我有一个带有此代码的search.php页面
<html>
<body style="background-color: azure">
please import your search request:
<br>
<form method="get" action="searchprocess.php">
<input type="text" placeholder="please import here" name="search">
<input type="submit">
</form>
</body>
</html>
而searchprocess.php如下
<?php
require_once 'functions.php';
$search=$_GET['search'];
$search = preg_replace("#[^0-9a-z]i#","", $search);
$query="Select * from names where firstname LIKE '%$search%'";
$result=mysqli_query($connection,$query);
$count =mysqli_num_rows($result);
var_dump($result);
if ( $count == 0)
{
$output = "there is noting to show you ... sorry search another thing <a href='search.php'>back to search page</a>";
echo $output;
}
else{
echo "<table>";
while($row = mysqli_fetch_array($result)){
$id = $result['id'];
$firstname = $result['firstname'];
$lastname = $result['lastname'];
echo '<tr>';
echo '<td>'.$id.'</td>';
echo '<td>'.$firstname.'</td>';
echo '<td>'.$lastname.'</td>';
echo '</tr>';
}
echo "</table>";
}
?>
我有wamp和问题是当我尝试我的代码它在下面的行上的错误
$id=$row['id'];
你用错了车。
while($row = mysqli_fetch_array($result)){
$id = $result['id'];
$firstname = $result['firstname'];
$lastname = $result['lastname'];
应该:
while($row = mysqli_fetch_array($result)){
$id = $row['id'];
$firstname = $row['firstname'];
$lastname = $row['lastname'];
我鼓励你使用prepared statements来避免SQL注入攻击。