This question already has answers here:
Can I mix MySQL APIs in PHP?
(4 answers)
Closed 1 year ago.
I am currently experiencing issues with the following script. Upon execution of the script, I do recieve the message "Connection was OK!" however, then I also receive the following messages:
Warning: mysql_query() expects parameter 2 to be resource, object
given in /opt/lampp/htdocs/worldofclucky.net/scripts/auth.php on line
11
Warning: mysql_fetch_array() expects parameter 1 to be resource, null
given in /opt/lampp/htdocs/worldofclucky.net/scripts/auth.php on line
12
Any idea what I am doing wrong? I am far from a PHP/MySQL expert, I wouldn't really even consider my self a novice... I did do some testing and the $username variable is sending from the previous page correctly and when typing SELECT * FROM forum.mybb_users WHERE username = 'x_clucky' LIMIT 1 into the MySQL client, it gives all of the information you would expect to get. The PHP code is as follows:
<?php
$username=$_POST["username"];
$hashed_password = md5($_POST['password']); /* For MyBB its $mybb->input['password'] */
$con=mysqli_connect("worldofclucky.net","clucky","CENSORED","forum");
// Check connection
if (mysqli_connect_errno($con))
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
} else { echo "Connection was OK!\n";}
$query = mysql_query("SELECT * FROM mybb_users WHERE `username` = '$username' LIMIT 1",$con);
$row = mysql_fetch_array($query);
$encrypted_password = md5(md5($row['salt']).$hashed_password);
if($encrypted_password == $row['password']) {
echo "<script>alert('test');</script>";
}
mysqli_close($con);
?>
Thank you in advanced for your help
change mysql to mysqli and use below kind of query. You can't use mysql and mysqli altogether.
$query = mysqli_query($con, "SELECT * FROM mybb_users WHERE `username` = '$username' LIMIT 1");
$row = mysqli_fetch_array($query);
From a quick look it seems like you are using mysqli functions to connect and then mysql functions to make the actual query. mysql_* functions are now deprecated.
Related
This question already has answers here:
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, object given in
(3 answers)
Closed 7 years ago.
<?php
if (isset($_GET['hash'])&&!empty($_GET['hash'])){
$hash = $_GET['hash'];
$message_query = "SELECT from_id, message FROM message WHERE hash='$hash'";
$run_messages = mysqli_query($con,$message_query);
while($row_messages = mysqli_fetch_array($con,$run_messages)){
$form_id = $row_messages['from_id'];
$message = $row_messages['message'];
$user_query = "SELECT username FROM admins WHERE id='$from_id'";
$run_user = mysqli_fetch_array($con,$user_query);
$from_username = $run_user['username'];
echo "<p><strong>$from_username</strong></p></br>";
}
}else{
header('Location: messages.php');
}
?>
I'm getting this error message:
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result,
object given on line 6
Here's line 6 & as you can see I have already included the $con which is my database connection.
while($row_messages = mysqli_fetch_array($con,$run_messages)){
mysqli_fetch_array
mysqli_fetch_array ( mysqli_result $result [, int $resulttype =
MYSQLI_BOTH ] )
First parameter is Specifies a result set identifier returned by mysqli_query() and second parameter is result type
Remove connection as first parameter
It would be
$row_messages = mysqli_query($run_messages,MYSQLI_ASSOC);
Your code is open for sql injection better use bind statement
http://php.net/manual/en/mysqli-stmt.bind-param.php
To check error in your connection and query use
/* check connection */
if ($mysqli->connect_errno) {
printf("Connect failed: %s\n", $mysqli->connect_error);
exit();
}
if (!$mysqli->query("SET a=1")) {
printf("Errormessage: %s\n", $mysqli->error);
}
http://php.net/manual/en/mysqli.error.php
In second query you use
$user_query = "SELECT username FROM admins WHERE id='$from_id'";
TYPO here
$form_id !=$from_id
Change this to
$user_query = "SELECT username FROM admins WHERE id=' $form_id'";
<?php
if (isset($_GET['hash'])&&!empty($_GET['hash'])){
$hash = mysqli_escape_string($con, $_GET['hash']);
$message_query = "SELECT from_id, message FROM message WHERE hash='$hash'";
$run_messages = mysqli_query($con,$message_query);
while($row_messages = mysqli_fetch_array($run_messages, MYSQLI_ASSOC)){
$from_id = $row_messages['from_id'];
$message = $row_messages['message'];
$user_query = "SELECT username FROM admins WHERE id='$from_id'";
$query_run = mysqli_query($con, $user_query);
$run_user = mysqli_fetch_array($query_run, MYSQLI_ASSOC);
$from_username = $run_user['username'];
echo "<p><strong>$from_username</strong></p></br>";
}
}else{
header('Location: messages.php');
}
?>
Essentially mysqli_fetch_array has one required parameter which is the result of a query and an optional query of the result type. $run_messages is the result of the first query and will be used for the execution of mysql_fetch_array and MYSQLI_ASSOC is the optional type that you will be using so you can access the values in $row_messages like you do.
