我试图从数据库中提取与文本框中的数据匹配的数据,而我正在使用的代码会引发错误。
我认为我的SQL查询有问题,但我不确定是什么。
错误是:
警告:mysql_fetch_array()要求参数1为资源,第65行的C:\ wamp \ www \ search.php中给出布尔值
我的语法:
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css"></link>
</head>
<body>
<form action="" name="formdownload" method="post">
<table>
<tr><td colspan=2><h1>Domestic Flights</h1></td></tr></br>
<td height=50> From:</td><td><input type="From" name="from" size=30/>
<tr><td height=50>To: </td><td><input type="To" name="to" size=30/>
<tr><td><input name="submit" type="submit" value ="Search"></tr></td>
<table border="1" align="center" id="table1" cellpadding="0" cellspacing="0">
<tr>
<th>Flight No</th>
<th>Flight Company</th>
<th>Plane Type</th>
<th>From</th>
<th>To</th>
</tr>
<center>
<?php
$submit = @$_POST['submit'];
$from = @$_POST['from'];
$to = @$_POST['to'];
if($submit)
{
$select=mysql_query("select * from flight where ffrom='$from'and To='$to'");
while($row1=mysql_fetch_array($select))
{
$FlightNo = $row1['FlightNo'];
$FlightCompany=$row1['FlightCompany'];
$PlaneType = $row1['PlaneType'];
$From =$row1['ffrom'];
$To =$row1['To'];
?>
<tr>
<td width="90" align="center">
<?php echo $FlightNo;?>
</td>
<td width="90" align="center">
<?php echo $FlightCompany;?>
</td>
<td width="90" align="center">
<?php echo $PlaneType;?>
</td>
<td width="90" align="center">
<?php echo $From;?>
</td>
<td width="90" align="center">
<?php echo $To;?>
</td>
</tr>
<?php }}?>
</table>
</table>
</form>
</div>
</div>
</div>
</div>
</center>
</body>
</html>
答案 0 :(得分:1)
变量名称的行有错误:
$select=mysql_query("select * from logintbl where name='$uname'");
将其替换为:
$select=mysql_query("select * from logintbl where name='$name'");
编辑:因为你的字段被命名为“uname&#39;在您的数据库中,这是正确的代码(通过添加mysql_real_escape更安全一点):
$select=mysql_query('select * from logintbl where uname="'.mysql_real_escape($name).'";');
REEDIT:您需要第二个参数,但在查询之前没有在PHP中检索它。你的代码应该是这样的:
<html>
<body>
<form enctype="multipart/form-data" action="" name="formdownload" method="post">
<table border="1" align="center" id="table1" cellpadding="0" cellspacing="0">
<tr>
<th>ID</th>
<th>Name</th>
<th>Password</th>
<th>User Type</th>
</tr>
<center>
<br/><br/><br/>
ID: <input type="text" name="idno" /> <br/><br/>
Name : <input type="text" name="name" /><br/><br/>
Marks : <input type="text" name="marks" /><br/><br/>
<input type="submit" name = "submit" value="submit">
</center>
<?php
$submit = @$_POST['submit'];
$name = @$_POST['name'];
$idno = @$_POST['idno'];
if($submit)
{
$select=mysql_query("select * from logintbl where uname='$name' and Id='$idno'");
while($row1=mysql_fetch_array($select))
{
$id = $row1['ID'];
$name=$row1['uname'];
$pass = $row1['pass'];
$type =$row1['type'];
?>
<tr>
<td width="300" align="center">
<?php echo $id;?>
</td>
<td width="300" align="center">
<?php echo $name;?>
</td>
<td width="300" align="center">
<?php echo $pass;?>
</td>
<td width="300" align="center">
<?php echo $type;?>
</td>
</tr>
<?php }}?>
</table>
</form>
</body>
我仍强烈建议您在使用mysql_real_escape进行查询之前过滤变量。