zpupster Posted April 10, 2017 Share Posted April 10, 2017 (edited) hello i am very new to php. i am trying to do a test on update part of a crud. this is my code so far: i am testing to make sure the id will print first I connect ok. the error i am getting is: Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in /edit.php on line 19 $id =''; $quantity=''; $weight =''; $price =''; if(isset($_GET['id'])){ $sql = "SELECT products_id, products_quantity, products_weight, products_price FROM products where products_id".$_GET['id']; $result = mysqli_query($con, $sql); if(mysqli_num_rows($result)>0){ $row = mysqli_fetch_assoc($result); $id = $row['products_id']; echo $id; } } this is line 19- i have changed the $sql all different ways, i understand that i am getting a false . i have trouble in trying to fix this? if(mysqli_num_rows($result)>0){ Ty Edited April 10, 2017 by zpupster Quote Link to comment Share on other sites More sharing options...
requinix Posted April 10, 2017 Share Posted April 10, 2017 Line 19 is only where the problem was discovered. You need to look at that line and the ones before it to see what the problem is. That particular error message typically means your query was invalid. Look at the query and see if you can spot the mistake. When you've done that, stop what you're doing and switch to prepared statements instead of putting values directly into the query. Quote Link to comment Share on other sites More sharing options...
zpupster Posted April 10, 2017 Author Share Posted April 10, 2017 i forgot the equal sign where products_id".$_GET['id']; to this where products_id=".$_GET['id']; i read about prepared statements could recommend another tutorial. i don't quite get it. TY Quote Link to comment Share on other sites More sharing options...
requinix Posted April 10, 2017 Share Posted April 10, 2017 With a normal query you have to put all the values into the right places. With prepared statements you use a placeholder in the query and later say "this value goes into that placeholder". With a normal query you have to worry about sanitizing values and making sure you don't accidentally break the query (like you did). With prepared statements you don't have to worry. You really should learn about them and switch to them. Even if it takes a bit to understand what they are and how they work. 1 Quote Link to comment Share on other sites More sharing options...
zpupster Posted April 10, 2017 Author Share Posted April 10, 2017 requinix, i am working on it. i would like to get this script to work first and then figurs out the correct way. ty for everything Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted April 10, 2017 Share Posted April 10, 2017 i would like to get this script to work first and then figurs out the correct way. That sounds somewhat paradoxical. How are you going to get working code without the correct way? Doesn't “working” actually mean correct? 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.