我正在尝试使用mysqli函数(CODE 2)重写现有代码CODE 1。但它不起作用。有人可以帮助纠正这个问题吗?
代码1(旧代码 - 工作)
<?php
if(isset($_POST['thename']) === true && empty($_POST['thename']) === false) {
require'../db/connection.php';
$query = ("SELECT 'photos'.'theurl' FROM 'photos' WHERE 'photos'.'thename' = '" . mysql_real_escape_string(trim($_POST['thename'])) . "'");
echo(mysql_num_rows($query) !== 0) ? mysql_result($query, 0, 'theurl') : 'Not found';
代码2(新的 - 不工作)
<?php
if(isset($_POST['thename']) === true && empty($_POST['thename']) === false) {
$getVal = mysqli_real_escape_string($Conn_db, trim($_POST['thename']));
require_once('../db/connection.php');
$query = ("SELECT 'photos'.'theurl' FROM 'photos' WHERE 'photos'.'thename' = '" . $getVal . "'");
$result = mysqli_query($Conn_db, $query);
$queryA = ("SELECT id FROM photos");
$resultA = mysqli_query($Conn_db, $queryA);
$row_cnt = $resultA->num_rows;
echo($row_cnt !== 0) ? mysqli_result($result, '0', 'theurl') : 'Not found.';
}
function mysqli_result($result, $ro, $field) {
$result->data_seek($ro);
$datarow = $result->fetch_array();
return $datarow[$field];
}
答案 0 :(得分:2)
尝试更改以下行的顺序:
$getVal = mysqli_real_escape_string($Conn_db, trim($_POST['thename']));
require_once('../db/connection.php');
它应该如下所示,因为mysqli_real_escpae_string()
要求在被调用之前创建数据库连接:
require_once('../db/connection.php');
$getVal = mysqli_real_escape_string($Conn_db, trim($_POST['thename']));
答案 1 :(得分:0)
你的代码在mysql和mysqli中都没有意义。
最好将其重写为safeMysql:
<?php
if(!empty($_POST['thename'])) {
require'../db/safemysql.class.php';
$db = new safeMysql();
$url = $db->getOne("SELECT theurl FROM photos WHERE thename = ?s", $_POST['thename']);
echo ($url) ? $url : 'Not found';
}