Read mysqli_fetch_array for more information.
Also, please remember to escape user valued with mysqli_escape_string before allowing the data to be queried into the database. This reduces the chance of SQLi.
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 7 years ago.
i am trying to check a data existence from mysql table but following script not working. bellow my codes are provided please find out where is my mistake there.
<?php
//including the database files
include("../inc/settings.php");
$email = $_POST['email'];
$password = $_POST['password'];
$query = mysql_query("SELECT easy123 FROM users WHERE email=$email", $conn);
if (mysql_num_rows($query) != 0)
{
echo "Username already exists";
}
else
{
echo "this username not used";
}
?>
The error i am getting is-
Warning: mysql_query() expects parameter 2 to be resource, object
given in C:\xampp\htdocs\myfiles\Easy123\master\login.php on line 8
Warning: mysql_num_rows() expects parameter 1 to be resource, null
given in C:\xampp\htdocs\myfiles\Easy123\master\login.php on line 10
this username not used
First of all, make sure your database connection is correctly set up. The error you're getting clearly says that your $conn variable isn't a valid resource.
Also, use prepared statements and parameterized queries. Do not use PHP variables within your query string, it's not secure at all. Use instead PDO or MySQLi
Using PDO:
$stmt = $pdo->prepare('SELECT easy123 FROM users WHERE email = :email');
$stmt->execute(array('email' => $email));
foreach ($stmt as $row) {
// do something with $row
}
Using MySQLi:
$stmt = $dbConnection->prepare('SELECT easy123 FROM users WHERE email = ?');
$stmt->bind_param('s', $email);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
// do something with $row
}
Your $query seems to be wrong. Try this:
$query = mysql_query("SELECT easy123 FROM users WHERE email='$email'", $conn);
Make sure $conn is properly defined aswell.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 years ago.
Improve this question
I try to get list after query by using php drop down list.
My code looks like this for now:
$con = mysql_connect($server,$user_name,$password,$database);
$db_found = mysql_select_db($database, $con);
if ($db_found) {
print "Database Found ";
}
else {
print "Database NOT Found ";
}
$result = mysql_query($con,$db_found,"SELECT
connection_log.user,count(*)
as 'connection_count', sum(TIMESTAMPDIFF(MINUTE,
connection_log.logondate,connection_log.logoffdate))
as `connection_time`
FROM connection_log
INNER JOIN users
ON connection_log.user=users.user WHERE users.groups
LIKE '%cpg_sirket_dyo%'
and connection_log.logondate>='2015-09-01 00:00:00'
and connection_log.logoffdate<'2015-10-01 00:00:00'
group by connection_log.user
order by connection_count desc");
while ($row = mysql_fetch_array($result)) {
echo $row['name']."<br />";
}
But when I run this php I get some error like shown below:
Database Found PHP Warning: mysql_query() expects at most 2 parameters, 3 >given in /var/www/html/test.php on line 22
PHP Warning: mysql_fetch_array() expects parameter 1 to be resource, null >given in /var/www/html/test.php on line 23
Have you any idea?
mysql_query
mysql_query ( string $query [, resource $link_identifier = NULL ] )
Only need two parameter needed
1)Your query.
