Jump to content

Warning: mysql... expects parameter 1 to be resource, boolean given


wintech
 Share

Recommended Posts

Please help me with these erros i encounterd while configuring mysql tables

 

1. Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/user/public_html/sample/f..php on line 52

 

$query = mysql_query("SELECT * FROM ".$table." WHERE ".$where." = '".$equals."'");

} else {
$query = mysql_query("SELECT * FROM ".$table."");
}
$hasil = mysql_fetch_array($query);
 
 
 
 
 <li class="active"><a href="#investment" data-toggle="tab">ToTal Investments (<?php echo mysql_num_rows(mysql_query("SELECT * FROM invest")) ?>)</a></li>
 
 
 
 
 
   <li class="" onclick="payout();"><a href="#payout" data-toggle="tab">Total Payouts (<?php echo mysql_num_rows(mysql_query("SELECT * FROM invest WHERE status = 'Paid'")) ?>)</a></li>
 
4. Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in 
 
$query = mysql_query("SELECT * FROM invest WHERE status = 'Paid' ORDER BY id DESC");
      while($rows = mysql_fetch_array($query)) {
      switch ($rows['status']) {
      case "Paid" : $countdown = '<td>'.'<span class="label label-success">Paid!</span>'.'</td>'; break;
     

 

Link to comment
Share on other sites

If they were on PHP 7 they'd get a completely different error.

 

Run var_dump( $query ); What does it tell you $query is?

 

Suggestions:

$table  = mysql_real_escape_string($table);
$where  = mysql_real_escape_string($where);
$equals = mysql_real_escape_string($equals);

if( !!!!! some kind of boolean condition needs to be checked in here !!!!!)
{
   $query_statement = "SELECT * FROM $table WHERE $where='$equals'";
   $result = mysql_query( $query_statement );
} 
else 
{
   $query_statement = "SELECT * FROM $table";
   $result = mysql_query( $query_statement );
}

// If the query is syntactically invalid, mysql_query() fails and returns FALSE.
if (!$result) {
    die('Invalid query: ' . mysql_error() . ' QUERY STATEMENT: ' . $query_statement);
    // Don't ever show the query string on a live website though.
}

$hasil = mysql_fetch_array($result);

//

http://www.catb.org/esr/faqs/smart-questions.html#intro

Edited by thinsoldier
Link to comment
Share on other sites

As Benanaman said and as you apparently agreed with Thinsoldier - using MySQL* functions is the wrong way to go. It is deprecated and has in fact been completely removed from PHP 7 (hence the different message I suppose) so why do you go ahead and provide the OP with even more outdated code?

 

OP - as mentioned you should switch to using either mysqlI (note the I character) or PDO methods to access your database. If you are not doing your own hosting then check with your provider to see which interface they support and start using it.

 

I and many others on this forum do recommend PDO as, after the initial (small) hurdle that anything new presents, PHP is pretty easy to use. That and the use of 'prepared queries' (look it up) will greatly modernize and protect your future coding endeavors.

Link to comment
Share on other sites

Provide an answer suitable to their current level so they can get to the next step. If they had a level of absolute zero I would have pointed to a PDO tutorial. But since they've already started to develop an understanding based on whatever old book they are following, answering their question using the original code from their question will be the most understandable answer for them at this time. Ignoring their current situation and telling them to drop what they're currently doing and go learn PDO might delay their short term needs by a week. Answering their old code question with more old code might delay their advancement as a developer by a year. Based on they way they asked their question, I don't think they care about that second one. With luck, somewhere over the next few months they will make the time to look into why mysql_* is bad and actually take that next step towards being a better developer.

Link to comment
Share on other sites

The code you've provided is plain wrong. As the name already implies, mysql_real_escape_string() is for strings. When you apply it to identifiers, you simultaneously get an injection vulnerability and a bug.

 

And this is exactly why keeping the old MySQL extension is unacceptable: It causes actual harm. It produces security vulnerabilities and defects all over the place. When even you can't get the code right, how on earth can you recommend it to somebody who you think is a bloody amateur?

 

Your the-OPs-don't-care attitude is also worrisome. The code above obviously involves financial transactions, so, no, this isn't the right place for playing around and relying on luck. But even if it was a friggin' school project: Who are you to decide that somebody isn't worthy of correct advice?

Link to comment
Share on other sites

Everyone has already given correct advice but not assisted with the problem they are possibly having an emotional breakdown over. It's highly likely they've posted this to multiple forums and in every thread every reply is telling them "do it the right way" and their eyes are glazing over all of that as they franticly skip for "the solution to the problem". Once they get their problem to go away and their experimental code to work, they calm down, and maybe then re-read the replies that were trying to teach them something and decide to start a new experiment: try to do the same thing I just did but do it the modern way with PDO because 26 people told me to.

Link to comment
Share on other sites

When somebody has severe pneumonia, you don't “solve the problem” by leaving them alone with a bunch of cough drops. Do you not understand that?

 

The warnings are just symptoms of a hopelessly misguided approach to database-related code. You can spend the rest of your career making those warnings go away, it doesn't help the OP one bit. In fact, you've made things worse, because now the OP has a) your vulnerabilities, b) your wrong error handling, c) wasted a lot of time on individual instances of the same underlying problem and d) left the application to die with the next PHP update.

 

You still don't seem to get why we're recommending PDO. This is not about some “modern way”. It's about preventing people like the OP and you from shooting themselves in the foot.

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.