I wrote this line of code, but i do not know what happened. I have looked all around the internet for the solution, but none of them seem to fix my issue. I get:
Warning: mysql_query() expects parameter 1 to be string, resource given in /home/mylittle/public_html/style1.php on line 12
yes
When i enter the page. It does not update the style thing in my database. Please help me. I am desperate!
$dbewds = mysql_connect("localhost","mylittle_pony","lol123", "mylittle_pony") or die("Couldn't connect!");
if ($_SESSION['username']) {
$unw = $_SESSION['username'];
$style = 1;
mysql_query($dbewds,"UPDATE `users` SET `style` = '".$style."' WHERE `username` = '".$unw."'");
echo "yes";
} else {
echo "no";
}
?>
$dbewds = mysql_connect("localhost","mylittle_pony","lol123") or die("Couldn't connect!");
mysql_select_db("mylittle_pony");
if (isset($_SESSION['username'])) {
$unw = $_SESSION['username'];
$style = 1;
$query=mysql_query("UPDATE `users` SET `style` = '".$style."' WHERE `username` = '".$unw."'",$dbewds);
if(!$query){
die("query failed".mysql_error());
}
echo "yes";
} else {
echo "no";
}
the connection should be the second variable
I would advise the steps you debug the likely problems next time:
1. try to understand the warning/error message
for example: "mysql_query() expects parameter 1 to be string, resource give", so figure what is a string, what is a resource, according to your code
2. read the manual
go to http://us2.php.net/manual/en/ and search "mysql_query", you can get http://us2.php.net/manual/en/function.mysql-query.php, so figure out how to use the function,
pay attention to the parameters and return, and run the examples under the function intro
3. check your code
btw, mysql_query() will be deprecated as of PHP 5.5.0, MySQLi or PDO_MySQL is better.
Related
if(isset($_POST['submit'])){
$uname=$_POST['username'];
$pwd=$_POST['password'];
$acc_type=$_POST['acc_type'];
$_SESSION['user_type']=$acc_type;
if($acc_type=='Teacher'){
$sql="select userid,password from teacherinfo where userid='$uname'";
}
else if($acc_type=='Student'){
$sql="select userid,password from studentinfo where userid='$uname'";
}
else if($acc_type=='Admin'){
$sql="select userid,password from admininfo where userid='$uname'";
}
$query = mysql_query($sql);
$count = mysql_num_rows($query);
if($count>0){
$row_data = mysql_fetch_row($query);
if($row_data[1]==$pwd){
$_SESSION['userid']=$row_data[0];
$url="profile.php";
header("Location:$url");
}
else{
echo "Password Miss match!";
}
}
else{
echo "User not Found!";
}
}
Notice: Undefined variable: sql in C:\xampp\htdocs\MJ\index.php on line 39 Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\MJ\index.php on line 40
Looking at the code from the PHP website you are not linking your sql statement to the connection you made to your database. Look at the code below and you will see that a variable is create called $link this is then supplied the database to be used and then placed in as a second variable in the sql statement variable $result.
<?php
$link = mysql_connect("localhost", "mysql_user", "mysql_password");
mysql_select_db("database", $link);
$result = mysql_query("SELECT * FROM table1", $link);
$num_rows = mysql_num_rows($result);
echo "$num_rows Rows\n";
?>
You really do, as the comment state, need to stop using mysql and move over to PDO, this site should provide you with enough information to get your started and will secure the statements to the database - https://code.tutsplus.com/tutorials/why-you-should-be-using-phps-pdo-for-database-access--net-12059
Further to this you also need to look at hashing your passwords, currently you are using plain text, this is not secure. Using something like password_hash() - http://php.net/manual/en/function.password-hash.php - would provide a much more secure way of storing passwords. Once they are stored securing you can use password_verify() to check them against supplied passwords in the future.
I have a a form that pulls data from a database(mysql to be specific) and echos the data into the value section of <input> tags. It doesn't seem to be working I have coded a view section of my website to do the same thing but from a different table in my database. I use the same code to make making changes easy and if another developer works on my site in the future. Anyway it doesn't seem to be working I'm not sure why though.
