我设置了一个输入表单,在其中我使用 SELECT 函数在表中搜索现有用户,因此它将显示用户的姓名和电子邮件。但是当我尝试时,即使表中有一个名为John的用户,我也会得到“没有名为John的用户!”。为什么准备好的声明不起作用?添加准备语句.php<?php include_once 'includes/db_connect.php';?><!DOCTYPE html><html><head><title>SCIENCE FAIR</title><link rel="stylesheet" href="style.css"> <section class ="container grey-text"> <form class="white" action="addpreparedstatements.php" method="POST"> <tr> <label>First Name:</label> <td><input type="text" name="firstname" placeholder="First Name"></td></br> </tr> <div class="center"> <td colspan="2"><input type="submit" name="submit" value="Submit"></td> </div> </form></section></html><?php $firstname = mysqli_real_escape_string($conn, $_POST['firstname']); $sql = "SELECT * FROM usersthree WHERE id=?"; $stmt = $conn->prepare($sql); $stmt->bind_param("s", $id); $stmt->execute(); $result = $stmt->get_result(); // get the mysqli result $user = $result->fetch_assoc(); // fetch data $queryResult = mysqli_num_rows($result); if ($queryResult > 0) { while ($row = mysqli_fetch_assoc($result)) { echo "<div> <p>".$row['name']."<p> <p>".$row['email']."<p> </div>"; } } else { echo "No users with name $firstname!"; }?>
1 回答
慕尼黑8549860
TA贡献1818条经验 获得超11个赞
绑定到查询的变量未初始化。$id
您想要搜索“名字”,因此您需要在查询中使用变量$firstname。
// Check if formular is send and $_POST['firstname'] is set
if (isset($_POST['firstname'])) {
// Escaping is not neccessary because you use prepared statements!
$firstname = $_POST['firstname'];
$sql = "SELECT * FROM usersthree WHERE firstname=?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("s", $firstname);
$result = $stmt->get_result(); // get the mysqli result
$queryResult = mysqli_num_rows($result);
if ($queryResult > 0) {
while ($row = mysqli_fetch_assoc($result)) {
echo "<div>
<p>".$row['name']."<p>
<p>".$row['email']."<p>
</div>";
}
} else {
echo "No users with name $firstname!";
}
}
- 1 回答
- 0 关注
- 70 浏览
添加回答
举报
0/150
提交
取消