我在下面的代码中遇到了问题。出现的问题是搜索引擎错误
“通知:未定义变量:i。在C:上 线\瓦帕\ WWW \搜索\的search.php 21”
和
“警告:mysql_num_rows()期望参数1是资源,在第34行的C:\ wamp \ www \ search \ search.php中给出布尔值 。
线路21 $i++;
34号线是$num_rows = mysql_num_rows($query)
<body>
<h2>Search Engine</h2>
<form action='./search.php' method='get'>
<input type='text' name='k' size='50' value='<?php echo $_GET['k'] ?>' />
<input type='submit' value='Search'/>
</form>
<hr />
<?php
$k = $_GET['k'];
$terms = explode(" ", $k);
$query = "SELECT * FROM search WHERE ";
foreach ($terms as $each){
$i++;
if($i == 1)
$query .= "keywords LIKE '%$each%' ";
else
$query .= "OR keywords LIKE '%$each%' ";
}
//connect
mysql_connect("localhost", "root", "password");
mysql_select_db("search");
$query = mysql_query($query);
$num_rows = mysql_num_rows($query);
if ($num_rows > 0){
while($row = mysql_fetch_assoc($query)){
$id = $row['id'];
$title = $row['title'];
$description = $row['description'];
$keywords = $row['Keywords'];
$link = $row['link'];
echo "<h2><a href='$link'>$title</a></h2>
$description<br /><br />";
}
}
else
echo "No results found for \"<b>$k</b>\"";
//disconnect
mysql_close();
?>
</body>
有谁知道如何解决它?
** **警告:您输出来自所述URI的数据直接进入页面,因此容易受到[XSS](HTTP://en.wikipedia .org/wiki/Cross-site_scripting) – Quentin
您正在使用[an **过时的**数据库API](http://stackoverflow.com/q/12859942/19068),并应使用[现代替换](http:///php.net/manual/en/mysqlinfo.api.choosing.php)。你也**易受[SQL注入攻击](http://bobby-tables.com/)**,现代的API会使[防御]更容易(http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php)自己从。 – Quentin