|
PHP - Mysql_query() Expects Parameter 2 To Be Resource
I've just started to learn PHP and I'm having a little trouble. I'm trying to stick with OOP but I'm having trouble with it. I've coded a database connection and I'm trying to take data from a form and insert it into a database. I've managed to do it without OOP but I can't get it to work with. The code is below. Any help would be great.
I have a file for the form, which should take the data and the php should insert it into the table - <?php // Get the PHP file containing the dbConnect class require('../../configuration.php'); // Get the PHP file containing the dbConnect class require('../../lib/db.class.php'); // Checks whether a form has been submitted. If so, carry on if ($_POST) { // Creates an instance of dbConnect $link = new dbConnect(); // Creates a SQL query $insertQuery = 'INSERT INTO content SET title = "' . $_POST['title'] . '", alias = "' . $_POST['alias'] . '", category = "' . $_POST['category'] . '", summary = "' . $_POST['summary'] . '", content = "' . $_POST['content'] . '"'; $result = $link->query($insertQuery, $link); } ?> <body> <form action="" method="post"> <div> <label for="title">Title:</label> <textarea id="title" name="title" rows="1" cols="30"> </textarea> </div> <div> <label for="alias">Alias:</label> <textarea id="alias" name="alias" rows="1" cols="30"> </textarea> <div> <label for="category">Category:</label> <textarea id="category" name="category" rows="1" cols="30"> </textarea> </div> <div> <label for="summary">Summary:</label> <textarea id="summary" name="summary" rows="6" cols="40"> </textarea> </div> <div> <label for="content">Content:</label> <textarea id="content" name="content" rows="12" cols="40"> </textarea> </div> <div> <input type="submit" value="Add Article" /> </div> </form> This is my class to connect to the db - class dbConnect extends siteConfig { var $theQuery; var $link; // Function to connect to the database public function dbConnect() { // Load configuration from parent class $config = siteConfig::getConfig(); // Get main config settings from the array that we just loaded $host = $config['hostname']; $user = $config['username']; $pass = $config['password']; $db = $config['database']; // Connect to the DB $link = mysql_connect('localhost', 'user', 'pass'); if (!$link) { $error = 'Unable to connect to the database server.'; echo $error; exit(); } } // Function to execute a database query public function query($link, $query) { $this->theQuery = $query; mysql_query($this->link, $query); } // Function to get array of query results public function getArray($result) { return mysql_fetch_array($result); } // Function to close the connection public function closeConnection() { mysql_close($this->link); } } I also have a config file. I'm not using it atm but I thought I'd show it anyway as it may help - class siteConfig { var $config; function getConfig() { $config['site_url'] = 'localhost/edencms'; $config['hostname'] = 'localhost'; $config['username'] = 'user'; $config['password'] = 'pass'; $config['database'] = 'edencms'; } } After filling out the form and sending it, I get the following error: Quote Warning: mysql_query() expects parameter 2 to be resource, object given in C:\xampp\htdocs\EdenCMS\lib\db.class.php on line 39 It seems like $link isn't staying as a resource once the dbConnect is called. If I print it in the dbConnect function, it shows it's a resource but if I try to print it after, it shows as an object. I'm not sure why. As I said, I'm new, so go easy Similar TutorialsWarning: mysql_query() expects parameter 1 to be string, resource given in C:\wamp\www\mariyano\profile.php on line 37 Help me to solve this problem I just want to display the datas in table Thanks in advance I keep getting this error when I run the following code: Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\wamp\www\vitamin-k-tracker\my-meal-planner.php on line 29 Code: [Select] <?php include 'top.php'; ?> <?php if (!loggedin()) {//1 if start header('Location: need-to-log-in-mmp.php'); }//1 if end ?> <title>My Meal Planner - Vitamin K Tracker</title> </head> <div id="container"> <?php include 'header.php'; ?> <?php include 'nav.php'; ?> <?php //do sql query to return the foods and nutrients that a person added to their que // // we're doing a left join between the foods and user foods table connected by the id $queryc = "SELECT `foods.id`, `foods.name`, `foods.source`, `users_foods.food_id` FROM `foods` LEFT JOIN users_foods ON foods.id=users_foods.food_id"; $query_runc = mysql_query($queryc); //error on the line below: while ($rowc = mysql_fetch_array($query_runc)){ echo 'ok'; } ?