1. 首頁
  2. 問答
  3. PHP MySQL的未定義指數和其他錯誤,遇到了麻煩我的腳本才能正確運行

PHP MySQL的未定義指數和其他錯誤,遇到了麻煩我的腳本才能正確運行

2013-05-01 27 views
0

,我有2個未定義的索引錯誤和無效的參數提供的錯誤,對我的生活,我不能明白,爲什麼我得到。 2個未定義的索引錯誤來自這些行。PHP MySQL的未定義指數和其他錯誤,遇到了麻煩我的腳本才能正確運行

if(!is_null($_GET['order']) && $_GET['order'] != 'courseTitle') 


if (!is_null($_GET['page']))

和我的無效的參數錯誤是這樣

警告:從這個

生成

爲的foreach()提供參數無效

<?php foreach ($books as $book) : ?>

我的兩個類之間的完整代碼是這個..我做了什麼錯誤的任何想法?把我的頭髮撕掉。

index.php 
<!DOCTYPE html> 
<html> 
    <head> 
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
     <title>Catalog</title> 
    </head> 
    <body bgcolor="white"> 
     <?php 
      ///////////////////////////////////////////////// 
      //connect to db 
      ///////////////////////////////////////////////// 
      $dsn = 'mysql:host=localhost;dbname=book_catalog'; 
      $username = "php"; 
      $password = "php"; 
      $db = new PDO($dsn, $username, $password); 

      //get data 
      if(!is_null($_GET['order']) && $_GET['order'] != 'courseTitle') 
      { 
       $thesort = $_GET['order']; 
       $query = "Select * FROM book 
       INNER JOIN course 
       ON book.course = course.courseID 
       ORDER BY ".$_GET['order']; 
      } 
      else 
      { 
       $thesort = "courseTitle"; 
       $query = "Select * FROM book 
       INNER JOIN course 
       ON book.course = course.courseID 
       ORDER BY $thesort"; 
      } 

      //if page is null go to first page otherwise query for correct page 
      if (!is_null($_GET['page'])) 
      { 
       $query = $query." LIMIT ".($_GET['page']*8-8).", 8"; 
      } 
      else 
      { 
       $query = $query." LIMIT 0, 8"; 
      } 

      //query result 
      $books = $db->query($query); 

      //get number of overall rows 
      $query2 = $db->query("SELECT * FROM book"); 
      $count = $db->query("SELECT Count(*) As 'totalRecords' FROM book"); 
      $count = $count->fetch(); 
      $count = $count['totalRecords']; 
     ?> 

     <table border =" 1"> 
      <tr> 
       <th bgcolor="#6495ed"><a href="?order=course">Course #</th> 
       <th bgcolor="#6495ed"><a href="?order=courseTitle">Course Title</th> 
       <th bgcolor="#6495ed"><a href="?order=bookTitle">Book Title</th> 
       <th bgcolor="#6495ed"></th> 
       <th bgcolor="#6495ed"><a href="?order=price">Price</th> 
      </tr> 
      <?php foreach ($books as $book) : ?> 
      <tr> 
       <td><a href="rsc/catalog.pdf"><?php echo $book['course']; ?></a></td> 
       <td><?php echo $book['courseTitle']; ?></td> 
       <td><?php echo $book['bookTitle']; ?></td> 
       <td><?php 
       $bookcourse = $book['course']; 
       $isbn = $book['isbn13']; 
       $booklink = "<a href=\"course.php?course=$bookcourse&isbn=$isbn\">"; 
       echo $booklink ;?><img src='images/<?php echo $book['isbn13'].'.jpg'; ?>'></a></td> 
       <td><?php echo $book['price']; ?></td> 
      </tr> 
      <?php endforeach; ?> 
      </tr> 
     </table> 
     <?php 
     //paging function... not sure if it works correctly? 
      for ($j=1; $j <= ceil($count/8); $j++) 
      { ?> 

      <a href=<?php echo "?page=".$j."&order=".$thesort; ?>><?php echo $j; ?></a> 
      <?php 
      }?> 
    </body> 
</html> 


**course.php** 

<?php 

    //get data from index.php 
    $course = $_GET['course']; 
    $isbn = $_GET['isbn'];  

     //connect to db 
     $dsn = 'mysql:host=localhost;dbname=book_catalog'; 
     $username = "php"; 
     $password = "php"; 
     $db = new PDO($dsn, $username, $password); 

     //get data 
     $query = "Select * FROM book, course, author, publisher 
    WHERE book.isbn13 = $isbn AND book.course = '$course' AND book.course = course.courseID AND book.bookID = author.bookID AND book.publisher = publisher.publisherID 
      ORDER BY book.bookID"; 

     //query results   
     $books = $db->query($query); 

     //error troubleshooting 
      if (!$books) { 
      echo "Could not successfully run query ($query) from DB: " . mysql_error(); 
      exit; 
      } 


     //count the number of rows in the result 
     $results = $books->fetchAll(); 
     $rowCount = count($book); 

