Asked  7 Months ago    Answers:  5   Viewed   27 times

Alright, PHP is throwing this error at me (in the log) when I run the code mentioned below:

Error

mysql_num_rows() expects parameter 1 to be resource, string given in (place) on line 10

Line 9-11

$queryFP = ("SELECT * FROM db");
$countFP = mysql_num_rows($queryFP);
$aID = rand(1, $countFP);

I think it has something to do with the $queryFP's syntax, but I'm not completely sure how to fix it since $queryFP's syntax is the simplest query I've ever seen.

 Answers

66

You need to query the database first.

$queryFP = ("SELECT * FROM db");

Should be:

$queryFP = mysql_query("SELECT * FROM db");
Wednesday, March 31, 2021
 
alez
answered 7 Months ago
71

you can't print the result from mysqli_query, it is mysqli_resource and for dumping the error you need to change mysql_error() to mysqli_error()

$username = "bob";
$db = mysqli_connect("localhost", "username", "password", "user_data");
$sql1 = "select id from user_information where username='$username'";
$result = mysqli_query($db, $sql1) or die(mysqli_error());
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { 
    echo $row['id'].'<br>'; 
} 
Saturday, May 29, 2021
 
pamelus
answered 5 Months ago
88
$result=mysql_query($sql);

to

$result=mysql_query($sql) or trigger_error(mysql_error().$sql);

and run it again

and then

$email_to=$_POST['email_to'];

to

$email_to=mysql_real_escape_string($_POST['email_to']);

oh yes, and there is also quotes

Friday, June 11, 2021
 
ajreal
answered 5 Months ago
39

yo need create the user "pma" in mysql or change this lines(user and password for mysql):

/* User for advanced features */
$cfg['Servers'][$i]['controluser'] = 'pma'; 
$cfg['Servers'][$i]['controlpass'] = '';

Linux: /etc/phpmyadmin/config.inc.php

Tuesday, July 13, 2021
 
ShadowZzz
answered 4 Months ago
52

When passed an UPDATE query, mysql_query() returns boolean TRUE for success and FALSE for failure, while mysql_num_rows() only accepts a resultset resource as its argument. In order to determine how many rows the UPDATE query affected, call mysql_affected_rows() with the connection resource as its argument.

It's not causing the problem you're having right now, but you would be extremely well advised to append or die(mysql_error()) to your mysql_query() calls, in order to catch any MySQL errors which occur. You would be even better advised to abandon the mysql_* functions entirely in favor of the PHP PDO extension, as recommended in the PHP manual, and which really doesn't incur much more cognitive overhead in exchange for the vast benefits it offers in capability and security.

Leaving that aside, here's how I would change your code so that it behaves more like what you have in mind:

<?php
// obtain a database connection
$dbConn = mysql_connect($serverName, $user_name, $password) 
  or die("Cannot connect to server: " . mysql_error() . "<br />n"); 
  // mysql error number rarely adds enough information to be worth including

// select the database
mysql_select_db($db_name, $dbConn) 
  or die("Couldn't select $db_name: " . mysql_error() . "<br />n"); 

// obtain escaped versions of query data for inclusion in update query
// it is imperative to use mysql_real_escape_string() or equivalent if you're
// going to use mysql_* functions instead of the far preferable PDO 
// prepared statements; if you don't escape your data, you leave open the
// possibility of SQL injection, which someone will certainly soon use to
// screw up your website horribly
$id = mysql_real_escape_string($_GET['id']);
$additional_notes = mysql_real_escape_string($_GET['additional_notes']);

// assemble query to pass to mysql_query()
// no need for parentheses around the string; in fact i'm surprised that
// didn't result in a parse error
// also FYI re backticks, MySQL uses them to denote literal database/table/
// column names -- they're optional unless required to disambiguate between
// an entity name and a reserved word. for example, you can create a table
// containing a column named 'key', which is a MySQL reserved word, but you
// thereafter must refer to that column as `key`, with backticks, in any
// queries, to hint to MySQL's parser that you mean the column by that name
// and not the reserved word; otherwise, it's a parse error.
$sql = "UPDATE `rmstable2` SET `additional_notes` = '$additional_notes' WHERE `id` = '$id'";

// actually run the query
// this being an UPDATE query, the result is boolean and offers no 
// additional useful information, so you need not capture it in a variable; 
// the 'or die' clause will fire if it's false, and if it's true, you'll 
// use mysql_affected_rows() to get the additional info you need.
mysql_query($sql)
  or die(mysql_error());

// if the query failed, the script die()d on the previous line and didn't 
// get here; if it did get here, you know the query succeeded
$resultcount = mysql_affected_rows($dbConn);

// this is technically correct but semantically odd; since you already included
// the 'additional_notes' value in the previous UPDATE query, and since
// that query certainly succeeded if we're evaluating this code at all, 
// why run the same query again?
if ($resultcount == 1) {
  mysql_query("UPDATE `rmstable2` SET `additional_notes` = '$additional_notes' WHERE `id` = '$id'") 
    or die(mysql_error());
} 

// again, the 'or die' clauses mean that we can only have reached this point
// if the queries succeeded, so there's no need for an if() test here
echo "Update Successful!";
echo '<h3>Your case has been updated.</h3>'; 
// note the backslashes before the embedded double quotes; single quotes in
// tag attributes are technically invalid but most browsers will accept them,
// but you can use double quotes within a double-quoted string if you precede
// the embedded quotes with backslashes (called "escaping") to indicate that
// they're not to be taken as the end of the string
// (i.e., """" == '""')
echo "To see your changes please click <a href="/fullcase.php?id=$id">here</a></b>";
?>
Sunday, August 22, 2021
 
Sertac Akyuz
answered 2 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :
 
Share