> <div id="content-container"> <div id="content_for_site"> <h2>My Meal Planner</h2> <br /> My Meal Que: <br /> <ul> <form> <li><input type="checkbox" name="meal_one" value="meal_one" /> Meal One</li> How many servings will you have? <input type="text" name="meal_one_servings"><br /><br /> <li><input type="checkbox" name="food_one" value="food_one" /> Food One</li> How many servings will you have? <input type="text" name="meal_one_servings"> </form> </ul> <input type="submit" value="delete" name="delete"><br /> <input type="submit" value="add to calendar" name="add_to_calendar"> <br /><br /> <a href="create-a-meal.php">Create A Meal & add to your Meal Que</a><br /> <a href="find-a-meal.php">Find a Meal or Food to Add to your Meal Que</a> </div> <div id="clear"></div> <?php include 'footer.php'; ?> </div> </div> I have tired to search this up but get nothing back.. :@ This error is on line 18 on line 18 is Code: [Select] if (mysql_num_rows($result) == 1) { Quote Notice: Undefined variable: result in C:\xampp\htdocs\Exam_Online\Staff_login\Staff_login_process.php on line 18 Warning: mysql_num_rows() expects parameter 1 to be resource, null given in C:\xampp\htdocs\Exam_Online\Staff_login\Staff_login_process.php on line 18 Wrong Username or Password This is the error message. Code: [Select] if (mysql_num_rows($result) == 1) { // Set username session variable $_SESSION['ID'] = $_POST['ID']; header("location:Staff_Menu.php"); } else { echo"Wrong Username or Password"; } Hi I'm having a bit of bother with my login. I created a login using this tutorial http://www.phpeasystep.com/phptu/6.html and it works perfectly. So i have attempted to change it to meet my own database. So basically i've changed the database, table names etc to meet my own. I haven't changed any other lines. When i run it i get an error message: Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\checklogin.php on line 26 The code is below: Code: [Select] <?php $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="final year project"; // Database name $tbl_name="tbl_user"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $mem_username=$_POST['mem_username']; $mem_password=$_POST['mem_password']; // To protect MySQL injection (more detail about MySQL injection) $mem_username = stripslashes($mem_username); $mem_password = stripslashes($mem_password); $mem_username = mysql_real_escape_string($mem_username); $mem_password = mysql_real_escape_string($mem_password); $sql="SELECT * FROM $tbl_name WHERE username='$mem_username' and password='$mem_password'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $mem_username and $mem_password, table row must be 1 row if($count==1){ // Register $mem_username, $mem_password and redirect to file "login_success.php" session_register("mem_username"); session_register("mem_password"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ?> Line 26 is $count=mysql_num_rows($result); I'm baffled as to why the test database worked. I tried another test database but got the same error. baffled.com Hope someone can help MOD EDIT: [code] . . . [/code] tags added. Ive been having trouble. Im getting this error: Code: [Select] $select = mysql_query($query1); echo $select; $rows1 = mysqli_fetch_array($dbc, $select); I dont understand whats wrong. Hello, Im developing simple user registration system with my knowledge.but got this error with this file Code: [Select] <?php //database connection require_once("dbconnection/connect.php"); $success_massage =""; if (isset($_POST['hiddenstudentid'])) $passstudent_id=$_POST['hiddenstudentid']; else $passstudent_id=$_POST['student_id_hidden']; $sql=mysql_query("SELECT * FROM student WHERE StudentID=$passstudent_id"); echo $sql; while ($row=mysql_fetch_assoc($sql)) { $update_nic=$row['NIC']; $update_name=$row['Student_Name']; $update_addr=$row['Address']; $take_bday=$row['Birthday']; echo $take_bday; $update_bday=date('d',strtotime($take_bday)); $update_month=date('m',strtotime($take_bday)); $update_year=date('y',strtotime($take_bday)); $update_tele=$row['Telephone']; $update_email=$row['Email']; } if (isset($_POST['btnupdate'])) { $insert_nic=$_POST['nic_txt']; $insert_name=$_POST['name_txt']; $insert_addr=$_POST['address_txt']; $insert_bday=$_POST['bdate']; $insert_month=$_POST['bmonth']; $insert_year=$_POST['byear']; $insert_tele=$_POST['telephone_txt']; $insert_email=$_POST['email_txt']; $Birthday =date("$insert_year-$insert_month-$insert_bday");//Bday eka $Birthday ta set kereema. $sql="update student set NIC='$insert_nic',Student_Name='$insert_name',Address='$insert_addr',Birthday='$Birthday',Telephone='$insert_tele',Email='$insert_email' where StudentID=$passstudent_id" ; /*(Student_ID,NIC,Student_Name,Address,Birthday,Telephone,Email)values('$student_id','$insert_nic','$insert_name','$insert_addr','$Birthday','$insert_tele','$insert_email')";*/ //echo $sql; $result=mysql_query($sql) or