如何解决这个错误：mysql_fetch_array（）期望参数1是mysqli_result

I am getting this error:

mysql_fetch_array() expects parameter 1 to be mysqli_result

I am trying to do searching a table. I am not sure how my fetch array works with specifically, but I know it returns the row which suits the condition given.

My PHP code :

class Registration
{
    private $db_connection = null;

    public function __construct()
    {
        if (isset($_POST["search"])) 
        {
           $this->doSearch();
        }
    }

   private function doSearch()
   {
     $field = $_POST["field"];
     $find = $_POST["find"];
     echo "you are searching ". $_POST['find'] . " in " . $_POST["field"] . " category"; 
     $this->db_connection = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
     $sql = "SELECT * FROM users WHERE upper $field LIKE $find";
     $result_search = $this->db_connection->query($sql); // mysql_fetch_array() expects parameter 1 to be mysqli_result
     while($row = mysqli_fetch_array($result_search)) 
          {
            echo $row['user_name']."</br>";
            echo $row['user_email']."</br>";
            echo $row['user_phone']."</br>";
            echo "<br>";
          }
   }
}

How to solve this problem using OOP.

I can solve in procedural methods but not in OOP.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dongwo5110 2014-06-13 18:00
关注
I reopened this question because there are at least four issues to correct here.

First issue: you have syntax errors in your SQL:

$sql = "SELECT * FROM users WHERE upper $field LIKE $find";

If you wanted to use the upper() function, you need to use parentheses:

$sql = "SELECT * FROM users WHERE upper($field) LIKE $find";

Second issue: strings must be quoted.

$sql = "SELECT * FROM users WHERE upper($field) LIKE '$find'";

Third issue: you're copying a variable into your query in an unsafe manner, so you are creating an SQL injection vulnerability. You should use query parameters to avoid this.

$sql = "SELECT * FROM users WHERE upper($field) LIKE ?";

Fourth issue: it's still unsafe because $field is untrusted input, and could still introduce SQL injection. But query parameters don't work for column names, they only work in place of literal values like a quoted string or a number. The best fix for variable column names is to validate the input against a whitelist of columns that really exist in your table, and reject anything else (or choose a default). Here's a quick way to do that:

$columns = array("user"=>"user_name", "first"=>"first_name", "last"=>"last_name", "DEFAULT"=>"username"); $realfield = $columns[$field] ?: $columns["DEFAULT"]; $sql = "SELECT * FROM users WHERE upper($realfield) LIKE ?";

Notice my array keys in $columns don't even have to be exactly the SQL column names. So this allows us to make the web usage friendlier than the SQL usage, and allows us to change one without having to change the other (decoupling).

Fifth issue: LIKE is already a case-insensitive comparison when using the default collation order, so you don't need upper() anyway. That won't cause an error, but it's just good practice.

$sql = "SELECT * FROM users WHERE $realfield LIKE ?";

Sixth issue: this is the one that actually caused the error message in your summary. The query() method returns false instead of a statement resource if there's an error. You must always check for that false before trying to use it as though it is a statement.

Here's a better way to code this, putting it all together:

$columns = array("user"=>"user_name", "first"=>"first_name", "last"=>"last_name", "DEFAULT"=>"username"); $realfield = $columns[$field] ?: $columns["DEFAULT"]; $sql = "SELECT * FROM users WHERE $realfield LIKE ?"; if (!($stmt = $this->db_connection->prepare($sql))) { die($this->db_connection->error); } $stmt->bind_param("s", $find); if (!$stmt->execute()) { die($stmt->error); } $results = $stmt->get_results(); while($row = $results->fetch_array()) { . . . }
解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

PHP中提示:Warning: mysqli_fetch_array().....应该怎么修改，万分感谢 mysql php 数据库
2018-12-03 15:09

回答 1 已采纳 https://www.jb51.net/article/58589.htm
警告：mysqli_fetch_array（）期望参数1为mysqli_result，[closed]中给出的字符串 php
2014-09-08 17:36

回答 1 已采纳 Use mysqli_fetch_array($result1) instead of mysqli_fetch_array('result1')
PHP MySQL警告：mysqli_fetch_array（）期望参数1为mysqli_result [duplicate] mysql php sql
2014-04-22 06:35

回答 3 已采纳 Sorry, that was not the problem. The problem is that I assigned the value "table" for $db_table a
mysql_fetch_array 失败_错误：mysql_fetch_array（）期望参数1是资源，布尔[重复]
2021-03-03 23:46

