Warning: mysqli_fetch_array () expects parameter 1 to be mysqli_result, boolean given in: [duplicate]

Question

Warning: mysqli_fetch_array () expects parameter 1 to be mysqli_result, boolean given in: [duplicate]

Navigation

#1 by (2 votes)

1

I get the following error:

Warning: mysqli_fetch_array () expects parameter 1 to be mysqli_result, boolean given in C: \ Program Files (x86) \ VertrigoServ \ www \ sdp \ search.php on line 25

    <?php  
function nombreofcyciu($codofc,$entidad)/*BUSCAR NOMBRE OFICINA y ciudad*/
  { include ("conectar.php");
    $sql=mysqli_query($link,"SELECT * FROM $entidad WHERE item='$codofc'");
    $filasql=mysqli_fetch_array($sql); /* Linea de error*/
    $nombreofc[0]=$filasql['oficina'];
    $nombreofc[1]=$filasql['ciudad'];
    return($nombreofc);
  } 
?>

the Connection to the BD works well, although I leave the code of the connection.

there was no connection. ' mysqli_error ()); } $ db = mysqli_select_db ($ link, "generator2") or die (mysqli_error ($ link)); ? >

In the database there is a table and the column called in the query, because when you print the values of the query by console, it shows them correctly.

function nombreofcyciu ($ codofc, $ entity) / SEARCH NAME OFFICE and city / { include ("conecta.php"); $ sql = mysqli_query ($ link, "SELECT * FROM $ entity WHERE item = '$ codofc'"); echo "console.log ('SELECT * FROM $ entity WHERE item = $ codofc');"; $ rowsql = mysqli_fetch_array ($ sql); }

You're right, it's vulnerable to an Injection attack, but for the moment I'm working on a localhost.

PDTA. I still can not find the solution and I already discard the possible causes mentioned above. Is there something I'm missing?

php mysqli

asked by Edgar Yezid Cruz 12.02.2018 в 17:20

source

1 answer

Drag marker in Android Google Maps Matplotlib Python Values in X axis

score 2 · Accepted Answer

In a call to mysqli_query in which a query of type SELECT is used, as in your case, two results are possible:

an object with the result set which can be read

a boolean with value FALSE if there is an error

The message:

Warning: mysqli_fetch_array () expects parameter 1 to be mysqli_result, boolean given in ...

Indicates

that your mysqli_fetch_array() expects a valid parameter to return the results
but instead of that valid parameter you are passing a Boolean .

And ... why do I have a boolean there and not a valid object?

Because the call to mysqli_query failed , and when this happens instead of a valid object with the requested data what it returns is a Boolean value equal to FALSE .

Like the query failed ...?

Yes yes, it failed. In fact, it is very easy for a query to fail, for many reasons, for example:

That the connection is not called $link

That the connection is not valid, because you did not have any credentials, because you do not have permissions, because the database server is down ....

That there is no table in the database that is called the variable $entidad

That the table does not have a column named item

That they are injecting malicious code with some syntax error (this is not unreasonable ... then I will tell you why). 1

How to improve the code?

Evaluate the variables, controlling possible errors:

<?php  
function nombreofcyciu($codofc,$entidad)/*BUSCAR NOMBRE OFICINA y ciudad*/
{ 
    include ("conectar.php");
    /* ¿Hay conexión? */
    if($link){
        $sql=mysqli_query($link,"SELECT * FROM $entidad WHERE item='$codofc'");
        /* ¿La consulta se ejecutó bien? */
        if($sql){

            $filasql=mysqli_fetch_array($sql); /* Linea de error*/
            $nombreofc[0]=$filasql['oficina'];
            $nombreofc[1]=$filasql['ciudad'];

            /*Aquí convendría cerrar los recursos si no se van a usar más*/ 
            return $nombreofc;                  

        }else{
            echo mysqli_error($link);   
        }

    }else{

        echo "Error: La conexión no existe";
    }
} 
?>

NOTE:

1 What I told you above in point 5, means that your query   is vulnerable to SQL injection . When the code works, you should   shield it against such attacks.   For more details about this you can check:

- How to avoid SQL injection in PHP?

- What is SQL injection and how can I avoid it?

- Does SQL Injection act only at the database level or is the risk even greater?