die ("database error"); $success ="Records updated successfully"; $success_massage =$success; header('Location:editdisplay.php'); } if ($_POST['btndelete']=='DELETER') { $delete = "delete from student where StudentID=$passstudent_id"; $result =mysql_query($delete) or die ("data deleting error"); $delete_massage="Record deleted"; //$success_massage = $delete_massage; } if (isset($_POST['btncancel'])) { header ('Location:registration.php'); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <script type="text/javascript"> function GetConfirmation() { var res=confirm("Are you sure to delete this Student?"); if(res==true) { var btn=document.getElementById("btndelete"); btn.value="DELETER"; // alert ("YES"); document.editForm.submit(); } } </script> </head> <body> <form id="form1" name="form1" method="post" action=""> <table width="406" border="1"> <tr> <td width="149"> </td> <td width="241">Student Registration</td> </tr> <tr> <td>NIC</td> <td><label for="nic_txt"></label> <input type="text" name="nic_txt" id="nic_txt" value="<?php echo $update_nic ?>" /><input type="hidden" name="student_id_hidden" id="student_id_hidden" value="<?php echo $passstudent_id ?>" /> </td> </tr> <tr> <td>Name</td> <td><label for="name_txt"></label> <input type="text" name="name_txt" id="name_txt" value="<?php echo $update_name ?>" /><span style="color:#F00"><?php echo $massage_name?></span></td> </tr> <tr> <td>Address</td> <td><label for="address_txt"></label> <input type="text" name="address_txt" id="address_txt" value="<?php echo $update_addr ?>" /><span style="color:#F00"><?php echo $massage_address?></span></td> </tr> <tr> <td>Birthday</td> <td><label for="bdate"></label> <select name="bdate" id="bdate"> <option selected="selected"><?php echo $update_bday ?></option> <?php for ( $i=1;$i<=31;$i++) {echo '<option>'.$i.'</option>'; } ?> </select> <label for="bmonth"></label> <select name="bmonth" id="bmonth"> <option selected="selected"><?php echo $update_month ?></option> <?php echo '<option>'.'-month-'.'</option>'; for ($b=1;$b<=12;$b++) {echo '<option>'.$b.'</option>'; } ?> </select> <label for="byear"></label> <select name="byear" id="byear" /> <option selected="selected"><?php echo $update_year ?></option> <?php echo '<option>'.'-year-'.'</option>'; for ($b=1960;$b<=2000;$b++) {echo '<option>'.$b.'</option>'; } ?> </select><span style="color:#F00"><?php echo $massage_bday?></span></td> </tr> <tr> <td>Email</td> <td><label for="email_txt"></label> <input type="text" name="email_txt" id="email_txt" value="<?php echo $update_email?>" /></td> </tr> <tr> <td>Telephone</td> <td><label for="telephone_txt"></label> <input type="text" name="telephone_txt" id="telephone_txt" value="<?php echo $update_tele?>"/></td> </tr> <tr> <td> </td> <td><input type="submit" name="btnupdate" id="btnupdate" value="Update" /> <input type="submit" name="btndelete" id="btndelete" value="Delete" onclick="GetConfirmation()" /> <input type="submit" name="btncancel" id="btncancel" value="Cancel" /></td> </tr> </table> <?php echo $success_massage?> </form> </body> </html> got error from these codes in this file Code: [Select] if (isset($_POST['hiddenstudentid'])) $passstudent_id=$_POST['hiddenstudentid']; else $passstudent_id=$_POST['student_id_hidden']; $sql=mysql_query("SELECT * FROM student WHERE StudentID=$passstudent_id"); echo $sql; it is showing this error this this warning error.in here that details from DB will show in form.and im going to edit them from this file. please help me to find the error. Please help, This code is giving me the warning stated in the above given Subject line. And combo box is also not populating. Code: [Select] function populatecombo() { $dropdown = ""; $sqlcmb = "select wardno from wards"; mysql_query($sqlcmb) or die(mysql_error('Unable to query the table')); while($row = mysql_fetch_assoc($sqlcmb)) { $dropdown .= "\r\n<option value='{$row['wardno']}>'{$row['wardno']}</option>"; } echo $dropdown; } this Nofications appear.. Notice: Undefined index: id in C:\wamp\www\WAR\up3\view.php on line 4 Warning: mysql_fetch_row() expects parameter 1 to be resource, boolean given in C:\wamp\www\WAR\up3\view.php on line 9 invalid id this is my code. <?php require ('dbconnect.php'); // Connect to database $id = $_GET['id']; // ID of entry you wish to view. To use this enter "view.php?id=x" where x is the entry you wish to view. $query = "SELECT data, filetype FROM uploads where uploadid=$id"; //Find the file, pull the filecontents and the filetype $result = MYSQL_QUERY($query); // run the query if($row=mysql_fetch_row($result)) // pull the first row of the result into an array(there will only be one) { $data = $row[0]; // First bit is the data $type = $row[1]; // second is the filename Header( "Content-type: $type"); // Send the header of the approptiate file type, if it's' a image you want it to show as one print $data; // Send the data. } else // the id was invalid { echo "invalid id"; } ?