Object of class mysqli could not be converted to string in

Object of class mysqli could not be converted to string in

this message show whne  i try to write in textarea about 700 words

how i can solve this problem
AHMED SAMYownerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris StanyonWebDevCommented:
Hey Ahmed,

You'll need to show us your code so we can help you out.
0
AHMED SAMYownerAuthor Commented:
if($connect){
		if ($_POST['submit']){

			$subject=$_POST['subject'];
			$Itinerary=$_POST['Itinerary'];
			$Inclusion=$_POST['Inclusion'];
			$Exclusion=$_POST['Exclusion'];
			$Important=$_POST['Important'];
			$CarUsed=$_POST['CarUsed'];
			$Price=$_POST['Price'];
			$Duration=$_POST['Duration'];
			
			$type1=$_POST['type1'];
			$HName1=$_POST['HName1'];
			$period1=$_POST['period1'];
			$meal1=$_POST['meal1'];
			
			$type2=$_POST['type2'];
			$HName2=$_POST['HName2'];
			$period2=$_POST['period2'];
			$meal2=$_POST['meal2'];
			
			$type3=$_POST['type3'];
			$HName3=$_POST['HName3'];
			$period3=$_POST['period3'];
			$meal3=$_POST['meal3'];
			
			$type4=$_POST['type4'];
			$HName4=$_POST['HName4'];
			$period4=$_POST['period4'];
			$meal4=$_POST['meal4'];
			
			$type5=$_POST['type5'];
			$HName5=$_POST['HName5'];
			$period5=$_POST['period5'];
			$meal5=$_POST['meal5'];
			
			$valid_date=$_POST['valid_date'];
			
			
			if (empty($packageID) && empty($subject) && empty($Itinerary) && empty($Inclusion) && empty($Important) && empty($Duration) && empty($CarUsed)){
				
				echo "<script type='text/javascript'> alert('please insert data to proceed')</script>";
			}
			else{											
						/// validate vars
						
						$num=" SELECT MAX( package_id ) as package_id FROM packages ";
						$query=mysqli_query($connect,$num);
						if($query){
							$row = mysqli_fetch_array($query);
							if($row){
								$max= $row['package_id'];
								if($max > 500){
									$package_id= $max + 1 ;
								}
								else{
									$first= 500 ;
									$package_id= $max + 501 ;
								}
								$filter_package_id=$package_id;
								
								$filter_subject=filter_var($subject,FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH);
								$Itinerary=filter_var($Itinerary,FILTER_SANITIZE_STRING);
								$Inclusion=$_POST['Inclusion'];
								$Exclusion=$_POST['Exclusion'];
								$Important=$_POST['Important'];
								$filter_Duration=filter_var($Duration,FILTER_SANITIZE_STRING);
								$filter_Price=filter_var($Price, FILTER_SANITIZE_NUMBER_INT);
								$filter_Designation=filter_var($Designation, FILTER_SANITIZE_STRING);
								$filter_CarUsed=$_POST['CarUsed'];
										
								$type1=$_POST['type1'];
								$HName1=$_POST['HName1'];
								$filter_period1=filter_var($period1, FILTER_SANITIZE_NUMBER_INT);
								$meal1=$_POST['meal1'];
								
								$type2=$_POST['type2'];
								$HName2=$_POST['HName2'];
								$filter_period2=filter_var($period2, FILTER_SANITIZE_NUMBER_INT);
								$meal2=$_POST['meal2'];
								
								$type3=$_POST['type3'];
								$HName3=$_POST['HName3'];
								$filter_period3=filter_var($period3, FILTER_SANITIZE_NUMBER_INT);
								$meal3=$_POST['meal3'];
								
								$type4=$_POST['type4'];
								$HName4=$_POST['HName4'];
								$filter_period4=filter_var($period4, FILTER_SANITIZE_NUMBER_INT);
								$meal4=$_POST['meal4'];
								
								$type5=$_POST['type5'];
								$HName5=$_POST['HName5'];
								$filter_period5=filter_var($period5, FILTER_SANITIZE_NUMBER_INT);
								$meal5=$_POST['meal5'];
								
								$valid_date=$_POST['valid_date'];
								
								$publisher_name=$_SESSION['username'];
											
								// file vars
			
								$path=$_FILES['upload']['tmp_name'];
								$name=$_FILES['upload']['name'];
								$size=$_FILES['upload']['size'];
								$type=$_FILES['upload']['type'];
								$error=$_FILES['upload']['error'];
								
								$j = 0; //Variable for indexing uploaded image 
								
									
								$target_path = "uploads/"; //Declaring Path for uploaded images
								for ($i = 0; $i < count($_FILES['file']['name']); $i++) {//loop to get individual element from the array
							
