A query may fail for various reasons in which case both the mysql_* and the mysqli extension will return false
from their respective query functions/methods. You need to test for that error condition and handle it accordingly.
mysql_* extension:
NOTE The mysql_ functions are deprecated and have been removed in php version 7.
Check $result
before passing it to mysql_fetch_array
. You'll find that it's false
because the query failed. See the mysql_query
documentation for possible return values and suggestions for how to deal with them.
$username = mysql_real_escape_string($_POST['username']);
$password = $_POST['password'];
$result = mysql_query("SELECT * FROM Users WHERE UserName LIKE '$username'");
if($result === FALSE) {
die(mysql_error()); // TODO: better error handling
}
while($row = mysql_fetch_array($result))
{
echo $row['FirstName'];
}
mysqli extension
procedural style:
$username = mysqli_real_escape_string($mysqli, $_POST['username']);
$result = mysqli_query($mysqli, "SELECT * FROM Users WHERE UserName LIKE '$username'");
// mysqli_query returns false if something went wrong with the query
if($result === FALSE) {
yourErrorHandler(mysqli_error($mysqli));
}
else {
// as of php 5.4 mysqli_result implements Traversable, so you can use it with foreach
foreach( $result as $row ) {
...
oo-style:
$username = $mysqli->escape_string($_POST['username']);
$result = $mysqli->query("SELECT * FROM Users WHERE UserName LIKE '$username'");
if($result === FALSE) {
yourErrorHandler($mysqli->error); // or $mysqli->error_list
}
else {
// as of php 5.4 mysqli_result implements Traversable, so you can use it with foreach
foreach( $result as $row ) {
...
using a prepared statement:
$stmt = $mysqli->prepare('SELECT * FROM Users WHERE UserName LIKE ?');
if ( !$stmt ) {
yourErrorHandler($mysqli->error); // or $mysqli->error_list
}
else if ( !$stmt->bind_param('s', $_POST['username']) ) {
yourErrorHandler($stmt->error); // or $stmt->error_list
}
else if ( !$stmt->execute() ) {
yourErrorHandler($stmt->error); // or $stmt->error_list
}
else {
$result = $stmt->get_result();
// as of php 5.4 mysqli_result implements Traversable, so you can use it with foreach
foreach( $result as $row ) {
...
These examples only illustrate what should be done (error handling), not how to do it. Production code shouldn't use or die
when outputting HTML, else it will (at the very least) generate invalid HTML. Also, database error messages shouldn't be displayed to non-admin users, as it discloses too much information.
Incrementing / Decrementing Operators
++
increment operator
--
decrement operator
Example Name Effect
---------------------------------------------------------------------
++$a Pre-increment Increments $a by one, then returns $a.
$a++ Post-increment Returns $a, then increments $a by one.
--$a Pre-decrement Decrements $a by one, then returns $a.
$a-- Post-decrement Returns $a, then decrements $a by one.
These can go before or after the variable.
If put before the variable, the increment/decrement operation is done to the variable first then the result is returned. If put after the variable, the variable is first returned, then the increment/decrement operation is done.
For example:
$apples = 10;
for ($i = 0; $i < 10; ++$i) {
echo 'I have ' . $apples-- . " apples. I just ate one.\n";
}
Live example
In the case above ++$i
is used, since it is faster. $i++
would have the same results.
Pre-increment is a little bit faster because it really increments the variable and after that 'returns' the result. Post-increment creates a special variable, copies there the value of the first variable and only after the first variable is used, replaces its value with second's.
However, you must use $apples--
, since first, you want to display the current number of apples, and then you want to subtract one from it.
You can also increment letters in PHP:
$i = "a";
while ($i < "c") {
echo $i++;
}
Once z
is reached aa
is next, and so on.
Note that character variables can be incremented but not decremented and even so only plain ASCII characters (a-z and A-Z) are supported.
Stack Overflow Posts:
Best Answer
It's exactly as the error states as you're passing arguments to
mysqli_query()
incorrectly. Assuming$conn
is your mysqli connection generated at some point bynew mysqli()
it should be:The way you were calling it you were passing a string,
$sql
as the first argument.