> Hi guys, I'm new to forums so hopefully someone can help me. I keep getting the following error: Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\Blog2\checklogin.php on line 27 My code is: Code: [Select] // Define $blog_user_name and $blog_user_password $blog_user_name=$_POST['blog_user_name']; $blog_user_password=$_POST['blog_user_password']; // To protect MySQL injection (more detail about MySQL injection) $blog_user_name = stripslashes($blog_user_name); $blog_user_password = stripslashes($blog_user_password); $blog_user_name = mysql_real_escape_string($blog_user_name); $blog_user_password = mysql_real_escape_string($blog_user_password); $sql="SELECT * FROM $tbl_name WHERE username='$blog_user_name' and password='$blog_user_password'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); //THIS IS LINE 27 // If result matched $blog_user_name and $blog_user_password, table row must be 1 row if($count==1){ // Register $blog_user_name, $blog_user_password and redirect to file "index.php" session_register("blog_user_name"); session_register("blog_user_password"); header("location:index.php"); } else { echo "Wrong Username or Password"; } ob_end_flush(); Please can someone help I have know idea what the problem could be. Thanks. i am having problem with this error, could you please help me Code: [Select] function cart () { foreach($_SESSION as $name => $value) { if ($value>0) { if (substr($name, 0, 5) == "cart_") { $productid = substr($name, 5, (strlen($name)-5)); $query = mysql_query("SELECT ProductID, Name, Price FROM product WHERE ProductID = '".mysql_real_escape_string((int)$productid."'")); while ($query_row = mysql_fetch_assoc($query)) { $sub = $query["Price"]*$Value; echo $query["Name"]. ' x ' .$value. ' @ '.$query["Price"]. ' = '.$sub.'<br />'; } } } else { echo "<p>Your Shopping Basket is empty</p>"; } } } This has been really annoying me for 2 hours now . I know its something silly Database Structure QuestionID int Question VarChar HelpDocument VarChar (Link) Posting Code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js"></script> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.5.3/jquery-ui.min.js"></script> <script type="text/javascript" src="jquery.simpledialog/jquery.simpledialog.0.1.js"></script> <link rel="stylesheet" type="text/css" href="style.css" /> <link rel="stylesheet" href="ui.datepicker.css" type="text/css" media="screen" /> <link rel="stylesheet" href="jquery.simpledialog/simpledialog.css" type="text/css" media="screen" /> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/ libs/jquery/1.3.0/jquery.min.js"></script> <script type="text/javascript"> $(function() { $(".search_button").click(function() { var search_word = $("#search_box").val(); var dataString = 'search_word='+ search_word; if(search_word=='') { } else { $.ajax({ type: "GET", url: "getHelpDocuments.php", data: dataString, cache: false, beforeSend: function(html) { document.getElementById("insert_search").innerHTML = ''; $("#flash").show(); $("#searchword").show(); $(".searchword").html(search_word); $("#flash").html('<img src="ajax-loader.gif" /> Loading Results...'); }, success: function(html){ $("#insert_search").show(); $("#insert_search").append(html); $("#flash").hide(); } }); } return false; }); }); </script> <style> *{margin:0;padding:0;} ol.update { list-style:none; font-size:1.1em; margin-top:20px } ol.update li { height:70px; border-bottom:#dedede dashed 1px; text-align:left; } ol.update li:first-child { border-top:#dedede dashed 1px; height:70px; text-align:left } </style> </head> <body> <div id="AllContent"> <div id="header"> <br></br> <br></br> </div> <br></br> <div id="login"> </div> <br></br> <br></br> <br></br> <br></br> <br></br> <br></br> <br></br> <div id="RequestAccess"> <form method="get" action=""> <input type="text" name="search" id="search_box" class='search_box'/> <input type="submit" value="Search" class="search_button" /> </form> <div id="searchword"> Search results for <span class="searchword"></span></div> <div id="flash"></div> <ol id="insert_search" class="update"> </ol> </ul> </div> </div> </div> </div> </body> </html> PHP SCRIPT <?php if(isset($_GET['search_word'])) { $search_word=$_GET['search_word']; $search_word_new=mysql_escape_string($search_word); $search_word_fix=str_replace(" ","%",$search_word_new); $link = mysql_connect("localhost", "root", ""); mysql_select_db("blank", $link); $sql=mysql_query("SELECT HelpDocument FROM Questions WHERE Question LIKE '%$search_word_fix%' ORDER BY Question DESC LIMIT 20", $link); $count=mysql_num_rows($sql); if($count > 0) { while($row=mysql_fetch_array($sql)) { $msg=$row['Question']; $bold_word='<b>'.