error with msqli_num_rows

Question

error with msqli_num_rows

Navigation

#1 by (1 votes)
#2 by (0 votes)

0

I'm quite new to the subject of programming and I'm having problems when it comes to programming my website's search engine.

This is the page where you tell me the error is:

require_once ('../bbdd/bbdd.php');

$search = '';

if (isset($_POST['search'])) {
    $search = $_POST['search'];
}

$consulta = "SELECT * from series where nombre LIKE '%".$search."%' ORDER BY DESC LIMIT 20";

$resultado = $conn->query($consulta);
$fila = mysqli_fetch_assoc($resultado);

/*echo $fila['nombre'];*/

$total = msqli_num_rows($resultado);


if ($total >0 && $search != '') {?>
    <h2>resultados de la busqueda</h2>
 <?php do { ?>  
    <div class="nombre">
        <?php echo $fila['nombre']; ?>
    </div>
 <?php  
} while ( $fila = mysqli_fetch_assoc($resultado));  ?>  

 <?php } 

 ?>

When I try to execute the query, it gives me two errors:

Warning: mysqli_fetch_assoc () expects parameter 1 to be mysqli_result,   boolean given in C: \ xampp \ htdocs \ project \ php \ search.php on line 14

Fatal error: Call to undefined function msqli_num_rows () in   C: \ xampp \ htdocs \ project \ php \ search.php on line 18

php mysqli

asked by HaileyThc 20.04.2017 в 14:43

source

2 answers

0

Welcome HaileyThc!

Look, in plain view I see that you wrote msqli_num_rows which does not exist. There is mysqli_num_rows .

And on the other hand:

if (isset($_POST['search'])) {
    $search = $_POST['search'];
}

I understand that if you do not have anything 'search' then you will not pass the parameter to $search . However, when $consulta is executed, it will have the following value:

$consulta = "SELECT * from series where nombre LIKE ORDER BY DESC LIMIT 20";

so you will drop the query by syntax. It would be nice if you would put an else to leave that script to avoid calls to the database and with errors returned, this is done in this way.

if (isset($_POST['search'])) {
    $search = $_POST['search'];
}else{
    exit();
}

I hope it is useful and successful in what you are developing: D

NOTE:

Beware of that $consulta = "SELECT * from series where nombre LIKE '%".$search."%' ORDER BY DESC LIMIT 20"; since you are not passing parameters to them. It's easy to make an SQL injection attack.

answered by 20.04.2017 в 14:55

Read file (.txt) C ++ Error in Ajax with query Mysqli

score 1 · Accepted Answer

Since you are using the connection as POO

try this way

require_once ('../bbdd/bbdd.php');

$search = '';

if (isset($_POST['search'])) {
    $search = $_POST['search'];
}

$consulta = "SELECT * from series where nombre LIKE '%".$search."%' ORDER BY DESC LIMIT 20";

// comprobamos si se ejecuto correctamente
if (!$resultado = $conn->query($consulta) )
{
    // mostramos el error
    echo $conn->error;
    // finalizamos la ejecución 
    exit;
}
// cambiamos esta línea 
//$fila = mysqli_fetch_assoc($resultado);
$fila = $resultado->fetch_assoc();

/*echo $fila['nombre'];*/

// cambiamos esta línea tambien
//$total = msqli_num_rows($resultado);
$total = $resultado->num_rows;

You can visit the documentation

mysqli_result :: fetch_assoc

mysqli_result :: $ num_rows

How well your partner has commented on you should take steps to protect yourself against SQL injection check this:

SQL injection