无法清除错误 mysql_fetch_array() 期望参数 1 是资源,给定对象

【问题标题】:Can't clear error mysql_fetch_array() expects parameter 1 to be resource, object given无法清除错误 mysql_fetch_array() 期望参数 1 是资源,给定对象
【发布时间】:2015-12-01 04:15:41
【问题描述】:

我正在尝试构建一个 SELECT 查询,该查询允许我使用返回结果的表单来处理对选定行的 UPDATE。我收到的警告出现在我的代码的第 36 行。我以为我正确设置了代码来构建表格,然后填充它,但我找不到我的错误。我看到了这个问题的几个版本,但我没有看到一个谈到给出的对象。任何帮助都将受到欢迎。

<html>
<head>
</head>
<body>
<?php
$servername = "localhost";
$username = "xxx";
$password = "xxx";
$dbname = "oldga740_SeniorProject";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
     die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT * FROM Projects";
$result = $conn->query($sql);
echo "<table border=1>
<tr>
<th>Project</th>
<th>Client</th>
<th>Last Name</th>
<th>Date Received</th>
<th>Final Review Date</th>
<th>Date Delivered</th>
<th>Date Accepted>
</tr>";
while($record = mysql_fetch_array($result))
{
if ($result->num_rows > 0){
echo "<form action=mynewform.php method=post>";
echo "<tr>"; 
echo "<td>" . "<input type=text name=project value=" . $record['Project'] . " </td>";
echo "<td>" . "<input type=text name=client value=" . $record['Client'] . " </td>";
echo "<td>" . "<input type=text name=lastname value=" . $record['LastName'] . " </td>";
echo "<td>" . "<input type=text name=datereceived value=" . $record['DateReceived'] . " </td>";
echo "<td>" . "<input type=text name=finalreview date value=" . $record['FinalReviewDate'] . " </td>";
echo "<td>" . "<input type=text name=datedelivered value=" . $record['DateDelivered'] . " </td>";
echo "<td>" . "<input type=text name=dateaqccepted value=" . $record['DateAccepted'] . " </td>";
echo "<td>" . "<input type=hidden name=hidden value=" . $record['Project'] . " </td>";
echo "<td>" . "<input type=submit name=update value=update" . " </td>";
echo "<td>" . "<input type=submit name=delete value=delete" . " </td>";
echo "</tr>";
echo "</form>";
}
}
echo "</table>";
if (isset($_POST[update])){
$UpdateQuery = "UPDATE Projects SET Project='$_POST[project]', Client='$_POST[client]', LastName='$_POST[lastname]', DateReceived='$_POST[datereceived]', FinalReviewDate='$_POST[finalreviewdate]', DateDelivered='$_POST[datedelivered]', DateAccepted='$_POST[dateaccepted]' WHERE Project='$_POST[hidden]";
mysql_query($UpdateQuery, $con);
}; 
?>
<?php
    $connection->close();
?>
</body>
</html>

编辑代码

<html>

<head>

</head>

<body>

<?php
$servername = "localhost";
$username = "xxx";
$password = "xxx";
$dbname = "oldga740_SeniorProject";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
     die("Connection failed: " . $conn->connect_error);
}

$sql = "SELECT * FROM Projects";
$result = $conn->query($sql);

echo "<table border=1>
<tr>
<th>Project</th>
<th>Client</th>
<th>Last Name</th>
<th>Date Received</th>
<th>Final Review Date</th>
<th>Date Delivered</th>
<th>Date Accepted</th>
</tr>";