$search_word.'</b>'; $final_msg = str_ireplace($search_word, $bold_word, $msg); ?> <li><?php echo $final_msg; ?></li> <?php } } else { echo "<li>No Results</li>"; } } ?> getting this error Warning: mysql_num_rows() expects parameter 1 to be resource and it wont display the database fields after search Any help is deeply appreciated thanks I have created a script to insert data into a database, but it returns this. Code: [Select] Warning: mysql_select_db() expects parameter 2 to be resource, null given in /RJFWS198/testing/elemata_project/admin/elements/create_page.php on line 51 Here is the code Code: [Select] <?PHP //Protect Against Attacks if (empty($_SESSION['E_User'])) { die("Access Denied"); } ?> <?php if (!empty($_REQUEST['title']) && (!empty($_SESSION['E_User']))) { require_once('../Connections/default.php'); if (empty($_REQUEST['password'])) { $password = "0"; }else{ $password = $_REQUEST['password']; } if (empty($_REQUEST['menu_order'])) { $mo = "0"; }else{ $mo = $_REQUEST['menu_order']; } if (empty($_REQUEST['meta_keywords'])) { $meta_keywords = "0"; }else{ $meta_keywords = $_REQUEST['meta_keywords']; } if (empty($_REQUEST['meta_desc'])) { $meta_desc = "0"; }else{ $meta_desc = $_REQUEST['meta_desc']; } if (empty($_REQUEST['meta_copyright'])) { $meta_copyright = "0"; }else{ $meta_copyright = $_REQUEST['meta_copyright']; } $author = $_SESSION['E_User']; $date = date("m.d.y"); $day = date("d"); $month = date("n"); $year = date("Y"); $time = ''.date("g").''.date("i").''.date("a").''; $ptitle = $_REQUEST['title']; $post_content = $_REQUEST['postContent']; $searchable = $_REQUEST['seachable']; $locked = $_REQUEST['privacy']; $tags = $_REQUEST['tags']; $meta_robots = $_REQUEST['robots']; mysql_select_db($database_default, $default); mysql_query("INSERT INTO posts (`time`, `year`, `month`, `day`, `date`, `author`, `title`, `content`, `searchable`, `locked`, `password`, `menu_order`, `tags`, `meta_keywords`, `meta_desc`, `meta_robots`, `meta_copyright`) VALUES ('$time', '$year', '$month', '$day', '$date', '$author', '$ptitle', '$post_content', '$searchable', '$locked', '$password', '$mo', '$tags', '$meta_keywords', '$meta_desc', '$meta_robots', '$meta_copyright')"); } ?> Hey, this is my first post here, so bear with me: I'm new to PHP, and am trying to make an online store, right now I'm just making an admin inventory management, and so I'm using PHP to link to the database. Before any of this script, I link to the database and all that, so it's not an issue of connection. My issue is I keep getting the following message: Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in "inventory_list.php" on line 38 Column count doesn't match value count at row 1 There used to be three or four other error messages, but I've been able to work out my mistakes and fix them. Here is my code, starting at Line 27: Code: [Select] <?php // Parse the form data and add inventory item to the system if (isset($_POST['product_name'])) { $product_name = mysql_real_escape_string($_POST['product_name']); $price = mysql_real_escape_string($_POST['price']); $category = mysql_real_escape_string($_POST['category']); $subcategory = mysql_real_escape_string($_POST['subcategory']); $details = mysql_real_escape_string($_POST['details']); // See if that product name is an identicle match to another in the system $sql = mysql_query("SELECT product_id FROM products WHERE product_name='$product_name' LIMIT 1"); $productMatch = mysql_num_rows($sql); // count the output amount if ($productMatch > 0){ echo 'Sorry, you tried to place a duplicate "Product Name" into the system, <a href="inventory_list.php">click here</a>'; exit(); } // Add this product into the database now $sql = mysql_query("INSERT INTO product (product_name, price, category, subcategory, date_added) VALUES('$product_name','$price','$details','$category','$subcategory',now())") or die (mysql_error()); $pid = mysql_insert_id(); // Place image in the folder $newname = "$pid.jpg"; move_uploaded_file($_FILES['fileField']['tmp_name'], "../inventory_images/$newname"); } ?> The line causing this issue is thus: Code: [Select] $productMatch = mysql_num_rows($sql); // count the output amount Does anyone know how to fix this for me? Thanks I am trying to install a comments box, im new to php and mysql so havent been able to work this out for myself following other threads, hope someone can shed some light on the problem. The posts ive entered arent being returned to the page essentially and im getting the error: Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in commentbox.php on line 42. This is the code from the entire page. Code: [Select] <?php require('commentconnect.php'); $name=@$_POST['name']; $comment=@$_POST['comment']; $submit=@$_POST['submit']; if($submit) { if($name&&$comment) { $insert=mysql_query("INSERT INTO commenttable (name,comment) VALUES ('$name','$comment')"); /*header("Location: index.php");*/ echo "<script>document.location.href='index.