Possible Duplicate:
“Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given” error while trying to create a php shopping cart
I don't get it, I see no mistakes in this code but there is this error, please help:
mysql_fetch_array() expects parameter 1 to be resource problem
<?php
$con = mysql_connect("localhost","root","nitoryolai123$%^");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("school", $con);
$result = mysql_query("SELECT * FROM student WHERE IDNO=".$_GET['id']);
?>
<?php while ($row = mysql_fetch_array($result)) { ?>
<table class="a" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#D3D3D3">
<tr>
<form name="formcheck" method="get" action="updateact.php" onsubmit="return formCheck(this);">
<td>
<table border="0" cellpadding="3" cellspacing="1" bgcolor="">
<tr>
<td colspan="16" height="25" style="background:#5C915C; color:white; border:white 1px solid; text-align: left"><strong><font size="2">Update Students</td>
<tr>
<td width="30" height="35"><font size="2">*I D Number:</td>
<td width="30"><input name="idnum" onkeypress="return isNumberKey(event)" type="text" maxlength="5" id='numbers'/ value="<?php echo $_GET['id']; ?>"></td>
</tr>
<tr>
<td width="30" height="35"><font size="2">*Year:</td>
<td width="30"><input name="yr" onkeypress="return isNumberKey(event)" type="text" maxlength="5" id='numbers'/ value="<?php echo $row["YEAR"]; ?>"></td>
<?php } ?>
I'm just trying to load the data in the forms but I don't know why that error appears. What could possibly be the mistake in here?
You are using this :
mysql_fetch_array($result)
To get the error you're getting, it means that $result
is not a resource.
In your code, $result
is obtained this way :
$result = mysql_query("SELECT * FROM student WHERE IDNO=".$_GET['id']);
If the SQL query fails, $result
will not be a resource, but a boolean -- see mysql_query
.
I suppose there's an error in your SQL query -- so it fails, mysql_query
returns a boolean, and not a resource, and mysql_fetch_array
cannot work on that.
You should check if the SQL query returns a result or not :
$result = mysql_query("SELECT * FROM student WHERE IDNO=".$_GET['id']);
if ($result !== false) {
// use $result
} else {
// an error has occured
echo mysql_error();
die; // note : echoing the error message and dying
// is OK while developping, but not in production !
}
With that, you should get a message that indicates the error that occured while executing your query -- this should help figure out what the problem is ;-)
Also, you should escape the data you're putting in your SQL query, to avoid SQL injections !
For example, here, you should make sure that $_GET['id']
contains nothing else than an integer, using something like this :
$result = mysql_query("SELECT * FROM student WHERE IDNO=" . intval($_GET['id']));
Or you should check this before trying to execute the query, to display a nicer error message to the user.
The most likely cause is an error in mysql_query()
. Have you checked to make sure it worked? Output the value of $result
and mysql_error()
. You may have misspelled something, selected the wrong database, have a permissions issue, etc. So:
$id = (int)$_GET['id']; // this also sanitizes it
$sql = "SELECT * FROM student WHERE idno = $id";
$result = mysql_query($sql);
if (!$result) {
die("Error running $sql: " . mysql_error());
}
Sanitizing $_GET['id']
is really important. You can use mysql_real_escape_string()
but casting it to an int
is sufficient for integers. Basically you want to avoid SQL injection.
$id = intval($_GET['id']);
$sql = "SELECT * FROM student WHERE IDNO=$id";
$result = mysql_query($sql) or trigger_error(mysql_error().$sql);
always do it this way and it will tell you what is wrong
Make sure that your query ran successfully and you got the results. You can check like this:
$result = mysql_query("SELECT * FROM student WHERE IDNO=".$_GET['id']) or die(mysql_error());
if (is_resource($result))
{
// your while loop and fetch array function here....
}
Give this a try
$indo=$_GET['id'];
$result = mysql_query("SELECT * FROM student WHERE IDNO='$indo'");
I think this works..
In your database what is the type of "IDNO"? You may need to escape the sql here:
$result = mysql_query("SELECT * FROM student WHERE IDNO=".$_GET['id']);
Source: Stackoverflow.com