Jump to content

Recommended Posts

Hi guys, thank you for all your help i really appreciated. I have my website, www.sparklenshinecs.com, and i am trying to do a SEO on it. However when I run a seo report appears two different lines of code as follow

 

http://www.sparklenshinecs.com/index.php?content=paginas&cat=7

 

and

 

http://www.sparklenshinecs.com/index.php?content=paginas&cat=7

 

 

if I run the first  link it gives me the following error on the page:

 

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/content/10/9601510/html/paginas.inc.php on line 7

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/content/10/9601510/html/paginas.inc.php on line 38

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/content/10/9601510/html/paginas.inc.php on line 56

 

and  if I run the second link: it gives me the normal page.

 

Someone can please explain me whats going on, and how I avoid those warnings.

 

 

 
Link to comment
https://forums.phpfreaks.com/topic/288128-php-and-mysql-question/
Share on other sites

This:

http://www.sparklenshinecs.com/index.php?content=paginas&cat=7

is a URL encoded variant of this:

http://www.sparklenshinecs.com/index.php?content=paginas&cat=7

The character & is encoded to its html entity equivalent &

 

Technically, when a script wants to paste a URL into the HTML output, such as the value of a text type form element, validation will agree with the encoded variant. Note that the browser will display all the HTML entities as their single character version.

 

So, I think whatever script is creating these URLs, it is mistaking the intended place in the HTML: actual links, such as for images, or informational areas.

 

Or, whatever is scanning your site for SEO-ness, is not discriminating between the two purposes.

 

When PHP splits the querystring into the GET array, there will be $_GET['amp;cat'] that equals '7'.

 

When your script tries to use $_GET'cat'], which is not set, your query will fail.

 

Not having tested for the response from the database for a possible bad query - a boolean false (you are probably assuming the result from the mysql_query() call will always be a valid resource), the mysql_fetch_array() call will throw an error.

Edited by bsmither

the first form isn't actually a url/link, it's the html markup you would output on a web page for a url. the browser renders the & as an & and when you click on that, it should submit correctly as the second version of the link you posted.
 
the reason for the errors are because your query is failing, due to an error, and you are not testing if the query actually ran before trying to use the result from the query, most likely because $_GET['cat'] is being used in the query as a numerical value, but it doesn't exist at all, let alone being a valid integer representing a cat value, for the first form.

 

you ALWAYS need to validate external data before using it. if your code requires a $_GET['cat'] value and one hasn't been submitted, your code should either use a default value or prevent the remainder of the code that is dependent on having a valid $_GET['cat'] from even running.

 

you should also ALWAYS test if your queries run without any errors before trying to use the data you expect from your queries.

Edited by mac_gyver

thank you, i re-wrote the code....this is what i have now

<?php

$menu_id = $_GET['cat'];

$sql = mysql_query("SELECT * from paginas WHERE menu_id=$menu_id");
if(mysql_num_rows($sql)>0) {
while($row = mysql_fetch_array($sql))
{

      $title = $row['title'];
      $sub_title = $row['sub_title'];
      $content = $row['content'];

             $title_tag= str_replace(' . ',' | ',$row['title_tag']);
             $keywords= $row['keywords'];
             $description= $row['description'];


echo "<title>$title_tag</title>";

echo"<meta name='keywords' content='$keywords'>";

echo"<meta name='description' content='$description'></br>";
}


echo"<h1>$title</h1>";

echo"<h2>$sub_title</h2>";
echo"<p>$content</p>";
}

  else {
  echo "No results found!";
}
?>

what you think?

Better, should work for your needs.  Last thing, if the $_GET['cat'] is ALWAYS supposed to be a full integer, for security purposes it would be best to cast the value to an integer so that no matter what someone tries to enter as the cat it will always return a integer or 0.

$menu_id = (int)$_GET['cat'];
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.