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; } else { echo "Please fill out the fields"; } } ?> <div id="commentdiv"> <div id="commentinput"> <form action="index.php" method="POST"> <table> <tr><td>Name: </td><td><input type="text" name="name" /></td></tr> <tr><td colspan="2">Comment: </td></tr> <tr><td colspan="2"><textarea name="comment"></textarea></td></tr> <tr><td colspan="2"><input type="submit" name="submit" value="Comment" /></td></tr> </table> </form> </div> <div id="commentarea"> <?php $getquery=mysql_query("SELECT * FROM commenttable ORDER BY id DESC"); while($rows=mysql_fetch_array($getquery)) { $id=$rows['id']; $name=$rows['name']; $comment=$rows['comment']; $dellink="<a href=\"delete.php?id=" . $id . "\"> Delete </a>"; echo $name . '' . '<br />' . $comment . '<br />' . '<hr/>'; } ?> </div> </div> Any help is greatly appreciated! we did an exercise in IT class it was about how to inject php code in css code we took a template as an example to work on. i injected php code in the page "services.php"as instructed but it didn't work and i keep getting this error : Hey guys, i was recently making a new PHP code and when i tested it out it gave me this error: Code: [Select] mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\tools\edit_infos.php on line 167 I don't know what the problem is. Here is 'Line 167': Code: [Select] //Line 167 $dnn = mysql_fetch_array(mysql_query('select username,password,email,desc,keys,logo,webclient,forums,hiscores,chatbox,staff,newstitle,newsimage,news,op1,op2,op3 from users where username="'.$_SESSION['username'].'"')); $username = htmlentities($dnn['username'], ENT_QUOTES, 'UTF-8'); $password = htmlentities($dnn['password'], ENT_QUOTES, 'UTF-8'); $email = htmlentities($dnn['email'], ENT_QUOTES, 'UTF-8'); $desc = htmlentities($dnn['desc'], ENT_QUOTES, 'UTF-8'); $keys = htmlentities($dnn['keys'], ENT_QUOTES, 'UTF-8'); $logo = htmlentities($dnn['logo'], ENT_QUOTES, 'UTF-8'); $webclient = htmlentities($dnn['webclient'], ENT_QUOTES, 'UTF-8'); $forums = htmlentities($dnn['forums'], ENT_QUOTES, 'UTF-8'); $hiscores = htmlentities($dnn['hiscores'], ENT_QUOTES, 'UTF-8'); $chatbox = htmlentities($dnn['chatbox'], ENT_QUOTES, 'UTF-8'); $staff = htmlentities($dnn['staff'], ENT_QUOTES, 'UTF-8'); $newstitle = htmlentities($dnn['newstitle'], ENT_QUOTES, 'UTF-8'); $newsimage = htmlentities($dnn['newsimage'], ENT_QUOTES, 'UTF-8'); $news = htmlentities($dnn['news'], ENT_QUOTES, 'UTF-8'); $op = htmlentities($dnn['op1'], ENT_QUOTES, 'UTF-8'); $opp = htmlentities($dnn['op2'], ENT_QUOTES, 'UTF-8'); $oppp = htmlentities($dnn['op3'], ENT_QUOTES, 'UTF-8'); And here is the whole page code if needed. Code: [Select] <?php include('config.php'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" /> <title>Edit my personnal informations</title> </head> <body> <div class="header"> <a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="Members Area" /></a> </div> <?php //We check if the user is logged if(isset($_SESSION['username'])) { //We check if the form has been sent if(isset($_POST['username'], $_POST['password'], $_POST['passverif'], $_POST['email'], $_POST['desc'], $_POST['keys'], $_POST['logo'], $_POST['webclient'], $_POST['forums'], $_POST['hiscores'], $_POST['donate'], $_POST['chatbox'], $_POST['staff'], $_POST['newstitle'], $_POST['newsimage'], $_POST['news'], $_POST['op1'], $_POST['op2'], $_POST['op3'], $_POST['desc'])) { //We remove slashes depending on the configuration if(get_magic_quotes_gpc()) { $_POST['username'] = stripslashes($_POST['username']); $_POST['password'] = stripslashes($_POST['password']); $_POST['passverif'] = stripslashes($_POST['passverif']); $_POST['email'] = stripslashes($_POST['email']); $_POST['desc'] = stripslashes($_POST['desc']); $_POST['keys'] = stripslashes($_POST['keys']); $_POST['logo'] = stripslashes($_POST['logo']); $_POST['webclient'] = stripslashes($_POST['webclient']); $_POST['forums'] = stripslashes($_POST['forums']); $_POST['hiscores'] = stripslashes($_POST['hiscores']); $_POST['donate'] = stripslashes($_POST['logo']); $_POST['chatbox'] = stripslashes($_POST['chatbox']); $_POST['staff'] = stripslashes($_POST['staff']); $_POST['newstitle'] = stripslashes($_POST['newstitle']); $_POST['newsimage'] = stripslashes($_POST['newsimage']); $_POST['news'] = stripslashes($_POST['news']); $_POST['op1'] = stripslashes($_POST['op1']); $_POST['op2'] = stripslashes($_POST['op2']); $_POST['op3'] = stripslashes($_POST['op3']); } //We check if the two passwords are identical if($_POST['password']==$_POST['passverif']) { //We check if the password has 6 or more characters if(strlen($_POST['password'])>=6) { //We check if the email form is valid if(preg_match('#^(([a-z0-9!