选择数据库中包含的单词

时间:2016-07-08 14:33:51

标签: php mysql

如果用户的名字包含一些字符串插入到数据库表中,我想锁定用户的注册。我用了这段代码:

$repWor =  mysql_query("SELECT * FROM reportedWord WHERE Word LIKE '%$username%'");

if (strpos($username, $repWor) !== false) {
    echo 'The name contains characters or words not allowed.';
}

但它不起作用。如何解决?

2 个答案:

答案 0 :(得分:2)

查询后,您需要使用mysql_fetch_array

之类的内容
<?php
$repWor = mysql_query("SELECT * FROM reportedWord WHERE Word LIKE '%$username%'",$cnx);

$dat = mysqli_fetch_array( $repWor ); // <====================

if (strpos($username, $dat["Word"] ) !== false) { echo 'The name contains characters or words not allowed.';
?>

正如@apokryfos所说,你应该改为mysqli,这很简单:

<?php

$repWor = mysqli_query($cnx,"SELECT * FROM reportedWord WHERE Word LIKE '%$username%'");

$dat = mysqli_fetch_array( $repWor ); // <===================

if (strpos($username, $dat["Word"] ) !== false) { echo 'The name contains characters or words not allowed.';

?>

答案 1 :(得分:1)

使用mysql_query返回结果资源。它不会根据您的SQL返回字符串或数组。您必须将mysql_query与mysql_fetch_row或mysql_fetch_assoc结合使用。

可以找到一个完整的例子 http://php.net/manual/en/function.mysql-fetch-assoc.php

然后将您的代码转换为:

$search = mysql_real_escape_string($username);
$query  = "SELECT * FROM reportedWord WHERE Word LIKE '%{$search}%'";
$result = mysql_query($query, $connection);
$row    = mysql_fetch_assoc($result);

if (strpos($username, $row['reportedWord']) !== false) {
    echo 'The name contains characters or words not allowed.';
}

在获得强大的解决方案之前,您还有很长的路要走,您应该考虑使用mysqli并按照快速入门指南进行操作:http://php.net/manual/en/mysqli.quickstart.statements.php

或者更进一步,使用像Doctrine http://www.doctrine-project.org/

这样的库