Click here to Skip to main content
14,926,139 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
So, I had a broken code but it still worked until I updated my php version, and it now fails. Because of my limited knowledge I fail to find the error. Any of you smarts find the error?


"
Fatal error: Uncaught TypeError: mysqli_num_rows(): Argument #1 ($result) must be of type mysqli_result, bool given in C:\xampp\htdocs\bakker-test\includes\bakke.db.php:10 Stack trace: #0 C:\xampp\htdocs\bakker-test\includes\bakke.db.php(10): mysqli_num_rows(false) #1 C:\xampp\htdocs\bakker-test\index.php(36): include('C:\\xampp\\htdocs...') #2 {main} thrown in C:\xampp\htdocs\bakker-test\includes\bakke.db.php on line 10
"



$id = $_GET['id'];
$alphabet = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z');


$sql = "SELECT * FROM Bakkeplassering LEFT JOIN Stativ ON Bakkeplassering.stativ = Stativ.id WHERE Bakkeplassering.id = $id";
$result = $conn->query($sql) ;

if (mysqli_num_rows($result) > 0) {
    while ($row = $result->fetch_array()) {
        $letter = $row['loc_hor'] - 1;
        $horizontal = $alphabet[$letter];
        echo '<br>';
        echo '<p>Lokasjon:<p>';
        echo '<p>' . $row['name'] . ':' . $horizontal . '-' . $row['loc_ver'] . ' - 
        <a href="includes/bakke.delete.db.php?id=' . $id . '&new=' . $row['id'] . '&ver=' . $row['loc_ver'] . 
        '&hor=' . $row['loc_hor'] . '" onclick="return confirm(\'Er du sikker på du vil slette;\n' . $row['name'] . ':' . $horizontal . '-' . $row['loc_ver'] . '\nDette vil slette også slette underliggende dimensjoner\')">×</a></p>';       
        $sql2 = "SELECT * FROM Bakker WHERE idStativ = $id";
        $result2 = $conn->query($sql2);
        while ($row2 = $result2->fetch_array()) {
            if ($row2['id_od'] == 'OD') {
                $type = 'OD ';
            } else {
                $type = null;
            }
            $dim = $row2['diameter'];
            if (isset($row2['dybde'])) {
                $length = $row2['dybde'];
            } else {
                $length = '*';
            }
            echo '<p>' . $type . 'Ø' . $dim . ' ↧ ' . $length . ' - <a href="includes/dim.delete.db.php?id=' . $row2['id'] . '" onclick="return confirm(\'Er du sikker på du vil slette;\n' . $type . 'Ø' . $dim . ' ↧ ' . $length . '\')">×</a></p>';
        }
    }
    include 'dim.db.php';


if (isset($_GET['new'])) {
    echo '<br>';
    echo '<p>Lokasjon:</p>';
    $id = $_GET['new'];
    $sql = "SELECT * FROM Stativ WHERE id = $id";
    $result = $conn->query($sql);
    while ($row = $result->fetch_array()) {
        echo '<p>' . $row['name'];
    }
    echo ':' . $alphabet[($_GET['hor'] - 1)] . '-' . $_GET['ver'] . '</p>';
    echo '<p>Denne er registrert tom<p>';
    echo '<form method="POST" action="includes/bakke.add.db.php">';
    echo '<input type="hidden" name="stand" value="' . $_GET['new'] . '">';
    echo '<input type="hidden" name="locV" value="' . $_GET['ver'] . '">';
    echo '<input type="hidden" name="locH" value="' . $_GET['hor'] . '">';
    echo '<input type="submit" value="Legg til">';
    echo '</form>';
}
}


What I have tried:

Nothing based on actual skill, just been trying to find a lucky solution.

if
if (mysqli_num_rows($result) > 0) {
is greater than 0 then code works.



But if I paste
if (isset($_GET['new'])) { (........)
before the first if, then it works but it gives kinda both results at same time which is unwanted.
Posted
Updated 4-Feb-21 22:54pm
v4

1 solution

A simple Google search for the error message would have lead you to the resolution, since this question gets asked several times every week:
Returns false on failure. For successful SELECT, SHOW, DESCRIBE or EXPLAIN queries mysqli_query() will return a mysqli_result object. For other successful queries mysqli_query() will return true.
Your query has an error in it. Check the result before passing it to any other functions:
PHP
if ($result && mysqli_num_rows($result) > 0) {

NB: Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation / interpolation to build a SQL query. ALWAYS use a parameterized query.

PHP: SQL Injection - Manual[^]
   
Comments
Mokkisjeva 5-Feb-21 9:45am
   
Cheers Richard for your input.
Google did indeed lead me the conclusion my code was bad, I just couldn't see where.

Did some reading on SQL Injection, and that does not look good. Thought I was taking one step forward here but seem like I've leaped backwards.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900