									$validextensions = array("jpeg", "jpg", "png");  //Extensions which are allowed
									$ext = explode('.', basename($_FILES['file']['name'][$i]));//explode file name from dot(.) 
									$file_extension = end($ext); //store extensions in the variable
									
									$target_path = $target_path . md5(uniqid()) . "." . $ext[count($ext) - 1];//set the target path with a new name of image
									$j = $j + 1;//increment the number of uploaded images according to the files in array       
								  
									$newtarget= $target_path ;
								  
								  if (($_FILES["file"]["size"][$i] < 1500000) //Approx. 100kb files can be uploaded.
                						&&in_array($file_extension, $validextensions)) {
										if (move_uploaded_file($_FILES['file']['tmp_name'][$i], $target_path)) {//if file moved to uploads folder
											$path=$_FILES['file']['tmp_name'][$i];
											$name=$_FILES['file']['name'][$i];
											$size=$_FILES['file']['size'][$i];
											$type=$_FILES['file']['type'][$i];
											$error=$_FILES['file']['error'][$i];

											$content=file_get_contents($target_path);
											$safeimage=mysqli_real_escape_string($connect,$content);
																	
											$sqlimage="insert into packages_image(packageID,name,size,type,content) values ('$filter_package_id','$name','$size','$type','$safeimage')";
																	
											$queryimage=mysqli_query($connect,$sqlimage);
										} else {//if file was not moved.
											echo "<script type='text/javascript'> alert(please try again!.')</script>";
										}
									} else {//if file size and file type was incorrect.
										echo "<script type='text/javascript'> alert(***Invalid file size or Type***')</script>";
									}
								}		

								$newtest="SELECT * FROM packages WHERE package_name='$filter_subject'";
                                $newquery=mysqli_query($connect,$newtest);
								$newresult=mysqli_fetch_array($newquery);
								if(!$newresult){

                                    /// save all in database.
								    $sql="INSERT INTO packages(package_id,package_name,Detailed_Itinerary,Inclusion,Exclusion,Important_Note,Trip_Duration,Package_Price,Car_Used,type1,HName1,period1,meal1,type2,HName2,period2,meal2,type3,HName3,period3,meal3,type4,HName4,period4,meal4,type5,HName5,period5,meal5,valid_date,publisher_name) VALUES('$filter_package_id','$filter_subject','$Itinerary','$Inclusion','$Exclusion','$Important','$filter_Duration','$filter_Price','$filter_CarUsed','$type1','$HName1','$filter_period1','$meal1','$type2','$HName2','$filter_period2','$meal2','$type3','$HName3','$filter_period3','$meal3','$type4','$HName4','$filter_period4','$meal4','$type5','$HName5','$filter_period5','$meal5','$valid_date','$publisher_name')";

                                    $result=mysqli_query($connect,$sql);
                                    if (!$result) {
                                        echo "<script type='text/javascript'> alert('Query: {$sql} failed with ' . mysql_error($connect)')</script>";
                                    }
                                    else {
                                        echo "<script type='text/javascript'>alert('saved successfully...')</script>";
                                    }
								}

							}
							else{echo "<script type='text/javascript'> alert('no package id..')</script>";}
						}
						else{echo "<script type='text/javascript'> alert('Query: {$sql} failed with ' . mysql_error($connect)')</script>";}
			}
		}
	}
	else {echo "<script type='text/javascript'>alert('conection failed..')</script>";}

Open in new window

0
Chris StanyonWebDevCommented:
Hmmm. Looks like we might need more info. When you get your error it should give you line numbers and a specific error. Can you post that up.
0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

AHMED SAMYownerAuthor Commented:
Catchable fatal error: Object of class mysqli could not be converted to string in /home/content/74/8021074/html/******/Admin/Editpackage.php on line 153
0
Chris StanyonWebDevCommented:
Can't really see anything on line 153 that would cause your error, although a few lines later on you are trying to use mysql_error, instead of mysqli_error ( notice the i ). Change all instances of that and try again.
0
AHMED SAMYownerAuthor Commented:
my client have word file may be more than 2000 letter and sympols

which made proplem
0
Chris StanyonWebDevCommented:
That wouldn't cause the error you're getting.
0
AHMED SAMYownerAuthor Commented:
mmmm
0
Chris StanyonWebDevCommented:
Are you sure line 153 in your code above is the same as line 153 in your actual file.

Did changing the mysql to mysqli make any difference.