\#$%&\\\'*+/=?^_`{|}~-]+\.?)*[a-z0-9!\#$%&\\\'*+/=?^_`{|}~-]+)@(([a-z0-9-_]+\.?)*[a-z0-9-_]+)\.[a-z]{2,}$#i',$_POST['email'])) { //We protect the variables $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $email = mysql_real_escape_string($_POST['email']); $desc = mysql_real_escape_string($_POST['desc']); $keys = mysql_real_escape_string($_POST['keys']); $logo = mysql_real_escape_string($_POST['logo']); $webclient = mysql_real_escape_string($_POST['webclient']); $forums = mysql_real_escape_string($_POST['forums']); $hiscores = mysql_real_escape_string($_POST['hiscores']); $donate = mysql_real_escape_string($_POST['donate']); $chatbox = mysql_real_escape_string($_POST['chatbox']); $staff = mysql_real_escape_string($_POST['staff']); $newstitle = mysql_real_escape_string($_POST['newstitle']); $newsimage = mysql_real_escape_string($_POST['newsimage']); $news = mysql_real_escape_string($_POST['news']); $op = mysql_real_escape_string($_POST['op1']); $opp = mysql_real_escape_string($_POST['op2']); $oppp = mysql_real_escape_string($_POST['op3']); //We check if there is no other user using the same username $dn = mysql_fetch_array(mysql_query('select count(*) as nb from users where username="'.$username.'"')); //We check if the username changed and if it is available if($dn['nb']==0 or $_POST['username']==$_SESSION['username']) { //We edit the user informations if(mysql_query('update users set username="'.$username.'", password="'.$password.'", email="'.$email.'", desc="'.$desc.'", keys="'.$keys.'", logo="'.$logo.'", webclient="'.$webclient.'", forums="'.$forums.'", hiscores="'.$hiscores.'", chatbox="'.$chatbox.'", staff="'.$staff.'", newstitle="'.$newstitle.'", newsimage="'.$newsimage.'", news="'.$news.'", op1="'.$op1.'", op2="'.$op2.'", op3="'.$op3.'" where id="'.mysql_real_escape_string($_SESSION['userid']).'"')) { //We dont display the form $form = false; //We delete the old sessions so the user need to log again unset($_SESSION['username'], $_SESSION['userid']); ?> <div class="message">Your informations have successfuly been updated. You need to log again.<br /> <a href="connexion.php">Log in</a></div> <?php } else { //Otherwise, we say that an error occured $form = true; $message = 'An error occurred while updating your informations.'; } } else { //Otherwise, we say the username is not available $form = true; $message = 'The username you want to use is not available, please choose another one.'; } } else { //Otherwise, we say the email is not valid $form = true; $message = 'The email you entered is not valid.'; } } else { //Otherwise, we say the password is too short $form = true; $message = 'Your password must contain at least 6 characters.'; } } else { //Otherwise, we say the passwords are not identical $form = true; $message = 'The passwords you entered are not identical.'; } } else { $form = true; } if($form) { //We display a message if necessary if(isset($message)) { echo '<strong>'.$message.'</strong>'; } //If the form has already been sent, we display the same values if(isset($_POST['username'],$_POST['password'],$_POST['desc'], $_POST['keys'], $_POST['logo'], $_POST['webclient'], $_POST['forums'], $_POST['hiscores'], $_POST['donate'], $_POST['chatbox'], $_POST['staff'], $_POST['newstitle'], $_POST['newsimage'], $_POST['news'], $_POST['op1'], $_POST['op2'], $_POST['op3'])) { $pseudo = htmlentities($_POST['username'], ENT_QUOTES, 'UTF-8'); if($_POST['password']==$_POST['passverif']) { $password = htmlentities($_POST['password'], ENT_QUOTES, 'UTF-8'); } else { $password = ''; } $email = htmlentities($_POST['email'], ENT_QUOTES, 'UTF-8'); $desc = htmlentities($_POST['desc'], ENT_QUOTES, 'UTF-8'); $keys = htmlentities($dnn['keys'], ENT_QUOTES, 'UTF-8'); $logo = htmlentities($dnn['logo'], ENT_QUOTES, 'UTF-8'); $webclient = htmlentities($dnn['webclient'], ENT_QUOTES, 'UTF-8'); $forums = htmlentities($dnn['forums'], ENT_QUOTES, 'UTF-8'); $hiscores = htmlentities($dnn['hiscores'], ENT_QUOTES, 'UTF-8'); $chatbox = htmlentities($dnn['chatbox'], ENT_QUOTES, 'UTF-8'); $staff = htmlentities($dnn['staff'], ENT_QUOTES, 'UTF-8'); $newstitle = htmlentities($dnn['newstitle'], ENT_QUOTES, 'UTF-8'); $newsimage = htmlentities($dnn['newsimage'], ENT_QUOTES, 'UTF-8'); $news = htmlentities($dnn['news'], ENT_QUOTES, 'UTF-8'); $op = htmlentities($dnn['op1'], ENT_QUOTES, 'UTF-8'); $opp = htmlentities($dnn['op2'], ENT_QUOTES, 'UTF-8'); $oppp = htmlentities($dnn['op3'], ENT_QUOTES, 'UTF-8'); } else { //otherwise, we display the values of the database $dnn = mysql_fetch_array(mysql_query('select username,password,email,desc,keys,logo,webclient,forums,hiscores,chatbox,staff,newstitle,newsimage,news,op1,op2,op3 from users where username="'.