dongweiben5229 2017-05-10 19:26
浏览 56

mysqli_num_rows()期望参数1 [重复]

When I run my PHP code, it gives me the following error:

Warning: mysqli_query() expects parameter 1 to be mysqli, boolean given

What is causing this?

Here is the code in which the query is executed: 

class accounts {


public function check_login($a,$b)
{
      $conn = mysqli_connect("localhost", "username", "pw", "dbname");

 $result = mysqli_query($conn, "select * from members WHERE username='$a' and password='$b'");
    if (mysqli_num_rows($result) == 0) {

        $arr = array("message" => "fail");


    } else {

       $row=mysqli_fetch_assoc($result);
       $arr=array("message"=>"success");


    }
    return $arr;

   }
   }



  ?>

and here is the code that calls that function:

if (isset($_POST['Login'])){
$ra=$obj->check_login($_POST['myusername'],$_POST['mypassword']);
if ($ra['message']=="success") {
     $_SESSION['x']=$ra['myusername'];
    $_SESSION['y']=$ra['mypassword'];
    header("location:index.php");
    } else {
            echo "<center><font color='red'><b>Wrong Username or     Password</center></font></b>";

Any help would be very much appreciated.

</div>
  • 写回答

1条回答 默认 最新

  • drb88830 2017-05-10 19:31
    关注

    Problem

    The mysqli_num_rows function only works when you have a valid results set. Since it's telling you that you've passed it a boolean instead, the means that there must be something wrong with what's in the $result variable.

    mysqli_query will return false if there is an error in your SQL query. I've read over your query, and you don't seem to have any major syntactical errors, so the problem is probably with the spelling of one of the column or table names.

    Solution

    To see what the problem is, change

    $result = mysqli_query($conn, "select * from members WHERE username='$a' and password='$b'");

    to 

    $result = mysqli_query($conn, "select * from members WHERE username='$a' and password='$b'") or die(mysqli_error($conn));

    This will echo out the MySQL error onto the page, so that you can debug your query.

    Once you adjust your query to be correct, you will no longer get this error.

    SQL Injection

    You need to sanitise any input that you're putting into a query, otherwise you leave yourself open to a major security exploit. Read more about SQL injection and what you can do about it: http://php.net/manual/en/security.database.sql-injection.php

    评论

报告相同问题?

悬赏问题

  • ¥15 安卓adb backup备份应用数据失败
  • ¥15 eclipse运行项目时遇到的问题
  • ¥15 关于#c##的问题:最近需要用CAT工具Trados进行一些开发
  • ¥15 南大pa1 小游戏没有界面,并且报了如下错误,尝试过换显卡驱动,但是好像不行
  • ¥15 没有证书,nginx怎么反向代理到只能接受https的公网网站
  • ¥50 成都蓉城足球俱乐部小程序抢票
  • ¥15 yolov7训练自己的数据集
  • ¥15 esp8266与51单片机连接问题(标签-单片机|关键词-串口)(相关搜索:51单片机|单片机|测试代码)
  • ¥15 电力市场出清matlab yalmip kkt 双层优化问题
  • ¥30 ros小车路径规划实现不了,如何解决?(操作系统-ubuntu)