PHP 警告:mysqli::query():无法获取 mysqli [英] PHP Warning: mysqli::query(): Couldn't fetch mysqli

问题描述

这是我当前的代码:

<?php 
$key = $_REQUEST['key'];
$url = $_REQUEST['url'];

include_once '../../dbconnect.php';

$query = $conn->query("SELECT * FROM members WHERE apikey='$key' && status='Active'");
$userRow=$query->fetch_array();
$conn->close();

/// Verify the URL starts with http:// or https://
if (0 === strpos($url, 'http://') || 0 === strpos($url, 'https://')) {
$url = $url;
} else {
$url = "http://$url";
}

/// Verify the key is 32 characters
if (!preg_match('/[^A-Za-z0-9]/', $key) && (strlen($key) == 32)) {

/// Verify the URL isn't malicious
if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) {
    die('Error:  Invalid URL');
} else {

if ($userRow['status'] === 'Active') {

function generateRandomString($length = 8) {
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $charactersLength = strlen($characters);
    $randomString = '';
    for ($i = 0; $i < $length; $i++) {
        $randomString .= $characters[rand(0, $charactersLength - 1)];
    }
    return $randomString;
}

$redirect = generateRandomString();

$addshort = $conn->query("INSERT INTO short_".$redirect[0]." (redirect, apikey, url) VALUES ('".$redirect."','".$key."','".$url."')");

if ($conn->query($addshort) === TRUE) {
echo "added correctly";
} else {
echo "there was an error";
}

$conn->close();

} else {
echo "Error:  Account Not Active";
}

}

} else {
die('Error:  Invalid API Key');
}
?>

这是错误日志:

[18-Oct-2016 12:21:31 America/New_York] PHP Warning:  mysqli::query(): Couldn't fetch mysqli in /home/username/public_html/subdomains/url/index.php on line 40
[18-Oct-2016 12:21:31 America/New_York] PHP Warning:  mysqli::query(): Empty query in /home/username/public_html/subdomains/url/index.php on line 42
[18-Oct-2016 12:21:31 America/New_York] PHP Warning:  mysqli::close(): Couldn't fetch mysqli in /home/username/public_html/subdomains/url/index.php on line 48

你可以在第7行看到我第一次连接数据库的地方:

You can see on the 7th line where I connect to the database for the first time:

$query = $conn->query("SELECT * FROM members WHERE apikey='$key' && status='Active'");

那条线正在起作用.但是，我第二次连接以执行 INSERT 时，出现上述错误:

And that line is working. However, the second time I'm connecting to do an INSERT, I'm getting the above errors:

$addshort = $conn->query("INSERT INTO short_".$redirect[0]." (redirect, apikey, url) VALUES ('".$redirect."','".$key."','".$url."')");

我是否因为长时间盯着这段代码而遗漏了什么?

Is there something I'm missing from just staring at this code for too long?

推荐答案

你的连接已经关闭，执行第一个SELECT语句后，表示连接提前关闭:

Your connection has been closed, after execution of first SELECT Statement, it means connection closed to early:

$conn->close();

您需要在所有查询或重新建立连接后使用 close().第一个是更好的选择.

You need to use close() after your all queries or re build connection. ist one is the better option.

您正在获取用户输入 $_REQUEST['key']，这意味着您的查询已开放进行 SQL 注入，这将帮助您了解如何使用 SQL 阻止您的代码注入:如何防止 PHP 中的 SQL 注入?

You are getting user input $_REQUEST['key'], it means your query is open for SQL injection, this will help you to understand how can you prevent your code with SQL injection: How can I prevent SQL injection in PHP?

这篇关于PHP 警告:mysqli::query():无法获取 mysqli的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！