由于各种原因,查询可能失败,在这种情况下,mysql_*和mysqli扩展都将返回false它们各自的查询函数/方法。您需要测试该错误条件并相应地处理它。注这个不推荐MySQL函数并已在php版本7中删除。
查帐$result在把它传给mysql_fetch_array。你会发现false因为查询失败。见mysql_query可能返回值的文档以及如何处理这些值的建议。$username = mysql_real_escape_string($_POST['username']);$password = $_POST['password'];$result = mysql_query("SELECT * FROM Users WHERE
UserName LIKE '$username'");if($result === FALSE) {
die(mysql_error()); // TODO: better error handling}while($row = mysql_fetch_array($result)){
echo $row['FirstName'];}$username = mysqli_real_escape_string($mysqli, $_POST['username']);$result = mysqli_query($mysqli, "SELECT * FROM Users WHERE UserName LIKE
'$username'");// mysqli_query returns false if something went wrong with the queryif($result === FALSE) {
yourErrorHandler(mysqli_error($mysqli));}else {
// as of php 5.4 mysqli_result implements Traversable, so you can use it with foreach
foreach( $result as $row ) {
...
欧式:$username = $mysqli->escape_string($_POST['username']);$result = $mysqli->query("SELECT * FROM Users WHERE UserName LIKE '$username'");
if($result === FALSE) {
yourErrorHandler($mysqli->error); // or $mysqli->error_list}else {
// as of php 5.4 mysqli_result implements Traversable, so you can use it with foreach
foreach( $result as $row ) {
...
使用准备好的陈述:$stmt = $mysqli->prepare('SELECT * FROM Users WHERE UserName LIKE ?');if ( !$stmt ) {
yourErrorHandler($mysqli->error); // or $mysqli->error_list}else if ( !$stmt->bind_param('s', $_POST['username']) ) {
yourErrorHandler($stmt->error); // or $stmt->error_list}else if ( !$stmt->execute() ) {
yourErrorHandler($stmt->error); // or $stmt->error_list}else {
$result = $stmt->get_result();
// as of php 5.4 mysqli_result implements Traversable, so you can use it with foreach
foreach( $result as $row ) {
...