在第 61 行的 article.php 中建立到服务器的链接

警告:mysql_fetch_assoc() 期望参数 1 是资源,在第 64 行的 article.php 中给出的布尔值

谁能明白这意味着什么?

我的 search.php 代码是这样的: 

<?php

include_once('include/connection.php');
include_once('include/article.php');


$article = new storearticle();

$articles = $article->fetch_all();

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
    <meta http-equiv="Content-type" content="text/html; charset=utf-8" />

<title>Search Xclo</title>
<link rel="stylesheet" href="other.css" />
</head>

<body>

<div>
 <h1>Search</h1>
<form action="" method="GET">
<p>

<input type="text" name="term" />
<input type="submit" value="search" />
</p>
</form>
</div>

<div>
    <?PHP

 if (empty($_GET['term']) === false){
   $search_results = search_posts($_GET['term']);

if (empty($search_results)){
    echo 'Your Search Returned No Results.';
    }

   foreach ($search_results as $result){
      echo "<h3>($result['title'])</h3>";
      echo "<p>($result['body'])</p>";    
      }

}
?>
</div>
</body>

</html>

我的article.php是这样的: 

    <?php

class storearticle {
public function fetch_all(){
    global $pdo;
      $query = $pdo->prepare("SELECT * FROM mobi");
      $query->execute();
return $query->fetchAll();
              }

public function fetch_data($promo_title) {
   global $pdo;

 $query = $pdo->prepare("SELECT * FROM mobi WHERE promo_title = ?");
  $query->bindValue(1, $promo_title);
   $query->execute();

return $query->fetch(); 

}

}

class category {
public function fetch_all(){
    global $pdo;
      $query = $pdo->prepare("SELECT DISTINCT `promo_cat` FROM mobi");
      $query->execute();
return $query->fetchAll();
              }

public function fetch_data($promo_cat) {
   global $pdo;

 $query = $pdo->prepare("SELECT DISTINCT * FROM mobi WHERE `something`  = 'something'");
  $query->bindValue(1, $promo_cat);
   $query->execute();

return $query->fetch(); 

}

}

function search_posts($term){
    $keywords = preg_split('#\s+#',mysql_real_escape_string($term));

$title_where   = "'promo_title' LIKE '%" . implode("%' OR 'promo_title' LIKE '%", $keywords) . "%'";
$content_where   = "'promo_content' LIKE '%" . implode("%' OR 'promo_content' LIKE '%", $keywords) . "%'";
$name_where   = "'promo_name' LIKE '%" . implode("%' OR 'promo_name' LIKE '%", $keywords) . "%'";

 $sql = "SELECT 
              'promo_title' AS 'title',
              LEFT('promo_content', 100) AS 'body',
              'promo_name' AS 'name'
              FROM 'mobi'
              WHERE {$title_where}
              OR {$content_where}
              OR {$name_where}";

    $result = mysql_query($sql);

    $results = array();
    while (($row = mysql_fetch_Assoc($result)) !== false){
        $results[] = $row;

     return $results;
}
}



?>

我的 connection.php 代码是这样的:

<?php

try {
$pdo = new PDO('mysql:host=localhost;dbname=xclo', 'xclo', 'xclo');
}catch (PDOException $e){
  exit('Database Error.');
}

?>

我可以在此页面中添加什么以使其正常工作?

谢谢。

4

4 回答 4

1

代替:

echo "<h3>($result['title'])</h3>";
echo "<p>($result['body'])</p>";

和:

echo "<h3>{$result['title']}</h3>";
echo "<p>{$result['body']}</p>";
于 2013-07-31T11:30:08.620 回答
1

尝试

echo "<h3>{$result['title']}</h3>";
echo "<p>{$result['body'])}</p>";

或尝试

echo "<h3>".$result['title']."</h3>";
echo "<p>".$result['body']."</p>";

代替

echo "<h3>($result['title'])</h3>";
echo "<p>($result['body'])</p>";

编辑

现在对于您更新的问题,正如错误所暗示的那样,您没有连接到 mysql 数据库来执行相关操作。

您可以尝试将链接标识符传递给 mysql_real_escape_string 函数,例如

$keywords = preg_split('#\s+#',mysql_real_escape_string($term, $con));

where$con定义了你的 mysql 连接。

于 2013-07-31T11:34:45.673 回答
1

在使用 mysql_real_escape_string 之前,您必须与 MySql 服务器建立一个连接。

请参阅: http: //php.net/manual/de/book.mysql.phphttp://php.net/manual/de/book.pdo.php

编辑:试试这个(未测试):

function search_posts($term)
{
  global $pdo;

  $keywords = preg_split('#\s+#', $term);

  $title_where = "'promo_title' LIKE '%" . implode("%' OR 'promo_title' LIKE '%", $keywords) . "%'";
  $content_where = "'promo_content' LIKE '%" . implode("%' OR 'promo_content' LIKE '%", $keywords) . "%'";
  $name_where = "'promo_name' LIKE '%" . implode("%' OR 'promo_name' LIKE '%", $keywords) . "%'";

  $sql = "SELECT
          'promo_title' AS 'title',
          LEFT('promo_content', 100) AS 'body',
          'promo_name' AS 'name'
          FROM 'mobi'
          WHERE {$title_where}
          OR {$content_where}
          OR {$name_where}";

  return $pdo->query($sql)->fetchAll(PDO::FETCH_ASSOC);
}

编辑:哦,对不起,试试这个 ;-)

function search_posts($term)
{
  global $pdo;

  $keywords = preg_split('#\s+#', $term);

  $title_where = "`promo_title` LIKE '%" . implode("%' OR `promo_title` LIKE '%", $keywords) . "%'";
  $content_where = "`promo_content` LIKE '%" . implode("%' OR `promo_content` LIKE '%", $keywords) . "%'";
  $name_where = "`promo_name` LIKE '%" . implode("%' OR `promo_name` LIKE '%", $keywords) . "%'";

  $sql = "SELECT
          `promo_title` AS 'title',
          LEFT(`promo_content`, 100) AS 'body',
          `promo_name` AS 'name'
          FROM `mobi`
          WHERE {$title_where}
          OR {$content_where}
          OR {$name_where}";

  return $pdo->query($sql)->fetchAll(PDO::FETCH_ASSOC);
}
于 2013-07-31T11:47:39.530 回答
0

问题在于

echo "<h3>($result['title'])</h3>";

问题是除非变量与 echo 连接,否则 php 将无法正确解析

echo "<h3>(".$result['title'].")</h3>";

或用 {} 封装

echo "<h3>({$result['title']})</h3>";
于 2013-07-31T11:34:16.157 回答