从数据库查询数据时获取php中的错误

时间:2018-04-15 08:28:02

标签: php mysql

这是我的PHP代码

 <?php

if (isset($_POST['search'])) {
    require 'config.php';
    $department = $_POST['department'];
    $class = $_POST['class'];
    $i = 1;
    $query = "SELECT `student_id` , `name`, `htno`, `department`, `class` FROM student_detail where department=$department && class=&class";
    $result = mysqli_query($conn, $query);
    while ($row = mysqli_fetch_array($result)) {
        echo "<tr>";
        echo "<td>" . $i++ . "</td>";
        echo "<td>" . $row['name'] . "</td>";
        echo "<td>" . $row['htno'] . "</td>";
        echo "<td>" . $row['department'] . "</td>";
        echo "<td>" . $row['class'] . "</td>";
        echo "<td><a href=\"delete.php?class_id=" . $row['student_id'] . "\" onClick=\"return confirm('Are you sure you want to delete?')\">DELETE</a></td></tr>";
    }
}
?>

,错误是

  

警告:mysqli_fetch_array()期望参数1为mysqli_result,   boolean`

虽然使用此代码是我做错了什么,请帮助我..我是PHP的初学者。我无法选择数据库。

选择数据时,错误可能出现在部门和班级中。

<form method="post" action="" >
    <div class="form-group">
        <label for="department">Department</label>
        <select name="department" class="form-control">
            <option selected="selected">Please select your department</option>
            <?php
            require('config.php');
            $result = mysqli_query($conn, "SELECT * FROM department");

            while ($test = mysqli_fetch_array($result)) {
                echo "<option 
              value='" . $test['department_name'] . "'>" . $test['department_name'] . "</option>";
            }
            ?>
        </select>
    </div>
    <div class="form-group ">
        <label for="class">Class</label>
        <select name="class" class="form-control">
            <option selected="selected">Please select your class</option>
            <?php
            require('config.php');
            $result = mysqli_query($conn, "SELECT * FROM class");

            while ($test = mysqli_fetch_array($result)) {
                echo "<option value='" . $test['class_name'] . "'>" . $test['class_name'] . "
    </option>";
            }
            ?>
        </select>
    </div>
    <button type="submit" name="search" class="btn btn-
            primary">Submit</button>
</form>

1 个答案:

答案 0 :(得分:-1)

尝试这种方法。这会在您的查询中使用预准备语句。

            $query = "SELECT 
            `student_id`,
            `name`,
            `htno`,
            `department`,
            `class`
            FROM student_detail 
            where department = ? && class = ? ";

            $stmt = $conn->prepare($query);
            $stmt->bind_param('ss', $department, $class);  // s - string, i - ints
            $stmt->execute();
            $result = $stmt->get_result();  

            while ($row = $result->fetch_assoc()) {
            //...Do the rest of code here.

这是关于mysqli的准备语句的链接:

https://websitebeaver.com/prepared-statements-in-php-mysqli-to-prevent-sql-injection

相关问题
最新问题