Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given

iFanny

MOD EDIT: Posts split into new thread - please don't hijack others' threads with your own issue! Original thread here.

Weedpacket;10952958 wrote:
It means that MySQL failed to make sense of your query and you suppressed the error message that would have told you it failed (don't use '@' unless you know why you shouldn't). See [man]mysql_query[/man] to see why it would return a boolean instead of a resource, and use [man]mysql_error[/man] to see what MySQL has a problem with in your query.

i have the seme broblem, but my PHP code is :

$id=mysql_connect("localhost" ,"root","") ;
$id=mysql_select_db("restaurant");
if(isset($_POST['nom'],$_POST['mail']))
{
$nom=$_POST['nom'];
$mail=$_POST['mail'];
$ireq_nex=mysql_query("SELECT id FROM client WHERE NomClient='$nom' ");			
if(mysql_num_rows($ireq_nex)>0)
{
$gid=mysql_fetch_array($ireq_nex);
$id=$gid['id'];
$id=mysql_query("UPDATE client SET NbVisites=NbVisites+1 WHERE id=$id ");
if($id>0) echo " Client existe déjà ! ";			
}
else
{
$id=mysql_query("INSERT INTO clients VALUES ('', '$nom', '$mail', '1')");
if($id>0) echo " Client enregistré ";echo "<br><br>";
}
}

iFanny

please help me 🙁

Derokorian

As suggested in this thread, you should be checking if the query failed and if so using mysql_error to see why. (as stated by Weed in the post YOU quoted!) Also you should build the query in a variable so you can inspect it in case it fails.

$qry = "SELECT id FROM client WHERE NomClient='$nom' ";
$ireq_nex = mysql_query($qry);
if( !$ireq_nex ) {
   die(sprintf("<pre>There was an error executing the query.\nQuery was: %s\nMySQL Said: (%d) %s</pre>",$qry,mysql_errno(),mysql_error()));
}
if(mysql_num_rows($ireq_nex)>0)
{ // rest of your code

Also note, the entire mysql library has been deprecated in favor of mysqli (the i stands for improved) or PDO (PHP Data Objects). See Choosing an API for more info.

Also your query is vulnerable to an injection attack. You should never place user supplied data directly into the query string. Instead you should use an escaping function such as mysqli_real_escape_string() or sqlite_escape_string(), or, arguably more preferably, use prepared statements. See SQL Injection for more information.

vivek151189

Just echo this query
"SELECT id FROM client WHERE NomClient='$nom' "
and copy and paste in your phpmyadmin and see does it returning anything I thinhk then you will be able to find what the problem do you have

Bonesnap

vivek151189;11004123 wrote:
Just echo this query
"SELECT id FROM client WHERE NomClient='$nom' "
and copy and paste in your phpmyadmin and see does it returning anything I thinhk then you will be able to find what the problem do you have

I doubt it will return anything because I think it's unlikely he has values in his database called $nom. 😉

Bonesnap

bradgrafelman;11004179 wrote:
... which is why it was suggested to echo that string out and then copy/paste it so that '$nom' would be interpolated first.

Whoops! I blame the morning for that misread. :p

vivek151189

I suggested that so that he can intepolate the value of '$nom' first