mysqli_fetch_assoc() 期望参数 1 是 mysqli_result,while 循环中给出的字符串
[英]mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, string given in while-loop
问题描述
I currently have this code but it gives me the error mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, string given on line 22
我目前有这个代码,但它给了我错误mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, string given on line 22
The code is this:代码是这样的:
1 $servername = "localhost";
2 $user = "root";
3 $pass = "";
4 $db = "mafioso";
5
6 $con = mysqli_connect($servername, $user, $pass, $db);
7
8 $cash_utbetaling[0] = 50000000;
9 $cash_utbetaling[1] = 40000000;
10 $cash_utbetaling[2] = 30000000;
11 $cash_utbetaling[3] = 20000000;
12 $cash_utbetaling[4] = 10000000;
13
14 $kuler_utbetaling[0] = 25;
15 $kuler_utbetaling[1] = 20;
16 $kuler_utbetaling[2] = 15;
17 $kuler_utbetaling[3] = 10;
18 $kuler_utbetaling[4] = 5;
19
20 $i = 0;
21 $result = mysqli_query($con, "SELECT * FROM daily_exp ORDER BY exp DESC LIMIT 5");
22 while($row_best = mysqli_fetch_assoc($result)) {
23
24 $acc_id = $row_best['acc_id'];
25
26 $sql = "SELECT * FROM accounts WHERE ID='".$acc_id."'";
27 $query = mysqli_query($con, $sql) or die (mysqli_error());
28 $row_top5 = mysqli_fetch_assoc($query);
29
30 $result = "UPDATE accounts SET money = (money + ".$cash_utbetaling[$i]."),
bullets = (bullets + ".$kuler_utbetaling[$i].") WHERE ID = ".$acc_id."";
31 mysqli_query($con, $result) or die("Bad query: $result");
32
33 $i++;
34 }
I can't seem to find the error, I am running the same code in another file and there is no issues.我似乎找不到错误,我在另一个文件中运行相同的代码并且没有问题。
2 个解决方案
解决方案1
2 已采纳 2020-02-04 14:59:29
You are overwritting $result你正在覆盖$result
// This is supposed to be
// a mysqli_result object ----------v-----v
while($row_best = mysqli_fetch_assoc($result))
{
// some code
// $result is now a string. Next iteration will raises the warning
$result = "UPDATE accounts SET ...";
}
So you need to give your variables distinct names.所以你需要给你的变量不同的名字。 Naming a query $result is not the best choice.命名查询$result不是最好的选择。
Side note.边注。
Your inner queries are vulnerable to SQL injections.您的内部查询容易受到 SQL 注入的影响。 One should use prepared statements instead of concatening strings.应该使用准备好的语句而不是连接字符串。
In example :例如:
// prepare the query
$query = "SELECT * FROM accounts WHERE ID=?";
if ($stmt = mysqli_prepare($con, $query)) {
// bind the param
mysqli_stmt_bind_param($stmt, "s", $acc_id);
// execute the query
mysqli_stmt_execute($stmt);
// get the result. Of course, avoir using the same variable name, again :)
$result = mysqli_stmt_get_result($stmt);
}
For more informations about prepared statements with mysqli, read the official documentation or the tutorials written by @YourCommonSense有关使用 mysqli 准备好的语句的更多信息,请阅读官方文档或@YourCommonSense编写的教程
解决方案2
1 2020-02-04 15:02:54
Your main problem here is that you called the SQL query variable the same name as the result you used in the while loop.您在这里的主要问题是您将 SQL 查询变量称为与您在 while 循环中使用的结果相同的名称。 You overwrite it with a string on line 30:你在第 30 行用一个字符串覆盖它:
30 $result = "UPDATE accounts SET money = (money + ".$cash_utbetaling[$i]."),
bullets = (bullets + ".$kuler_utbetaling[$i].") WHERE ID = ".$acc_id."";
The easy answer is it was a typo, but you made many more mistakes.简单的答案是这是一个错字,但你犯了更多的错误。
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$con = mysqli_connect("localhost", "root", "", "mafioso");
$con->set_charset('utf8mb4');
$cash_utbetaling[0] = 50000000;
$cash_utbetaling[1] = 40000000;
$cash_utbetaling[2] = 30000000;
$cash_utbetaling[3] = 20000000;
$cash_utbetaling[4] = 10000000;
$kuler_utbetaling[0] = 25;
$kuler_utbetaling[1] = 20;
$kuler_utbetaling[2] = 15;
$kuler_utbetaling[3] = 10;
$kuler_utbetaling[4] = 5;
$i = 0;
$result = mysqli_query($con, "SELECT * FROM daily_exp ORDER BY exp DESC LIMIT 5");
$daily_exp = $result->fetch_all(MYSQLI_ASSOC);
// prepare update
$stmt = $con->prepare('UPDATE accounts SET money = (money + ? ), bullets = (bullets + ? ) WHERE ID=?');
foreach ($daily_exp as $row_best) {
$stmt->bind_param('sss', $cash_utbetaling[$i], $kuler_utbetaling[$i], $row_best['acc_id']);
$stmt->execute();
$i++;
}
- You need to enable error reporting instead of using
or die (mysqli_error()), which would never work, because of missing argument.您需要启用错误报告,而不是使用or die (mysqli_error()),因为缺少参数,这永远不会起作用。 - Don't use while loop to go through the results.不要使用 while 循环来查看结果。 It is much better to fetch all the records at once or loop on the result using
foreach.一次获取所有记录或使用foreach循环结果要好得多。 If you used my suggestion, then most likely you would avoid your typo at all.如果您使用了我的建议,那么您很可能会完全避免打字错误。 - You must use prepared statements.您必须使用准备好的语句。 In your code the values are integers and constant, but I assume you would use variable input at some point, which means you need to use placeholders and parameters.在您的代码中,值是整数和常量,但我假设您会在某个时候使用变量输入,这意味着您需要使用占位符和参数。
- The SELECT query inside the loop wasn't doing anything, so I removed it from my answer.循环内的 SELECT 查询没有做任何事情,所以我从我的答案中删除了它。
- You should strive to avoid N+1 queries problem.您应该努力避免 N+1 查询问题。 Try doing the same in one query only if possible.仅在可能的情况下尝试在一个查询中执行相同的操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.