while($record = mysqli_fetch_array($result))
{
if ($result->num_rows > 0){

echo "<form action='mynewform'.php method='post'>";
echo "<tr>"; 
echo "<td>" . "<input type='text' name='project' value='" . $record['Project'] . " </td>";
echo "<td>" . "<input type='text' name='client' value='" . $record['Client'] . " </td>";
echo "<td>" . "<input type='text' name='lastname' value='" . $record['LastName'] . " </td>";
echo "<td>" . "<input type='text' name='datereceived' value='" . $record['DateReceived'] . " </td>";
echo "<td>" . "<input type='text' name='finalreviewdate' value='" . $record['FinalReviewDate'] . " </td>";
echo "<td>" . "<input type='text' name='datedelivered' value='" . $record['DateDelivered'] . " </td>";
echo "<td>" . "<input type='text' name='dateaccepted' value='" . $record['DateAccepted'] . " </td>";
echo "<td>" . "<input type='hidden' name='hidden' value='" . $record['Project'] . " </td>";
echo "<td>" . "<input type='submit' name='update' value=update'" . " </td>";
echo "<td>" . "<input type='submit' name='delete' value=delete'" . " </td>";
echo "</tr>";
echo "</form>";
}
}
echo "</table>";

if (isset($_POST['update'])){
$UpdateQuery = "UPDATE Projects SET Project='$_POST[project]', Client='$_POST[client]', LastName='$_POST[lastname]', DateReceived='$_POST[datereceived]', FinalReviewDate='$_POST[finalreviewdate]', DateDelivered='$_POST[datedelivered]', DateAccepted='$_POST[dateaccepted]' WHERE Project='$_POST[hidden]";
mysqli_query($conn, $sql);
}; 

?>

<?php
    $conn->close();
?>

</body>

</html>

第二次编辑

<html>

<head>

</head>

<body>

<?php
$servername = "localhost";
$username = "xxx";
$password = "xxx";
$dbname = "oldga740_SeniorProject";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
     die("Connection failed: " . $conn->connect_error);
}

$sql = "SELECT * FROM Projects";
$result = $conn->query($sql);

echo "<table border=1>
<tr>
<th>Project</th>
<th>Client</th>
<th>Last Name</th>
<th>Date Received</th>
<th>Final Review Date</th>
<th>Date Delivered</th>
<th>Date Accepted</th>
</tr>";

while($record = mysqli_fetch_array($result))
{
if ($result->num_rows > 0){

echo "<form action='mynewform.php' method='post'>";
echo "<tr>"; 
echo "<td>" . "<input type='text' name='project' value='" . $record['Project'] . "' /></td>";
echo "<td>" . "<input type='text' name='client' value='" . $record['Client'] . "'/></td>";
echo "<td>" . "<input type='text' name='lastname' value='" . $record['LastName'] . "' /></td>";
echo "<td>" . "<input type='text' name='datereceived' value='" . $record['DateReceived'] . "' /></td>";
echo "<td>" . "<input type='text' name='finalreviewdate' value='" . $record['FinalReviewDate'] . "' /></td>";
echo "<td>" . "<input type='text' name='datedelivered' value='" . $record['DateDelivered'] . "' /></td>";
echo "<td>" . "<input type='text' name='dateaccepted' value='" . $record['DateAccepted'] . "' /></td>";
echo "<td>" . "<input type='hidden' name='hidden' value='" . $record['Project'] . "' /></td>";
echo "<td>" . "<input type='submit' name='update' value=update'" . "' /></td>";
echo "<td>" . "<input type='submit' name='delete' value=delete'" . "' /></td>";
echo "</tr>";
echo "</form>";
}
}
echo "</table>";

if (isset($_POST['update'])){
$UpdateQuery = "UPDATE Projects SET Project='$_POST[project]', Client='$_POST[client]', LastName='$_POST[lastname]', DateReceived='$_POST[datereceived]', FinalReviewDate='$_POST[finalreviewdate]', DateDelivered='$_POST[datedelivered]', DateAccepted='$_POST[dateaccepted]' WHERE Project='$_POST[hidden]";
mysqli_query($conn, $sql);
}; 

?>

<?php
    $conn->close();
?>

</body>

</html>

【问题讨论】:

