Php/mysql faulty code/query

Question

0.00/5 (No votes)

See more:

So, I had a broken code but it still worked until I updated my php version, and it now fails. Because of my limited knowledge I fail to find the error. Any of you smarts find the error?

"

Fatal error: Uncaught TypeError: mysqli_num_rows(): Argument #1 ($result) must be of type mysqli_result, bool given in C:\xampp\htdocs\bakker-test\includes\bakke.db.php:10 Stack trace: #0 C:\xampp\htdocs\bakker-test\includes\bakke.db.php(10): mysqli_num_rows(false) #1 C:\xampp\htdocs\bakker-test\index.php(36): include('C:\\xampp\\htdocs...') #2 {main} thrown in C:\xampp\htdocs\bakker-test\includes\bakke.db.php on line 10

"

$id = $_GET['id'];
$alphabet = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z');


$sql = "SELECT * FROM Bakkeplassering LEFT JOIN Stativ ON Bakkeplassering.stativ = Stativ.id WHERE Bakkeplassering.id = $id";
$result = $conn->query($sql) ;

if (mysqli_num_rows($result) > 0) {
    while ($row = $result->fetch_array()) {
        $letter = $row['loc_hor'] - 1;
        $horizontal = $alphabet[$letter];
        echo '<br>';
        echo '<p>Lokasjon:<p>';
        echo '<p>' . $row['name'] . ':' . $horizontal . '-' . $row['loc_ver'] . ' - 
        <a href="includes/bakke.delete.db.php?id=' . $id . '&new=' . $row['id'] . '&ver=' . $row['loc_ver'] . 
        '&hor=' . $row['loc_hor'] . '" onclick="return confirm(\'Er du sikker på du vil slette;\n' . $row['name'] . ':' . $horizontal . '-' . $row['loc_ver'] . '\nDette vil slette også slette underliggende dimensjoner\')">×</a></p>';       
        $sql2 = "SELECT * FROM Bakker WHERE idStativ = $id";
        $result2 = $conn->query($sql2);
        while ($row2 = $result2->fetch_array()) {
            if ($row2['id_od'] == 'OD') {
                $type = 'OD ';
            } else {
                $type = null;
            }
            $dim = $row2['diameter'];
            if (isset($row2['dybde'])) {
                $length = $row2['dybde'];
            } else {
                $length = '*';
            }
            echo '<p>' . $type . 'Ø' . $dim . ' ↧ ' . $length . ' - <a href="includes/dim.delete.db.php?id=' . $row2['id'] . '" onclick="return confirm(\'Er du sikker på du vil slette;\n' . $type . 'Ø' . $dim . ' ↧ ' . $length . '\')">×</a></p>';
        }
    }
    include 'dim.db.php';


if (isset($_GET['new'])) {
    echo '<br>';
    echo '<p>Lokasjon:</p>';
    $id = $_GET['new'];
    $sql = "SELECT * FROM Stativ WHERE id = $id";
    $result = $conn->query($sql);
    while ($row = $result->fetch_array()) {
        echo '<p>' . $row['name'];
    }
    echo ':' . $alphabet[($_GET['hor'] - 1)] . '-' . $_GET['ver'] . '</p>';
    echo '<p>Denne er registrert tom<p>';
    echo '<form method="POST" action="includes/bakke.add.db.php">';
    echo '<input type="hidden" name="stand" value="' . $_GET['new'] . '">';
    echo '<input type="hidden" name="locV" value="' . $_GET['ver'] . '">';
    echo '<input type="hidden" name="locH" value="' . $_GET['hor'] . '">';
    echo '<input type="submit" value="Legg til">';
    echo '</form>';
}
}

What I have tried:

Nothing based on actual skill, just been trying to find a lucky solution.

if

if (mysqli_num_rows($result) > 0) {

is greater than 0 then code works.

But if I paste

if (isset($_GET['new'])) { (........)

before the first if, then it works but it gives kinda both results at same time which is unwanted.

Posted 4-Feb-21 14:03pm

Mokkisjeva

Updated 4-Feb-21 22:54pm

v4

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard Deeming · Accepted Answer · 2021-02-04T22:54:00

A simple Google search for the error message would have lead you to the resolution, since this question gets asked several times every week:

PHP: mysqli::query - Manual[^]:
Returns false on failure. For successful SELECT, SHOW, DESCRIBE or EXPLAIN queries mysqli_query() will return a mysqli_result object. For other successful queries mysqli_query() will return true.

Your query has an error in it. Check the result before passing it to any other functions:

PHP

if ($result && mysqli_num_rows($result) > 0) {

NB: Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation / interpolation to build a SQL query. ALWAYS use a parameterized query.

PHP: SQL Injection - Manual[^]