     //get data from results 
     foreach($results as $book){ 
      $bookID = $book['bookID']; 
      $bookTitle = $book['bookTitle']; 
      $isbn = $book['isbn13']; 
      $price = $book['price']; 
      $desc = $book['description']; 
      $publisher = $book['publisher']; 
      $courseTitle = $book['courseTitle']; 
      $courseID = $book['courseID']; 
      $credits = $book['credit']; 
      $edition = $book['edition']; 
      $publishDate = $book['publishDate']; 
      $length = $book['length']; 
      $firstName = $book['firstName']; 
      $lastName = $book['lastName']; 

     } 

     if($numrows > 1) 
      { 
       foreach ($books as $book) 
       { 
        $authorArray[] = $book['firstName'] + ' ' + $book['lastName']; 
       } 
      } 





?> 

<!DOCTYPE html> 
<html> 
    <head> 
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
     <title>CIS Department Book Catalog</title> 
    </head> 
    <body bgcolor=white"> 

     <table border="0"> 
      <tr> 
       <td> 
        <img src='images/<?php echo $isbn.'.jpg'; ?>'> 
       </td> 
       <td> 
     <?php 
     echo "For Course: $courseID $courseTitle ($credits)"; 
     echo "</br>";  
     echo "Book Title: $bookTitle"; 
     echo "</br>";  
     echo "Price: $price"; 
     echo "</br>";  
     echo "Author"; 
     if ($numResults > 1) 
     { 
      echo "s:"; 
      for ($i = 0; $i < $numResults; $i++) 
      { 
       if ($i!=0) 
       echo ", $authorArray[i]"; 
       else 
        echo $authorArrat[i]; 
      } 
     } 
     else 
      echo ": $firstName, $lastName"; 

     echo "</br>";  
     echo "Publisher: $publisher"; 
     echo "</br>";  
     echo "Edition: $edition ($publishDate)"; 
     echo "</br>";  
     echo "Length: $length pages"; 
     echo "</br>";  
     echo "ISBN-13: $isbn"; 
     ?> 
       </td> 
      </tr> 
      <tr> 
       <td colspan="2"> 
        <?php echo "Description: $desc"; ?> 
       </td> 
      </tr> 
     </table> 

    </body> 

</html>

來源

2013-05-01 john

+1

你在做什麼是非常不安全的。您已經在使用PDO,因此您開始使用準備好的查詢並不困難。就像現在這樣,你對**注入攻擊很**,如果你還沒有被攻擊,你將被黑客攻擊**。 – Brad 2013-05-01 03:06:22

+0

你爲什麼用is!而不是isset? – 2013-05-01 03:06:34

回答

1

  1. 您應該使用issetis_null保持它警告有關未定義變量。

  2. $books從未定義 它的定義,只是不正確的...... foreach需要它是一個數組。無論如何,你真的不需要它,用while循環取出每一行到數組中。 (請參閱下面的示例)。您還在查詢中重新定義了多次$count

和@Brad一樣說。使用準備好的語句和佔位符。你的數據庫最終會被你當前的代碼破解。

編輯

回答你的問題。 query()返回一個語句句柄。 (我將它定義爲$sth)。 fetch()返回結果你需要通過提取模式常量之一(或默認早些時候與$db->setFetchMode()定義它)

爲了得到你需要有

$books = array(); 
$sth = $db->query($query); 
while($row = $sth->fetch(PDO::FETCH_ASSOC)) { 
    $books[] = $row; // appends each row to the array 
}

下面是你的代碼書應該看看得到一個計數。

// you're not using the $query2 you defined ... just remove it 
$sth = $db->query("SELECT Count(*) As 'totalRecords' FROM book"); 
$result = $sth->fetch(PDO::FETCH_ASSOC); 
$count = $result['totalRecords'];

看看: http://wiki.hashphp.org/PDO_Tutorial_for_MySQL_Developers看起來像一個很好的指南給你如何使用PDO的深入瞭解。特別注意錯誤處理和準備好的語句!

來源

2013-05-01 03:12:52 Cfreak

+0

嗨,感謝您的反饋,我在代碼中將它更改爲'isset'。至於你的第二部分,我在這一行定義了'$ books','$ books = $ db-> query($ query);'如果在重新定義計數之前很難在代碼中找到它的權利。我是否錯過了有關退貨的情況?它不是數組格式嗎? – john 2013-05-01 03:17:33

+0

編輯我的答案廣泛 – Cfreak 2013-05-01 03:40:44

+0

嘿Cfreak,抱歉bug,希望這是最後一次,但我得到一個錯誤「調用未定義的方法PDO :: fetch()」在你建議的PDO。我對數字和書籍的代碼進行了更改。據我可以告訴PDO :: FETCH_ASSOC是一個常量,並且fetch()被定義?有什麼我需要在我的代碼以前調用正確實現fetch()嗎? – john 2013-05-01 04:07:44

相關問題

 相關問題