2020年1月7日 01:24:18go评论66阅读模式

英文:

I want to echo all classNames that have the same userid in php

问题

$mysqli = new mysqli($servername, $username, $password, $database);
$userId1 = $_SESSION['user']['userId'];
$searchQuery = "SELECT ClassName FROM classrooms WHERE userid = '{$userId1}'";
echo "abc";
if ($result = $mysqli->query($searchQuery)) {
    echo "epic";
    while ($row = $result->fetch_object()) {
        echo $row->ClassName;
    }
}

我正在尝试输出所有在classrooms表中，userId等于会话中的userId的情况。帮助。

这是我们用来跟踪用户教室的表格，我正在使用mysqli。

ClassName  userid
yoink      25
lol        25
haha       6
yoinks     25
yeet       25
yeet1      25

原来，我的帖子主要是代码。所以让我提供一些背景细节。我正在尝试创建一个表格，根据userID显示教室名称。所以用户25将拥有教室yoink，lol，yoinks，yeet和yeet1。但是if语句（我们的查询）实际上并没有执行任何操作。

非常感谢。

英文:

code here :

$mysqli = new mysqli($servername, $username, $password, $database);
$userId1 = $_SESSION[&#39;user&#39;][&#39;userId&#39;];
$searchQuery = &quot;SELECT ClassName FROM classrooms WHERE userid = &#39;{$userId1}&#39;&quot;;
echo &quot;abc&quot;;
if ($mysqli-&gt;query($searchQuery) === TRUE) {
    echo &quot;epic&quot;;
    while($row = $searchQuery-&gt;fetch_object()) {
        echo $row[&#39;ClassName&#39;];
    }
}

I am trying to echo all instances where the userId in the classrooms table is equal to the session userId. HELP.

this is the table that we are using to track the users classrooms I'm using mysqli.

ClassName  userid
yoink      25
lol        25
haha       6
yoinks     25
yeet       25
yeet1      25

Turns out, my post is mostly code. So let me give some background details. I'm trying to make a table that will disply the classroom name depending on the userID. So user 25 will have classrooms yoink,lol,yoinks,yeet, and yeet1. But the if statement (our query) doesn't actually do anything.

Many thanks

答案1

得分: 1

$searchQuery是一个字符串!!! 而不是从$mysqli->query()返回的结果句柄，但您没有捕获它。

所以将代码更改为：

$mysqli = new mysqli($servername, $username, $password, $database);
$userId1 = $_SESSION['user']['userId'];
$searchQuery = "SELECT ClassName FROM classrooms WHERE userid = '$userId1'";
echo "abc";
if ($result = $mysqli->query($searchQuery) === TRUE) {
    echo "epic";
    while($row = $result->fetch_object()) {
        //echo $row['ClassName'];
        // 你获取了一个对象，所以要将其视为一个对象来处理
        echo $row->ClassName;
    }
}

但请注意 - 重要警告

您的脚本容易受到 SQL 注入攻击的影响。
即使您转义了输入，也不安全！](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)
您应该考虑使用准备好的参数化语句在 MYSQLI_ 或 PDO API 中，而不是连接的值。

$mysqli = new mysqli($servername, $username, $password, $database);
$userId1 = $_SESSION['user']['userId'];

$sql = "SELECT ClassName FROM classrooms WHERE userid = ?";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param('s', $userId1);
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_object()) {
    echo $row->ClassName;
}

英文:

$searchQuery is a string!!! And not a result handle which would have been returned from $mysqli->query() but you did not capture it.

So change the code to

$mysqli = new mysqli($servername, $username, $password, $database);
$userId1 = $_SESSION[&#39;user&#39;][&#39;userId&#39;];
$searchQuery = &quot;SELECT ClassName FROM classrooms WHERE userid = &#39;$userId1&#39;&quot;;
echo &quot;abc&quot;;
if ($result = $mysqli-&gt;query($searchQuery) === TRUE) {
    echo &quot;epic&quot;;
    while($row = $result-&gt;fetch_object()) {
        //echo $row[&#39;ClassName&#39;];
        // you fetch an OBJECT so address it as an object
        echo $row-&gt;ClassName;
    }
}

###However - Big Warning

>Your script is open to SQL Injection Attack.
Even if you are escaping inputs, its not safe!
You should consider using prepared parameterized statements in either the MYSQLI_ or PDO API's instead of concatenated values

$mysqli = new mysqli($servername, $username, $password, $database);
$userId1 = $_SESSION[&#39;user&#39;][&#39;userId&#39;];

$sql = &quot;SELECT ClassName FROM classrooms WHERE userid = ?&quot;;
$stmt = $mysqli-&gt;prepare($sql);
$stmt-&gt;bind_param(&#39;s&#39;, $userId1);
$stmt-&gt;execute();
$result = $stmt-&gt;get_result();
while($row = $result-&gt;fetch_object()) {
    echo $row-&gt;ClassName;
}

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

我想在PHP中回显所有具有相同userid的classNames。

问题

答案1

但请注意 - 重要警告

使用Informix的DB2驱动程序

在基于条件的情况下，匹配同一列中相同值的SQL查询。

如何在Trino/Presto中筛选出地图中的特定键？

Using SQLAlchemy, how to copy a database of three tables over to my local MySQL database? What are the proper sequence of method calls?

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论