May be time to start debugging your code step by step, rather than all in one go. Remove everything apart from the first query and try it. If that works, add in the next query and try that. Keep on building your script in smaller, more managable chunks - much easier to test that way.
0
Chris StanyonWebDevCommented:
Just spotted something that might cause you a problem on lines 158 and 168. You're not concatenating your strings correctly. It should be this:

echo "<script type='text/javascript'> alert('Query: {$sql} failed with " . mysql_error($connect) . "')</script>";

Open in new window

An easier way to do this is to use the printf() function

printf("<script type='text/javascript'>alert('Query: %s failed with %s')</script>", $sql, mysqli_error($connect));

Open in new window

You don't have to worry too much about concatenation that way.
0
AHMED SAMYownerAuthor Commented:
now i make filter and it is working i can save all text but without heading or adujsting fonts or any thing how i solve

$Itinerary=filter_var($Itinerary,FILTER_SANITIZE_STRING,FILTER_FLAG_STRIP_LOW);

Open in new window

0
Chris StanyonWebDevCommented:
Hey Ahmed,

Not sure what you mean by 'without heading or adjusting fonts'. Can you clarify what you mean
0
AHMED SAMYownerAuthor Commented:
like that

1° giorno: Italia /Il Cairo       Arrivo al Cairo, Disbrigo delle formalità doganali. Trasferimento inHotel Cena e pernottamento. 2° giorno: Il Cairo               Mattino visita di Memphis, e Sakkara, pranzo in ristorante, nelpomeriggio visita delle Piramidi di Giza e della Sfinge, cena e pernottamentoin hotel. 3° giorno: Luxor                     Arrivo a Luxor assistenza. Trasferimento alla motonave (cat. 5 stelle) inpensione completa
0
Chris StanyonWebDevCommented:
Sorry Ahmed - I don't understand what the problem is.

What happens if you don't apply the filter?
0
AHMED SAMYownerAuthor Commented:
error will happen and never save



filter Remove all HTML tags from a string:

how i keep them
0
hieloCommented:
>> my client have word file may be more than 2000 letter and symbols
Do not extract the content from the files.  Instead, save the whole file to disk.  Then, in the "content" field, save the path to the file -ex: "/var/www/site1/data/user1/image1.jpg"
0
NerdsOfTechTechnology ScientistCommented:
Catchable fatal error: Object of class mysqli could not be converted to string

It is likely that your error is not in the snippet of code provided.

This error occurs when you access a mysql_query() return object directly like this example:

$result=mysqli_query($connect,$sql);
echo $result; 
//above line throws error because $result is a mysqli result-set object NOT a string (you must use a function like mysqli_fetch_array to pull records from the result-set)

Open in new window


Therefore, check ALL result-set objects for direct access like echo and so forth inside Editpackage.php

Here are the result-set objects that were in the code you provided so far.

$query
$queryimage
$newquery
$result
0
AHMED SAMYownerAuthor Commented:
excuse me i make this filter ( before i didn't make it)  

        $Itinerary=filter_var($Itinerary,FILTER_SANITIZE_STRING,FILTER_FLAG_STRIP_LOW);
        $Inclusion=filter_var($Inclusion,FILTER_SANITIZE_STRING,FILTER_FLAG_STRIP_LOW);
	$Exclusion=filter_var($Exclusion,FILTER_SANITIZE_STRING,FILTER_FLAG_STRIP_LOW);
	$Important=filter_var($Important,FILTER_SANITIZE_STRING,FILTER_FLAG_STRIP_LOW);

Open in new window


and all error vanished but need to save in database tags like  <h1> or list order nothing saved
0
Chris StanyonWebDevCommented:
The FILTER_SANITIZE_STRING part of your filters will remove all HTML tags, such as <h1>. If you need to keep the tags, then don't use the filter.
0
AHMED SAMYownerAuthor Commented:
Catchable fatal error will appear
0
AHMED SAMYownerAuthor Commented:
FILTER_SANITIZE_SPECIAL_CHARS

is it good case
0
Chris StanyonWebDevCommented:
OK Ahmed,

It seems like several things are happening here. Firstly, when you try to insert your data, an error is thrown, but when you try to show the error you get another (Fatal) error because your error reporting is wrong. Make sure when you want to show the error you have this:

printf("<script type='text/javascript'>alert('Query: %s failed with %s')</script>", $sql, mysqli_error($connect));

That should then give you an idea as to why the query failed.

As for which filter to use, you only need to use a filter if it's necessary. I suspect what is happening here is that your data is breaking the query because it probably has quotes and other special characters in there. To avoid the problem, and as a security measure, you should be really using parameterised queries.  If you don't want to use those, then at the very least you should be escaping the data before trying to insert it into the DB.

I would suggest you remove the filters altogether, and then sort out the error reporting. You query still won't work, but you should at least get a proper error message which will help solve the problem. Once you've got the error showing up, post it here to give us more of idea about what's happening.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
AHMED SAMYownerAuthor Commented:
i remove it and use mysqli_real_escape_string

and it is working good
0
AHMED SAMYownerAuthor Commented:
you tried to help and did your best thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.