大狗多多的博客这个问题在这里已有答案：My array:$data =Array ([0] => Array ( [uid] => 1000017727223 [name] => Ter silika )[1] => Array ( [uid] => 1000043758095 [name] => Brat elina )[2] => Array...
致命错误：未识别的方法mysqli：fetch_array（）[复制] php
2014-07-22 23:49

回答 2 已采纳 Instead of $link->fetch_array($result) use $result->fetch_array() Valid optional mysqli_res
警告：mysqli_fetch_array（）期望参数1为mysqli_result，第32行给出布尔值[重复] mysql php
2015-02-04 21:43

回答 1 已采纳 You have a syntax error in your query. $result = mysqli_query($con,"SELECT * FROM event WHERE us
mysqli_fetch_array（）期望参数1为mysqli_result，给出PHP论坛尝试的数组 mysql php sql
2019-04-14 18:28

回答 1 已采纳 Once you have run $result = $query->fetchAll(PDO::FETCH_ASSOC); $result will be an array of
php result_array,关于php：警告：mysqli_fetch_array()期望参数1为mysqli_result，给定数组...
2021-04-29 07:26

可爱可乐少女的博客首先，我有一个自定义查询函数，该函数在MySQLDatabase类中看起来像这样public function query($query) {$this->last_query = $query;$resultado = mysqli_query($this->connection, $query);$this-&gt...
错误：警告：mysqli_fetch_array（）要求参数1为mysqli_result，第15行/var/www/html/data.php中给出布尔值[复制] c# mysql php
2015-12-24 06:44

回答 3 已采纳 You cannot mix the mysql and mysqli. For database queries please use mysqli_query($conn,$query). h
错误：mysql_fetch_array需要资源，布尔给定[重复] mysql php
2014-08-28 02:57

回答 3 已采纳 Be consistent on using mysqli_* functions otherwise it will mess up your program. So use mysqli_*
PHP警告：mysqli_num_rows（）期望参数1为mysqli_result，boolean给出[duplicate] php
2017-08-26 07:54

回答 1 已采纳 1) Change SELECT * FROM 'user'.. to SELECT * FROM user... Single quotes are not allowed to enclose
warning: mysql_fetch_array_php提示Warning:mysql_fetch_array() expects的解决方法，expects
2021-01-19 04:39

weixin_39753584的博客 php提示Warning:mysql_fetch_array() expects的解决方法，expects本文实例讲述了php提示Warning mysql_fetch_array() expects的解决方法，分享给大家供大家参考。具体分析如下：在mysql数据库连接时碰到Warning: ...
PHP MySQL数据被插入，仍然得到警告：mysqli_fetch_array（）期望参数1是mysqli_result，[重复]中给出的布尔值 mysql php
2015-03-16 21:26

回答 1 已采纳 To check if an insert has been successful, you should check number of rows affected In your code
php提示Warning:mysql_fetch_array() expects的解决方法
2021-04-11 13:58

CRMEB定制开发的博客在mysql数据库连接时碰到Warning: mysql_fetch_array() expects …错误提示,根据我的经验这个是sql返回的query为空了,我们没有加己判断直接使用了. mysql_fetch_array()函数导致的,下面我们一起来看问题解决方案,我...
mysql_fetch_array 失败_Warning: mysql_fetch_array() 错误
2021-03-03 23:46

weixin_39789094的博客 Warning: implode() [function.implode]: Bad ... in E:\web_www\adser\ads_dayview.php on line 67Warning: Variable passed to each() is not an array or object in E:\web_www\adser\ads_dayview.php on ...
没有解决我的问题, 去提问

悬赏问题

¥17 pro*C预编译“闪回查询”报错SCN不能识别
¥15 微信会员卡接入微信支付商户号收款
¥15 如何获取烟草零售终端数据
¥15 数学建模招标中位数问题
¥15 phython路径名过长报错不知道什么问题
¥15 深度学习中模型转换该怎么实现
¥15 HLs设计手写数字识别程序编译通不过
¥15 Stata外部命令安装问题求帮助！
¥15 从键盘随机输入A-H中的一串字符串，用七段数码管方法进行绘制。提交代码及运行截图。
¥15 TYPCE母转母，插入认方向

如何解决这个错误：mysql_fetch_array（）期望参数1是mysqli_result

1条回答 默认 最新

悬赏问题

1条回答默认最新