Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Warning: mysql-fetch-assoc():supplied argument is not a valid MySQL result resource in

Posted on 2009-05-13
5
Medium Priority
?
868 Views
Last Modified: 2013-12-12
Warning: mysql-fetch-assoc():supplied argument is not a valid MySQL result resource in  /include/functions.inc.php on line 142

line 142 is :  while ($row = mysql_fetch_assoc($result) )

this and other errors appear after server and php change

How do i fix this?  Help.
/*
* Get an array of the questions
*/
function getQuestions($qid='all')
{
    $sql  = "SELECT * FROM QUESTION ORDER BY Q_TEXT";
 
    if ($qid != 'all' && !empty($qid))
    {
        $sql .= "AND Q_ID='$qid'";
    }
 
    $result=getSQLResult($sql);
 
    while ($row = mysql_fetch_assoc($result) )
    {
 
        $Q[$row['Q_ID']]=$row['Q_TEXT'];
    }
 
    return $Q;
}

Open in new window

0
Comment
Question by:justmelat
5 Comments
 
LVL 8

Expert Comment

by:mostart
ID: 24376596
again a warning, saying $result is not a valid mysql result. You need to make sure $result is a valid result before fetching data.

All those warnings probably are  now showing up because your "error_reporting" setting in the php.ini config file changed. It just did not show the warnings before allthough they where always there so you could also just turn off warnings in php.ini again (which is not a goog idea though in my opinion)
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 24376710
Alter your code to look more that that below

function getQuestions($qid='all')
{
    $sql  = "SELECT * FROM QUESTION ORDER BY Q_TEXT";
 
    if ($qid != 'all' && !empty($qid))
    {
        $sql .= "AND Q_ID='$qid'";
    }
 
    $result=getSQLResult($sql);

    // Assuming that getSQLResult passes back a result set or false on failure ...
    //
    if ( !$result )
        $Q = array();
    else
        while ($row = mysql_fetch_assoc($result) )
        {

             $Q[$row['Q_ID']]=$row['Q_TEXT'];
        }
 
    return $Q;
}

0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 24376747
To turn off error messages on a live server, go to /etc/php5/apache2/php.ini (the most likely location for php.ini) and edit it. Look for a line saying

display_errors = on

and change it to

display_errors = off

then save the file and restart Apache with

apache2ctl restart on a command line. You will need root access to do this.
0
 
LVL 12

Expert Comment

by:jessegivy
ID: 24381181
I think bportlock is on the right track.  The real question here is what the heck does getSQLResult($sql) return?  Is it really appropriate to return false?  More importantly though, where is this function being called from?  If the function you posted is inside a class you'll need to use the $this->getSQLResult($sql) keyword!?  It seems more likely that this is a function that's being included from another file, which is something i can strongly advise against.  If you have custom functionality you'd like to use each and every time you want to connect to the database, create a connection class.
0
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 2000 total points
ID: 24563873
the problem is here:

   $sql  = "SELECT * FROM QUESTION ORDER BY Q_TEXT";
 
    if ($qid != 'all' && !empty($qid))
    {
        $sql .= "AND Q_ID='$qid'";

the resulting sql would be:

SELECT * FROM QUESTION ORDER BY Q_TEXTAND Q_ID='<something>'

as you see, there are actually PLENTY of problems:
§ no WHERE clause,
§ AND after the ORDER instead of before
§ possible sql injection
§ if the Q_ID is numerical data types, don't use quotes
§ avoid SELECT * whenever you can in your queries, just wasting resources...

fix for all 3 issues:
function getQuestions($qid='all')
{   // query all columns, all rows by default
    $sql  = "SELECT * FROM QUESTION WHERE 1 = 1 " ;#
    // better specify the columns you really need
    // $sql  = "SELECT Q_ID, Q_TEXT FROM QUESTION WHERE 1 = 1 " ;
 
    if ($qid != 'all' && !empty($qid))
    {   // query for a given Q_ID
        $sql .= " AND Q_ID='" . mysql_real_escape_string($qid) . "'";
        // if q_id is numerical, don't use quotes:
        //$sql .= " AND Q_ID= " . mysql_real_escape_string($qid) . " ";
    }
    else
    {  // if we get all the records, do the order by
       // for 1 single record (above), no need to request a order by 
       $sql .= " ORDER BY Q_TEXT ";
    }
 
    $result=getSQLResult($sql);

Open in new window

0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
This article shows the steps required to install WordPress on Azure. Web Apps, Mobile Apps, API Apps, or Functions, in Azure all these run in an App Service plan. WordPress is no exception and requires an App Service Plan and Database to install
The viewer will learn how to dynamically set the form action using jQuery.
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question