  • 您有一些错误。一种是您将mysql_ 驱动程序与mysqli 混合使用。另一个是 $connection 未定义。您也对 SQL 注入持开放态度。 a) mysql_fetch_array b) mysql_query
  • 此外,您的 HTML 元素无效,您缺少结束标签,您的属性应该被引用。 (不是当前的问题,但一旦你得到 SQL 处理就会出现)。
  • 是的,这是我提到的第一个错误; you are mixing mysql_ driver with mysqli 所以$result 是一个mysqli 结果对象; mysql_ 函数无法使用它。看看php.net/manual/en/mysqli-result.fetch-array.php
  • $result 是 mysqli 查询,所以不能在 while($record = mysql_fetch_array($result)) 中使用 mysql_fetch_array($result)。试试while($record = $result-&gt;fetch_array())
  • 您需要引用键,否则 php 将假定它们是常量。所以把if (isset($_POST[update])){改成if (isset($_POST['update'])){(即'update'

标签: php mysqli


【解决方案1】:

除了之前在 cmets 中的注释。我没有在您的 HTML 元素上看到任何其他答案/cmets,因此我将在这些元素上添加答案。

您将使用此 PHP 生成的 HTML 将无效。属性需要引用,输入元素需要关闭。

例如你当前的代码

echo "<form action=mynewform.php method=post>";
echo "<tr>"; 
echo "<td>" . "<input type=text name=project value=" . $record['Project'] . " </td>";

会输出:

<form action=mynewform.php method=post>
<tr>
<td><input type=text name=project value=what ever projects value is</td>

这是无效的 element 这里名为 project 永远不会关闭,它的值将只是 what。 (或在某些浏览器中;由于标记无效,应该会出现意外结果)

你的 PHP 应该是:

echo "<form action='mynewform.php' method='post'>";
echo "<tr>"; 
echo "<td>" . "<input type='text' name='project' value='" . $record['Project'] . "' /> </td>";

这应该给你

<form action='mynewform.php' method='post'>
<tr>
<td><input type='text' name='project' value='what ever projects value is' /></td>

请注意第二个示例与第一个示例中的语法突出显示有何不同。

另外请查看http://php.net/manual/en/mysqli.quickstart.prepared-statements.php,或者安全性稍差但比您目前拥有的方法更好的方法http://php.net/manual/en/mysqli.real-escape-string.php

有关整个主题的详细信息,请参阅:
a) How can I prevent SQL injection in PHP?
b) http://php.net/manual/en/security.database.sql-injection.php
c) https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet

更新:

这是我要采用的结构(除了 SQL 注入孔):

<?php
$servername = "localhost";
$username = "xxx";
$password = "xxx";
$dbname = "oldga740_SeniorProject";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
if (isset($_POST['update'])){
    $UpdateQuery = "UPDATE Projects SET Project='$_POST[project]', Client='$_POST[client]', LastName='$_POST[lastname]', DateReceived='$_POST[datereceived]', FinalReviewDate='$_POST[finalreviewdate]', DateDelivered='$_POST[datedelivered]', DateAccepted='$_POST[dateaccepted]' WHERE Project='$_POST[hidden]";
    mysqli_query($conn, $sql);
}
$sql = "SELECT * FROM Projects";
$result = $conn->query($sql);
?>
<html>
    <head>
    </head>
    <body>
        <table border='1'>
            <tr>
                <th>Project</th>
                <th>Client</th>
                <th>Last Name</th>
                <th>Date Received</th>
                <th>Final Review Date</th>
                <th>Date Delivered</th>
                <th>Date Accepted</th>
            </tr>
<?php
if ($result->num_rows > 0){
     while($record = mysqli_fetch_array($result)) {?>
            <form action='mynewform.php' method='post'>
                <tr>
                    <td><input type='text' name='project' value='<?php echo $record['Project'];?>' /></td>
                    <td><input type='text' name='client' value='<?php echo $record['Client'];?>'/></td>
                    <td><input type='text' name='lastname' value='<?php echo $record['LastName'];?>' /></td>
                    <td><input type='text' name='datereceived' value='<?php echo $record['DateReceived'];?>' /></td>
                    <td><input type='text' name='finalreviewdate' value='<?php echo $record['FinalReviewDate'];?>' /></td>
                    <td><input type='text' name='datedelivered' value='<?php $record['DateDelivered'];?>' /></td>
                    <td><input type='text' name='dateaccepted' value='<?php echo $record['DateAccepted'];?>' /></td>
                    <td><input type='hidden' name='hidden' value='<?php echo $record['Project'];?>' /></td>
                    <td><input type='submit' name='update' value='update' /></td>
                    <td><input type='submit' name='delete' value='delete' /></td>
                </tr>
            </form>
<?php
    }
}
$conn->close();
?>
        </table>
    </body>
</html>

