警告:'surname'的非法字符串偏移

时间:2014-03-08 00:59:42

标签: php search select warnings

我正在尝试创建一个搜索引擎来搜索成员但是当我执行搜索查询时它会给我上面的错误。错误是关于代码中的最后一行

结果也不是正确的..它给了我列

中每个单词的第一个字符

所以,当我以'Jan'或'Vandenbergh'(名字,姓氏)打字时,它给了我J(Jan,V(Vandenbergh)的第一个角色,所以它继续。每个角色都会给出错误。

selectquery的结果:

'SELECT * FROM tblusers WHERE name = 'jan' OR surname ='jan''

这是我的功能:

public function Search($searchinput)
    {
        $db = new Db();
        $select = "SELECT * FROM tblusers WHERE name = '" . $searchinput . "' OR surname ='" . $searchinput . "'";
        var_dump($select);
        $result = $db->conn->query($select);
        return $data=$result->fetch_assoc();

    }

这就是操作按钮的作用:

if(isset($_POST["btnSearch"])){
    try {
        $searchinput = $_POST['btnSearch'];
        $searchresult = $user->Search($searchinput);
    }
    catch(exception $e){
        $feedback = $e->getMessage("no results");
    }
}

HTML:

<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
            <input type="text" name="btnSearch" placeholder="search"/>
            <input type="submit" value="search members" />

      </div>
    </div>

<div class="row">
    <?php
    foreach ($searchresult as $result) {            
echo "<div><p>" . $result['surname']  . "</p></div>"; } ?> </div>

2 个答案:

答案 0 :(得分:1)

PHP 

public function Search($searchinput)
{
        $db = new Db();
        $select = "SELECT * FROM tblusers WHERE name = '" . $searchinput . "' OR surname ='" . $searchinput . "'";
        $result = $db->conn->query($select);
        return $result;
}

if(isset($_POST["btnSearch"])){
try {
    $searchinput = $_POST['btnSearch']; // remember to filter that variable since you can be easily attacked
    $searchresult = $user->Search($searchinput);
}
catch(exception $e){
    $feedback = $e->getMessage("no results");
}

}

HTML 

<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
            <input type="text" name="btnSearch" placeholder="search"/>
            <input type="submit" value="search members" />

      </div>
    </div>

<div class="row">
    <?php
        if(is_object($searchresult))
            while($row = $searchresult->fetch_array()) {            
                 echo "<div><p>" . $row['surname']  . "</p></div>"; 
            } 
    ?> 
</div>

答案 1 :(得分:1)

->fetch_assoc()只返回1行,而不是行数组,因此$searchresult是1级数组,而不是数组数组,因此您可以将其作为$searchresult['surname'] <访问/ p>

根据您的评论,您希望获得一项或多项结果,在您的功能更改中

return $data=$result->fetch_assoc();

->fetch_all() 

return $data=$result->fetch_all(); // you could also do ->fetch_all(MYSQLI_ASSOC)

另外,在结果周围添加isset() - 

<div class="row">
    <?php
    if(isset($searchresult)){
       foreach ($searchresult as $result) {            
          echo "<div><p>" . $result['surname']  . "</p></div>"; 
       }
    } ?> 
</div>
相关问题
最新问题