Click here to Skip to main content
15,353,416 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
hello I need some help with my code to fixthis error of mysqli_num_rows() expects parameter 1 to be mysqli_result PLEASE HELP !
here is my code to display my data in a live search with ajax
PHP
<pre>
<?php

include("config.php");
if(isset($_POST['input'])){

    $input = $_POST['input']; 

    $query = "SELECT * FROM wheat_genes WHERE Gene_Name LIKE '{$input}%' OR Gene_id LIKE '{$input}%' OR Gene_Annotation '{$input}%' OR Gene_Regulation LIKE '{$input}%'"; 

    $result = mysqli_query($con, $query); 
    
    if(mysqli_num_rows($result)>0){?>
        <table class="table table-bordered table-striped mt-4">
            <thead>
                 <tr>
                    <th>ID</th>
                    <th>Gene_id</th>
                    <th>Gene_Name</th>
                    <th>Gene_Annotation</th>
                    <th>Gene_Regulation</th>
                    <th>CDS</th>
                    <th>Primer_R</th>
                    <th>Primer_F</th>
                    <th>CG%</th>
                    <th>Compelet_seqence</th>
                 </tr>
            </thead>
            <tbody>
                <?php
                while($row=mysqli_fetch_assoc($result)){
                    $id = $row["ID"];
                    $Gene_id= $row["Gene_id"];
                    $Gene_Name = $row["Gene_Name"];
                    $Gene_Annotation = $row["Gene_Annotation"];
                    $Gene_Regulation = $row["Gene_Regulation"];
                    $CDS = $row["CDS"];
                    $Primer_R = $row["Primer_R"];
                    $Primer_F = $row["Primer_F"];
                    $CG = $row["CG%"];
                    $Compelet_seqence = $row["Compelet_seqence"];

                }
                ?>
                <tr>
                    <td><?php echo $ID ;?></td>
                    <td><?php echo $Gene_id ;?></td>
                    <td><?php echo $Gene_Name ;?></td>
                    <td><?php echo $Gene_Annotation ;?></td>
                    <td><?php echo $Gene_Regulation ;?></td>
                    <td><?php echo $CDS ;?></td>
                    <td><?php echo $Primer_R ;?></td>
                    <td><?php echo $Primer_F ;?></td>
                    <td><?php echo $CG ;?></td>
                    <td><?php echo $Compelet_seqence ;?></td>

                
                </tr>

            </tbody>
        </table>
        <?php
    

    }else{
        echo "<h4 class='text-danger text-center mt-3'>No data Found</h4>";
    }
    
};
?>    


What I have tried:

PHP
<pre><?php

include("config.php");
if(isset($_POST['input'])){

    $input = $_POST['input']; 

    $query = "SELECT * FROM wheat_genes WHERE Gene_Name LIKE '{$input}%' OR Gene_id LIKE '{$input}%' OR Gene_Annotation '{$input}%' OR Gene_Regulation LIKE '{$input}%'"; 

    $result = mysqli_query($con, $query); 
    
    if(mysqli_num_rows($result)>0){?>
        <table class="table table-bordered table-striped mt-4">
            <thead>
                 <tr>
                    <th>ID</th>
                    <th>Gene_id</th>
                    <th>Gene_Name</th>
                    <th>Gene_Annotation</th>
                    <th>Gene_Regulation</th>
                    <th>CDS</th>
                    <th>Primer_R</th>
                    <th>Primer_F</th>
                    <th>CG%</th>
                    <th>Compelet_seqence</th>
                 </tr>
            </thead>
            <tbody>
                <?php
                while($row=mysqli_fetch_assoc($result)){
                    $id = $row["ID"];
                    $Gene_id= $row["Gene_id"];
                    $Gene_Name = $row["Gene_Name"];
                    $Gene_Annotation = $row["Gene_Annotation"];
                    $Gene_Regulation = $row["Gene_Regulation"];
                    $CDS = $row["CDS"];
                    $Primer_R = $row["Primer_R"];
                    $Primer_F = $row["Primer_F"];
                    $CG = $row["CG%"];
                    $Compelet_seqence = $row["Compelet_seqence"];

                }
                ?>
                <tr>
                    <td><?php echo $ID ;?></td>
                    <td><?php echo $Gene_id ;?></td>
                    <td><?php echo $Gene_Name ;?></td>
                    <td><?php echo $Gene_Annotation ;?></td>
                    <td><?php echo $Gene_Regulation ;?></td>
                    <td><?php echo $CDS ;?></td>
                    <td><?php echo $Primer_R ;?></td>
                    <td><?php echo $Primer_F ;?></td>
                    <td><?php echo $CG ;?></td>
                    <td><?php echo $Compelet_seqence ;?></td>

                
                </tr>

            </tbody>
        </table>
        <?php
    

    }else{
        echo "<h4 class='text-danger text-center mt-3'>No data Found</h4>";
    }
    
};
?>    
Posted
Updated 15-May-22 13:12pm
Comments
Richard Deeming 16-May-22 4:45am
   
Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation/interpolation to build a SQL query. ALWAYS use a parameterized query.
PHP: SQL Injection - Manual[^]
Member 15636942 20-May-22 8:11am
   
i didn't understand please can u fix the problem?
Richard Deeming 20-May-22 8:40am
   
Your lack of understanding is not a problem I can fix.

Read the links I posted, and then fix the critical security vulnerability in your code.

1 solution

Look at the message: mysqli_num_rows() expects parameter 1 to be mysqli_result, bool given.
What is parameter 1? It's $result.
Now go and read the PHP documentation of mysqli_query and you'll see why it might return false, which is a bool value, instead of a mysqli_result.
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900