$_SESSION['username'].'"')); $username = htmlentities($dnn['username'], ENT_QUOTES, 'UTF-8'); $password = htmlentities($dnn['password'], ENT_QUOTES, 'UTF-8'); $email = htmlentities($dnn['email'], ENT_QUOTES, 'UTF-8'); $desc = htmlentities($dnn['desc'], ENT_QUOTES, 'UTF-8'); $keys = htmlentities($dnn['keys'], ENT_QUOTES, 'UTF-8'); $logo = htmlentities($dnn['logo'], ENT_QUOTES, 'UTF-8'); $webclient = htmlentities($dnn['webclient'], ENT_QUOTES, 'UTF-8'); $forums = htmlentities($dnn['forums'], ENT_QUOTES, 'UTF-8'); $hiscores = htmlentities($dnn['hiscores'], ENT_QUOTES, 'UTF-8'); $chatbox = htmlentities($dnn['chatbox'], ENT_QUOTES, 'UTF-8'); $staff = htmlentities($dnn['staff'], ENT_QUOTES, 'UTF-8'); $newstitle = htmlentities($dnn['newstitle'], ENT_QUOTES, 'UTF-8'); $newsimage = htmlentities($dnn['newsimage'], ENT_QUOTES, 'UTF-8'); $news = htmlentities($dnn['news'], ENT_QUOTES, 'UTF-8'); $op = htmlentities($dnn['op1'], ENT_QUOTES, 'UTF-8'); $opp = htmlentities($dnn['op2'], ENT_QUOTES, 'UTF-8'); $oppp = htmlentities($dnn['op3'], ENT_QUOTES, 'UTF-8'); } //We display the form ?> <div class="content"> <form action="edit_infos.php" method="post"> You can edit your informations:<br /> <div class="center"> <label for="username">Username</label><input type="text" name="username" id="username" value="<?php echo $username; ?>" /><br /> <label for="password">Password<span class="small">(6 characters min.)</span></label><input type="password" name="password" id="password" value="<?php echo $password; ?>" /><br /> <label for="passverif">Password<span class="small">(verification)</span></label><input type="password" name="passverif" id="passverif" value="<?php echo $password; ?>" /><br /> <label for="email">Email</label><input type="text" name="email" id="email" value="<?php echo $email; ?>" /><br /> <label for="desc">Webclient/Server Description</label><textarea name="desc" id="desc" rows="3" value="<?php echo $desc; ?>"></textarea><br /> <label for="keys">Webclient/Server Tags<span class="small">(Seperate with comma's)</span></label><input type="text" name="keys" id="keys" value="<?php echo $keys; ?>" /><br /> <label for="logo">Website/Server Logo Link</label><input type="text" name="logo" id="logo" value="<?php echo $logo; ?>" /><br /> <label for="webclient">Webclient Link</label><input type="text" name="webclient" id="webclient" value="<?php echo $webclient; ?>" /><br /> <label for="forums">Forums Link</label><input type="text" name="forums" id="forums" value="<?php echo $forums; ?>" /><br /> <label for="hiscores">Hiscores Link</label><input type="text" name="hiscores" id="hiscores" value="<?php echo $hiscores; ?>" /><br /> <label for="chatbox">Chatbox Html</label><textarea name="chatbox" rows="3" id="chatbox" value="<?php echo $chatbox; ?>" ></textarea><br /> <label for="staff">Staff Page Link</label><input type="text" name="staff" id="staff" value="<?php echo $staff; ?>" /><br /> <label for="newstitle">News Article Title</label><input type="text" name="newstitle" id="newstitle" value="<?php echo $newstitle; ?>" /><br /> <label for="newsimage">News Article Image Link<span class="small">(Displayed under title)</span></label><input type="text" name="newsimage" id="newsimage" value="<?php echo $newsimage; ?>" /><br /> <label for="news">News Article</label><textarea name="news" rows="3" id="news" value="<?php echo $news; ?>" ></textarea><br /> <label for="op1">Optional Link #1</label><input type="text" name="op" id="op" value="<?php echo $op; ?>" /><br /> <label for="op2">Optional Link #2</label><input type="text" name="opp" id="opp" value="<?php echo $opp; ?>" /><br /> <label for="op3">Optional Link #3</label><input type="text" name="oppp" id="oppp" value="<?php echo $oppp; ?>" /><br /> <input type="submit" value="Send" /> </div> </form> </div> <?php } } else { ?> <div class="message">To access this page, you must be logged.<br /> <a href="connexion.php">Log in</a></div> <?php } ?> <div class="foot"><a href="<?php echo $url_home; ?>">Go Home</a> - <a href="http://www.webestools.com/">Webestools</a></div> </body> </html>Anyway, i hope someone can help me solve this. Thanks Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in C:\xampp\test.php on line 58 line 58 is the where the while loop starts.. what have i done wrong? Code: [Select] $query2 = mysql_query("SELECT student.SID, course.CID FROM student, course WHERE student.SID = `student-course.SID` AND course.CID = `student-course.CID` AND GRADE BETWEEN $beginning AND $grade",$this->connect); while($row = mysql_fetch_assoc($query2)) { $sid = $row['student.SID']; $cid = $row['course.CID']; echo "$sid-$cid"; } |
|||||||