The full error I get:
Warning: mysqli_query() expects parameter 1 to be mysqli, null given in /home/caseol5/public_html/jj/admin/news_update.php on line 9
Here is line 9 that the error is referring to:
$result = mysqli_query($link,$sql);
I know that both of those function are not null as I did:
echo $link
echo $sql
before that line after I started feting the error and they both are not null.
Here is the full code segment:
$nid = $_GET['nid'];
include ("../sql/dbConnect.php");
$sql = "SELECT * FROM jj_news WHERE news_id = $nid";
echo "<p>The SQL Command: $sql </p>";
echo "<p>Link: $link </p>";
$result = mysqli_query($link,$sql);
if (!$result)
{
echo "<h1>You have encountered a problem with the update.</h1>";
die( "<h2>" . mysqli_error($link) . "</h2>") ;
}
$row = mysqli_fetch_array($result);
$ntitle = $row['news_title'];
$ntline = $row['news_titleline'];
$ndesc = $row['news_desc'];
$nother = $row['news_other'];
I have looked into mysqli_query and I can't find anything I'm missing. I have also tired breaking the code down (and running parts of it and it gives the same error. My guess is it something small that I missed. I've looked at other question on this site that do that are a little similar but none seem to help. I've been looking at this for a while now and need another pair of eyes.
Update
As requested the contents of my dbconnect.php file:
$hostname = "localhost";
$username = "caseol5_jjoes";
$database = "caseol5_jj_site";
$password = "password1";
$link = mysqli_connect($hostname, $username, $password, $database);
$link = mysqli_connect($hostname,$username,$password,$database) or die("Error " . mysqli_error($link));
if (!$link)
{
echo "We have a problem!";
}
As clearly stated in the error message, mysqli_querydocs expects the first parameter to be a mysqli resource. In your case, this parameter is called $link but it holds a null value. A proper mysqli resource is normally obtained from connecting with the database by making use of mysqli_connectdocs
I expect the ../sql/dbConnect.php file holds the logic to connect with the database. Verify whether the $link variable is indeed initialized there. If it's not there, try to find an occurrence of mysqli_connect - maybe the resource is set to a different variable.
Without knowing what exactly is in ../sql/dbConnect.php, your problem right now is that you do not have a valid mysqli resource to use for mysqli_query.
I have a problem, so I want to do that if by chance the user searched on and the code for it was no longer activated. In this way, I made a simple code:
$loginu = $_SESSION['login'];
$query = "SELECT `usrlogin`,`idcode` FROM `aktywacja` WHERE idcode = $numer AND usrlogin = $loginu ";
$result2 = mysql_query($query);
echo mysql_error();
if (mysql_num_rows($result2) == 0) {
not found
}
else {
found
}
and crashes me the following errors
Unknown column 'Kamil' in 'where clause'
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\kod.php on line 56
Where in this case I made a mistake?
Please help,
greet.
Just make sure that those strings are wrapped with quotes if they are not integers:
WHERE idcode = $numer AND usrlogin = '$loginu'
And make sure that this variable $numer is indeed defined, since in your question there is no definition of it.
Obligatory note:
Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.
Here's what it would look like when used in mysqli with prepared statements:
$loginu = $_SESSION['login'];
$numer = // make sure this is defined!
$db = new mysqli('localhost', 'username', 'password', 'database_name');
$query = "SELECT `usrlogin`,`idcode` FROM `aktywacja` WHERE idcode = ? AND usrlogin = ?";
$select = $db->prepare($query);
// binding them
$select->bind_param('is', $numer, $loginu);
$select->execute();
if($select->num_rows > 0) {
// found
} else {
// not found
}
check this code and if condtion check to not blank a session data.
and check a query value is yes to found and else to not found print.