2)The MySQL connection
You just remove your database name inside your mysql_query also swap position of query and connection
$result = mysql_query("SELECT....",$con);
Use backtick in column and table name instead of quotes
Correct your qyery with
SELECT
connection_log.user,count(*)
as `connection_count`, sum(TIMESTAMPDIFF(MINUTE,
connection_log.logondate,connection_log.logoffdate))
as `connection_time`
FROM connection_log
INNER JOIN users
ON connection_log.user=users.user WHERE users.groups
LIKE '%cpg_sirket_dyo%'
and connection_log.logondate>='2015-09-01 00:00:00'
and connection_log.logoffdate<'2015-10-01 00:00:00'
group by connection_log.user
order by connection_count desc
Note:- mysql is deprecated instead use mysqli or PDO
Have a look at http://php.net/manual/en/function.mysql-query.php
There are only 2 parameters, the query and (optinal) the connection, so you have to use:
$result = mysql_query("SELECT ...", $con);
You need to remove this $db_found out of your function :
http://php.net/manual/en/function.mysql-query.php
$result = mysql_query($yourQuery,$con);
Also try using mysqli instead of mysql which is deprecated.
MySQL vs MySQLi when using PHP
Use below code,
$con = mysql_connect($server,$user_name,$password);
$db_found = mysql_select_db($database);
if ($db_found) {
print "Database Found ";
}
else {
print "Database NOT Found ";
}
$result = mysql_query("YOUR QUERY",$con);
while ($row = mysql_fetch_array($result)) {
echo $row['name']."<br />";
}
I'm creating a few lines to check if a user exist within the database. To do this, I was going to just find the username in the DB and if there IS a user with that name in the database use num_rows to make it show that their is a user with that name.
The error is:
Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result,
boolean given in /home/bluef/public_html/SMNS/register.php on line 36
Code:
$usernamef = mysqli_query($link, "SELECT * FROM Users
WHERE Username =".$Username."");
$usernamefound = mysqli_num_rows($usernamef);
if($usernamefound != 0){
echo "Username in use, try another username?";
}
Always have this line before mysqli_connect
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
Always format your queries correctly.
Always use prepared statements when you need to insert a variable into query.
Always check out the "Related questions" section on the page (Or suggested questions while writing your own).
Try this with your query
$usernamef = mysqli_query($link, "SELECT * FROM Users
WHERE Username =".$Username."") or die(mysqli_error());
to see the error. Also you can try this
$usernamef = mysqli_query($link, "SELECT COUNT(*) AS myCount FROM Users
WHERE Username =".$Username."") or die(mysqli_error());
$row = mysqli_fetch_array($usernamef)
if( $row['myCount '] > 0 )
{
echo "Username in use, try another username?";
}
Check this link http://www.w3schools.com/php/func_mysqli_error.asp
Also you can try with mysql_query and mysql_num_rows() and not with mysqli_query()
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result
I am fetching data from MySQL data base in PHP but it gives error like following:
Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/content/i/h/u/ihus235/html/cs/emrapp/surveyList.php on line 97
[]
Below is the query which I am using to select data:
$query = mysql_query("SELECT * form survey_Profile where user_Id='".$user_id."' ");
change
$query = mysql_query("SELECT * form survey_Profile where user_Id='".$user_id."' ");
to
$query = mysql_query("SELECT * from survey_Profile where user_Id='".$user_id."' ");
The cause of tthat error can be that mysql returns False.
You can add an:
echo "SELECT * form survey_Profile where user_Id='".$user_id."' ";
To see what string is send to mysql, eventualy test it directly in phpmyadmin.
Also, add this code to see the error from mysql:
if (mysql_errno()) {
echo "<br />". mysql_errno(). " : ". mysql_error(). "<br />";
}
You are getting this error because user_id value doesn't exist into your table.
So before executing your resource into mysql_fetch_assoc(), check whether you got matching rows or not.
if(mysql_num_rows($query) > 0) {
//user mysql_fetch_assoc now
}
And also you have sql syntax error, in your query replace "form" to "from"