这是我在php中使用的错误的mysql查询吗?
$tablenamep = $_POST["tablenamep"]; $res = mysqli_query($con, "SELECT * FROM `$tablenamep` WHERE number=9");所以当我尝试使用以下方法获取结果时:
while ($row = mysqli_fetch_assoc($res))有一个sql注入错误: mysqli_fetch_assoc()期望参数1是mysqli_result,给出布尔值
我已经阅读了有关此错误的几个问题和答案,但我的问题是为什么查询返回一个布尔值,当我甚至为$ tablenamep变量添加了一个值。 我使用以下代码从我的Android应用程序中将值添加到变量中:
nameValuePairs.add(new BasicNameValuePair("tablenamep", msg));代码工作,并没有任何错误,但我的Android应用程序崩溃当我试图得到PHP的结果。 我该怎么解决这个问题! (注意:我的Android应用程序没有任何问题,我已经彻底检查了它)
为什么这是一个糟糕的查询? 我可以做什么让Query不返回布尔值,并返回实际值?
Is this a bad mysql query i used in php?
$tablenamep = $_POST["tablenamep"]; $res = mysqli_query($con, "SELECT * FROM `$tablenamep` WHERE number=9");So when i try to fetch the result using:
while ($row = mysqli_fetch_assoc($res))There is an sql injection error : mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given
I have read several questions and answers regarding this error, but my question is why is the query returning a boolean, when i have even added a value to $tablenamep variable. I added the value to the variable from my android app using this code :
nameValuePairs.add(new BasicNameValuePair("tablenamep", msg));The codes are working and there aren't any errors, but my android app is crashing when i try to get the result of the php. How can i solve this! (NOTE : there is nothing wrong in my android app, i've thoroughly checked it)
Why is this a bad query? What can i do for the Query to not return a boolean, and return the actual value?
最满意答案
我想你的$res = mysqli_query($con, "SELECT * FROM $ tablenamep WHERE number=9"); 返回失败。
正如技术细节表中所述
对于成功的SELECT,SHOW,DESCRIBE或EXPLAIN查询,它将返回一个mysqli_result对象。 对于其他成功的查询,它将返回TRUE。 失败时错误
mysqli_fetch_assoc()函数需要mysqli_result但是查询失败了,为什么它返回boolean而不是object。
I guess your $res = mysqli_query($con, "SELECT * FROM$tablenamepWHERE number=9"); returns fails.
As what stated here in TECHNICAL DETAILS TABLE
For successful SELECT, SHOW, DESCRIBE, or EXPLAIN queries it will return a mysqli_result object. For other successful queries it will return TRUE. FALSE on failure
mysqli_fetch_assoc() function needs mysqli_result but the query fails that why it returns boolean instead of object.
更多推荐
发布评论