我需要使此代码正常工作,但是有一个问题
<?php
{
while($row = mysqli_fetch_assoc($result))
{
echo" <a href='article.php?title=".$row['a_title']."&date=".$row['a_dat']."&hmm=".$row['a_id']."'>
<div class='box'>
<div class='post-st'>
$connection = new mysqli(...);
$data = $connection->query("SELECT image FROM users WHERE a_author='$row['a_author']' ");
if ($data->num_rows > 0)
{
$row2 = $data->fetch_assoc();
$picture=$row2['image'];
}
if($_SESSION['picture'] == "")
echo '<img width="35px" height="35px" src="../images/default.jpg" alt="Default Profile Pic"> ' ;
else
echo '<img width="35px" height="35px" src="../images/'.$picture.'" alt="Profile Pic">' ;
</div>";
}
}
?>
问题出在那一行代码上,我不明白为什么
$data = $connection->query("SELECT image FROM users WHERE a_author='$row['a_author']' ");
我检查了每个“或”,但没有发现任何缺失的
答案 0 :(得分:2)
报价有误。尝试以下代码:
$data = $connection->query("SELECT image FROM users WHERE a_author='" . $row['a_author'] . "'");
几乎没有语法错误。整个代码如下:
while ($row = mysqli_fetch_assoc($result)) {
echo " <a href='article.php?title=" . $row['a_title'] . "&date=" . $row['a_dat'] . "&hmm=" . $row['a_id'] . "'>
<div class='box'><div class='post-st'>";
$connection = new mysqli();
$data = $connection->query("SELECT image FROM users WHERE a_author = '" . $row['a_author'] . "'");
if ($data->num_rows > 0) {
$row2 = $data->fetch_assoc();
$picture = $row2['image'];
}
if ($_SESSION['picture'] == "")
echo '<img width="35px" height="35px" src="../images/default.jpg" alt="Default Profile Pic"> ';
else
echo '<img width="35px" height="35px" src="../images/' . $picture . '" alt="Profile Pic"></div>';
}
注意:mysqli()需要适当的参数。
答案 1 :(得分:1)
这些行是错误的:
int(cropped_number)您缺少<div class='post-st'>
$connection = new mysqli(...);
:
";此外,您的查询也不安全,可能会遭受 SQL注入 。这是一些有关使用 MySQLi 的准备好的语句的文档: MySQLi - Prepared Statements