【讨论】:

  • 克里斯,感谢您的额外意见。当我看到这条评论时,我开始研究为什么我的表格没有产生任何结果。我知道你要这样做了,但是当我进行更改时,表格没有正确呈现。
  • 您能否更新您的问题以显示您所做的更改?
  • 您错过了关闭输入元素。请参阅我的回答中的. "' /&gt; &lt;/td&gt;"。对比你的; . " &lt;/td&gt;".
  • 好的,表单又回来了,但我在更新和删除按钮中显示“,它仍然不会将任何内容传递给更新查询。感谢您尝试获取此信息的所有帮助解决了,但我不希望你花一整天的时间来帮助我解决这个问题。
  • 请用您更新的代码更新问题。您的更新查询无效,您缺少WHERE Project='$_POST[hidden] 上的结束'。这仍然对 SQL 注入开放。我看不到您在哪里使用删除。您应该对这些查询以及页面本身使用错误报告。
【解决方案2】:

mysql_fetch_array($result) 更改为$result-&gt;fetch_array()

     if ($result->num_rows > 0){



   while($record = $result->fetch_array())
    {

    echo "<form action=mynewform.php method=post>";
    echo "<tr>"; 
    echo "<td>" . "<input type=text name=project value=" . $record['Project'] . " </td>";
    echo "<td>" . "<input type=text name=client value=" . $record['Client'] . " </td>";
    echo "<td>" . "<input type=text name=lastname value=" . $record['LastName'] . " </td>";
    echo "<td>" . "<input type=text name=datereceived value=" . $record['DateReceived'] . " </td>";
    echo "<td>" . "<input type=text name=finalreview date value=" . $record['FinalReviewDate'] . " </td>";
    echo "<td>" . "<input type=text name=datedelivered value=" . $record['DateDelivered'] . " </td>";
    echo "<td>" . "<input type=text name=dateaqccepted value=" . $record['DateAccepted'] . " </td>";
    echo "<td>" . "<input type=hidden name=hidden value=" . $record['Project'] . " </td>";
    echo "<td>" . "<input type=submit name=update value=update" . " </td>";
    echo "<td>" . "<input type=submit name=delete value=delete" . " </td>";
    echo "</tr>";
    echo "</form>";
    }
    }

你不能合并mysql和mysqli

【讨论】:

  • if ($result-&gt;num_rows &gt; 0) 移到while($record = $result-&gt;fetch_array()) 之外会更有意义。
【解决方案3】:

你用mysqli_连接MYSQL,想得到结果的时候还需要mysqli_

这是来自官方的示例:

`$mysqli = new mysqli("localhost", "my_user", "my_password", "world");
/* check connection */
if ($mysqli->connect_errno){
    printf("Connect failed: %s\n", $mysqli->connect_error);
    exit();
}
$sql = "SELECT a.uid, a.role AS roleid, b.role,FROM tbl_usr a INNER JOIN tbl_memrole b ON a.role = b.id  ";
    if ($result = $mysqli->query($sql)) { 
        while($obj = $result->fetch_object()){ 
            $line.=$obj->uid; 
            $line.=$obj->role; 
            $line.=$obj->roleid; 
        }
    }
    $result->close(); 
    unset($obj); 
    unset($sql); 
    unset($query);`

【讨论】:

    猜你喜欢
    • 2011-09-23
    • 1970-01-01
    • 2011-06-05
    • 2012-07-31
    • 1970-01-01
    • 1970-01-01
    • 2011-06-21
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode