我在运行此代码时遇到4个错误,该代码将用户的电子邮件地址添加到名为ecommerce
的表中名为subscriptions
的数据库中。
$ con = new mysqli(' localhost',' root','''电子商务');
if (!$con) {
die('Could not connect: ' . mysql_error());
}
$errors = array();
if($_POST)
{
if(empty($_POST['email']))
{
$errors['email1'] = "<p style='color:red;font-family: BCompset, Arial, Helvetica, sans-serif;font-size:30px;float:right;'>Dont forget to write your email!</p>";
}else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors['email2'] = "<p style='color:red;font-family: BCompset, Arial, Helvetica, sans-serif;font-size:25px;float:right;'>Something wrong is with your email</p>";
}else{
// check if the email already exists
$query = mysqli_query("SELECT * FROM subscriptions WHERE email='$email'");
if(mysqli_num_rows($query) > 0){
$errors['email3'] = "<p style='color:red;font-family: BCompset, Arial, Helvetica, sans-serif;font-size:25px;float:right;'>Your had been registered before!</p>";
}
}
}
//check errors
if(count($errors) == 0)
{
$insert_email = mysqli_query("INSERT INTO subscriptions (email) VALUES ('$email')");
$insert_email = mysqli_query($con, $insert_email);
$success = "<script>alert('Your email was successfully added to our database!')</script>";
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form action="" method="POST" class="searchform" dir="ltr">
<input type="text" name="email" placeholder="Your email address" value="<?php if(isset($_POST['email'])) echo $_POST['email']; ?>"/>
<button name="submit" type="submit" class="btn btn-default"><i class="fa fa-arrow-circle-o-right"></i></button>
<p><?php if(isset($errors['email1'])) echo $errors['email1']; ?></p>
<p><?php if(isset($errors['email2'])) echo $errors['email2']; ?></p>
<p><?php if(isset($errors['email3'])) echo $errors['email3']; ?></p>
<p><?php if(isset($success)) echo $success; ?></p>
<?php if(count($errors) == 0){echo "<p id='para' dir='rtl'>You can add your email to our emailsshow list.</p>";}?>
</form>
错误是这样的:
警告:mysqli_query()需要至少2个参数,第27行给出1
第27行:
$ query = mysqli_query(&#34; SELECT * FROM subscriptions WHERE 电子邮件=&#39; $电子邮件&#39;&#34);
警告:mysqli_num_rows()要求参数1为mysqli_result,在第28行给出为null
第28行:
if(mysqli_num_rows($ query)&gt; 0){
警告:mysqli_query()需要至少2个参数,第37行给出1
第37行:
$ insert_email = mysqli_query(&#34; INSERT INTO订阅(电子邮件)VALUES(&#39; $ email&#39;)&#34;);
警告:mysqli_query():第38行的空查询
第38行:
$ insert_email = mysqli_query($ con,$ insert_email);
我是这个论坛的新人,如果你能帮我解决这个问题,我真的应该做的事情最好...提前谢谢!
答案 0 :(得分:2)
而不是
$query = mysqli_query("SELECT * FROM subscriptions WHERE email='$email'");
使用
$query = $con->query("SELECT * FROM subscriptions WHERE email='$email'");
或
$query = mysqli_query($con, "SELECT * FROM subscriptions WHERE email='$email'");
也代替
$insert_email = mysqli_query("INSERT INTO subscriptions (email) VALUES ('$email')");
使用
$insert_email = $con->query("INSERT INTO subscriptions (email) VALUES ('$email')");
这是我能看到的唯一两个错误。
答案 1 :(得分:1)
除了缺少mysqli连接资源/对象之外,脚本还存在一些其他问题:
mysqli_num_rows
的警告与不检查mysqli_query
的返回值有关。e.g。
<?php
define('MYSQL_ER_DUP_KEY', 1022); // see https://dev.mysql.com/doc/refman/5.6/en/error-messages-server.html#error_er_dup_key
$errors = array();
if($_POST) // might be superfluous
{
// simplified email validation
// improve if needed
$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
if ( !$email ) {
// removed html/style from error message, better do that when printing the error
$errors['email1'] = "A valid email address is required";
}
// you only need the database connection after the email address is validated
$mysqli = new mysqli('localhost', 'root', '','ecommerce');
// see http://docs.php.net/mysqli.quickstart.connections
if ($mysqli->connect_errno) {
trigger_error("Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error, E_USER_ERROR);
}
// not checking if this email address is already in the database
// instead create a unique index for that field
// see https://dev.mysql.com/doc/refman/5.6/en/constraint-primary-key.html
// - otherwise you'd at least have to lock the table to avoid race conditions -
// sql injections: see http://docs.php.net/security.database.sql-injection
// to prevent sql injections you either have to make sure string literals are
// properly encoded/escaped or use preparead statements+parameters
$stmt = $mysqli->prepare('INSERT INTO subscriptions (email) VALUES (?)');
if ( !$stmt ) {
trigger_error("prepare statement failed (" . $mysqli->errno . ") " . $mysqli->error, E_USER_ERROR);
}
else if ( !$stmt->bind_param('s', $email) ) {
trigger_error("bind_param failed (" . $stmt->errno . ") " . $stmt->error, E_USER_ERROR);
}
else if ( !$stmt->execute() ) {
// email has a unique index, inserting an email address a second time
// results in a ER_DUP_KEY error
if ( MYSQL_ER_DUP_KEY==$stmt->errno ) {
$errors['email2'] = "email address already in subsription list";
}
else { // otherwise it's "really" an error
trigger_error("execute failed (" . $stmt->errno . ") " . $stmt->error, E_USER_ERROR);
}
}
else {
[... inserted ...]
}
}
答案 2 :(得分:0)
将您的连接指定为mysqli_query()中的参数,如此
$query = mysqli_query($con,"SELECT * FROM subscriptions WHERE email='$email'");
一旦你更正了查询,mysqli_num_rows上的错误也会消失。