$loginu = $_SESSION['login'];
if(isset($loginu))
{
$query="SELECT `usrlogin`,`idcode` FROM `aktywacja` WHERE idcode='".$numer."' AND usrlogin ='".$loginu."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0)
{
echo "found";
}
else
{
echo "not found";
}
}
Try changing this line in you query
WHERE idcode='".$numer."' AND usrlogin ='".$loginu."'
I'm trying to get email validation working. So my PHP code is firing off a query that that should return if it has any rows with the matching email. If 1 row is returned it then returns an error message, that I have else where in my code and sets my valid boolean to false.
However, I'm getting this error "Warning: mysql_num_rows() expects parameter 1 to be resource, object given in"
I think I'm using mysql_num_rows() wrong, but I'm new to php/mysql :( I can't seem to figure it out.
Here's the relevant sections of my code.
$conn = #mysqli_connect("server","user","pass","database");
if (!$conn) {
// Displays an error message
echo "<p>Database connection failure</p>";
////
$sql_table="Customer";
$query="SELECT * FROM $sql_table WHERE EMAIL = '$email'";
$result = mysqli_query($conn, $query);
if (mysql_num_rows($result) >= 1) { //<-- Offending line
$takenErr = "Email already taken ";
$valid = false; }
if (!$result) {
echo "<p> something is wrong with ", $query, "<p>";
}
Thanks guys/gals! :).
You can use
$row_cnt = $result->num_rows;
or
mysqli_num_rows($result);
you are using mysqli driver so use it at all times.
You are mixing mysqli_* and mysql_* function.
Try this :
if (mysqli_num_rows($result) > 0) {
$takenErr = "Email already taken ";
$valid = false;
}
For more information please read this mysqli_*
I am using a simple PHP script for the activation part of one of my applications. The applications posts one variable to the page (http://validate.zbrowntechnology.info/WebLock.php?method=validate). The variable is the serial number, posted as 'Serial'. Each time I post to this page, it returns Invalid. Here is the code:
<?php
$serial = $_POST['Serial'];
$method = $_GET['method'];
$con = mysql_connect("HOSTHERE", "USERHERE", "PASSHERE");
if(!$con) {
die('Unable to connect to MySQL: ' . mysql_error());
}
if($method == "validate") {
mysql_select_db("zach_WebLock", $con);
$query = "SELECT Key, Status FROM Validation WHERE Key='".mysql_real_escape_string($serial)."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0) {
echo "Valid";
} else {
echo "Invalid";
}
} else {
echo "Unkown Method";
}
?>
Here Is The Error From PHP,
PHP Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given
Right after the query use mysql_error() to see what happened. And Key is a bad choice for a column name because it's a reserved word in SQL. You can enclose it in `` to tell MySQL it's an identifier. Do some more debugging like this:
...
if (!mysql_select_db("zach_WebLock", $con)) die('mysql_select_db failed');
$query = "SELECT `Key`, Status FROM Validation WHERE `Key`='".mysql_real_escape_string($serial)."'";
print "query=$query<br>\n";
$result = mysql_query($query, $con);
print "error=" . mysql_error($con);
...
You're missing a closing parenthesis on this line:
if(mysql_num_rows($result) > 0 {
Is that missing in your code or just your question?
You may also want to add
if (!$result) {
print mysql_error();
}
after your query
Try Like This
$query = "SELECT Key, Status FROM Validation WHERE Key='".$serial."'";
What happens if at the last line you add this?
else echo 'Unknown method';
What may be happening is that $_POST and $_GET are not getting populated, this is a setting in php.ini, if I remember correctly (search for "superglobals" in the php docs).
edit: also, you have a very bad security risk there, google "sql injection". Basically the problem is that you could get any SQL directly into your database, and if the php user has enough permissions it could mean that anyone can, for example, delete all the data from your Validation table. You should at least do something like this:
$query = "SELECT Key, Status FROM Validation WHERE Key='".addslashes($serial)."'";
It could be a typo but you are missing a closing parenthesis here:
if(mysql_num_rows($result) > 0 {
^
And you might have turned off you error reporting, in which case you get a blank page.
Try echoing $serial:
echo $serial;
And is it what you typed in form?