搜索数据库以匹配用户输入的问题

问题描述 投票:0回答:2

我正在尝试搜索数据库,看它是否与用户条目匹配。然而,到目前为止我的代码我只是在输入数据库中的学生姓名和号码时不断得到“学生不存在”,当我输入一个不存在的名称和号码时,它什么都没显示。我是PHP和mysql的新手,如果有人可以帮助我解释为什么我的代码不起作用,我将非常感激。我的表单在另一页上。这是我要求用户输入他们的名字只是为了表明我正在拉正确的$ _POST。我只测试回显出的名称和数字,以确保代码正常工作......现在就是这样。

<form action="next.php" method="post">


              Name: <input type="text" name="name" placeholder="Name" required="required" maxlength="50">
              <br><br>

              Student Number: <input type="text" name= "snumber" required="required" maxlength="9">
              <br><br>

next.php

<?php

require 'connect.php';

//linking up to the database
$link = mysqli_connect(HOST, USER, PASS, DB) or die (mysqli_connect_error());

//making a variable from the user data
$name = mysqli_real_escape_string ($link, $_POST["name"]);
$number = mysqli_real_escape_string ($link, $_POST["snumber"]);
$course = $_POST["pcourse"];

// select all from table student which show student name and number

$squery = "SELECT * FROM students WHERE uid='$number' AND student = '$name'";
$sresult = mysqli_query($link, $squery);

// check is name and number entered by user equals what is in database
$sfound =0;
while ($srow = mysqli_fetch_array($sresult)) {

  if ($name == $srow['uid'] && $number == $srow['student']) {

    echo "$srow[uid] $srow[student]";

  } else{
    echo "Student doesn't exist";

    $sfound =1;
  }  // end of if ($name == $srow['uid'] && $number == $srow['student'])
} // end of while ($srow = mysqli_fetch_array($sresult))

mysqli_close ($link);
?>

<html>
<body>
<form action="index.php" method="post">
  <br>
    <input type = "submit" value="back" name="back">
</form>
</body>
</html>
php mysql database
2个回答
0
投票

你需要查看mysqli_real_escape_string产生的结果,他们可能是空的。这可能是您的数据库查询检索0行的原因。如果您的连接$link也是空的,这应该是首先的原因。

0
投票

你的HTML似乎很好,虽然这个例子缺少一个关闭的</form>标签。

现在到PHP。我修正了一些错误。这是代码:

PHP

<?php
require 'connect.php';

//linking up to the database
$link = mysqli_connect(HOST, USER, PASS, DB) or die (mysqli_connect_error());

//making a variable from the user data
$name = mysqli_real_escape_string ($link, $_POST["name"]);
$number = mysqli_real_escape_string ($link, $_POST["snumber"]);
$course = $_POST["pcourse"];

// select all from table student which show student name and number

$squery = "SELECT * FROM students WHERE uid=".$number." AND student = '".$name."'";
$sresult = mysqli_query($link, $squery);

// check if name and number entered by user equals what is in database
$sfound =0;
while ($srow = mysqli_fetch_assoc($sresult))
{
    if ($name == $srow['student'] && $number == $srow['uid']) echo $srow['uid'].' '.$srow[student];
    else 
    {
        echo "Student doesn't exist";
        $sfound =1;
    } // end of if ($name == $srow['student'] && $number == $srow['uid'])
} // end of while ($srow = mysqli_fetch_array($sresult))

mysqli_close ($link);
?>
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.