Problems with converting mysql over to mysqli errors with mysqli_query & mysqli_fetch_row

Question

Here is the edited script without errors. And the 2 fixes applied to it. To those who helped in part, thank you. To mentions that the code is unclear or messy is inconsequential. Given that most of the following is common structure in mysql queries. Even the example documentation for mysql followed this similar flow. Members who reply should negate from pointless internet banter. Its more worth your time, and my own to do so. Those who stayed on topic and assisted, I thank you.

For example:

$row = mysqli_fetch_row(mysqli_query($con, "SELECT test_table.points FROM test_table WHERE test_table.key = '" . $key . "'")); if ($row[0] > 0){ // exists

Where $row will return a non-zero result if true. Otherwise 0 on false. There is little need to check mysqli_fetch_row and/or mysqli_query. Since checking $row in simplicity works fine. It is unneeded to check mysqli_fetch_row and/or mysqli_query individually in a general exists condition. It does accurately provide exist / does not exist results. There is no $result $row $query just $row.

The noted deviation to that normal flow was my desire to use call_user_func. And to poll in func and params through $_GET. Will be looking more at PDO. However, the clean code before exec should do alright job for now. Which is to clean before exec.

All in all, the code works just as it should. And have since written more to manage a mysql database. From write, write chunk, read, read chunk, delete, delete chunk.

Also to collect numbered records on request. For example say you have 6 records for the same John Smith. You can now collate and scan for differences in those records. Either for what you want, dont want, etc. Or if say you just want to blindly call the first 3 of those records for John Smith.

mysqli_fetch_row & mysqli_fetch_row fix :

FROM Calling $con outside function then into as per mysql. Which in mysqli does not work as expected. There was no error with the functions, over how $con was being handled.

TO Calling $con inside function with just the added global $con. May end up using $GLOBALS even for this.

Result : Calling $con outside function then in works fine in mysql. In mysqli it requires global be set within the function. ie global $con. Or it fails.

call_user_func non-critical error fix :

FROM call_user_func($func($_GET['user'],$_GET['key'],$_GET['points'],$_GET['type']));

TO call_user_func($func,$_GET['user'],$_GET['key'],$_GET['points'],$_GET['type']);

Result : Both lines execute correctly. From executed with a non-critical error. TO does the same thing, but with no following non-critical error.

Sample Output for both : user=MY_Name;key=34342$ee56i1;points=1234;type=

-- code removed as fixes solved the issues --

score 0 · Answer 1 · answered Mar 20 '13 at 13:41

0

You are using call_user_func wrong read the manutal call_user_func first parameter is the callback - in your case it's a function inside your class so it should be something like this: If you have a non-static function in an object:

class Test{
    public  function doit($a){
        echo($a);
    }
}

$t = new Test();

call_user_func(array($t,'doit'),'asfaasfs');

and in static functions inside object:

class Test{
    public static function doit($a){
        echo($a);
    }
}    

call_user_func('Test::doit','asfaasfs');

answered Mar 20 '13 at 13:41

Adidi

5,097
4
23
30

changed it to: call_user_func($func,$_GET['user'],$_GET['key'],$_GET['points'],$_GET['type']); It passes all 4 requirements to $func via the $_GET statements. All I needed to do was change ( to a , and remove one of the ). Fixed and referenced and no errors. Initially the code still executed but softly complained. Doing the change still gets it working, but no complaining. So in a slight way this helped. It was simply complaining because of a lack of reference. Not because it was exactly wrong. Just unreferenced in the way PHP wanted. – Esoterica Mar 20 '13 at 21:35
Though while call_user_func was not entirely correct. It still executed without breaking. And returned always the results asked of it. The change I made still does the same but without showing any more non-critical errors. The error I wish you would have helped with would have been why $row was critically erroring in mysqli but never did in mysql. And that it was erroring with the statement that it wanted mysqli_result. And how to have passed it into $row to satisfy its need. – Esoterica Mar 20 '13 at 21:41
In part figured why $row was critically erroring. $con noted outside a function in mysql never failed. To have $con outside a function in mysqli it requires it be noted as a global. Otherwise $con has to be used inside the calling function. – Esoterica Mar 20 '13 at 22:19
1

Your code is very unclear and not organized - this is why it's hard to know what help you exactly need. anyway i suggest you use [mysqli_fetch_object](http://php.net/manual/en/mysqli-result.fetch-object.php) cause then you can access your fields directly. but first you have to check if $row is not null so make if($row){//your code...} – Adidi Mar 20 '13 at 23:17

score 0 · Answer 2 · answered Mar 20 '13 at 14:10

You have a few problems.

$con is declared outside the class, and is thus not available inside the class. You need to pass it into the class (the better option), or specify it as a global (the quick+dirty option).
mysqli_fetch_row(mysqli_query($con,'...'))
This code is obviously converted directly from your old mysql_xx() code, but it's not great.

You're ignoring any possible error condition that is returned by mysqli_query(). This means that if it fails, it'll pass false into the mysqli_fetch_row() function, which will then fail with a meaningless error expects parameter 1 to be mysqli_result, rather than actually telling you what the error was in the query.

The thing is, because of my first point above, with $con not being set, mysqli_query() is failing, and this is why you're getting the error in mysqli_fetch_row().

Ideally, you should split this code out into multiple lines. Call mysqli_query() on its own, then do some error checking, then call mysqli_fetch_row() only once you know that the query actually worked.

Hope that helps explain what the problems are here. Solve those two points, and you should be well on the way to sorting the whole thing out.

Once you've got rid of those fatal errors, you should also take time to work on the problem that your code is vulnerable to SQL injection attacks. You're currently passing your $_GET variables directly into the query strings without any sanitisation. This will make your system very fragile and easy to hack. You should consider using Parameterised Queries, which is a feature of the mysqli library designed to make it easier to deal with variables in SQL queries in a safe and secure way.

1. Take this code and remove the class structure. Then in call_user_func. Change MYsql::$func to just $func. Errors are without the class structure present. I forgot to remove it before uploading .. sorry. 2. The mysqli_query and mysqli_fetch_row were also elongated before. And did so again to check they still return the need for mysqli_result. See [link](http://stackoverflow.com/questions/7707949/get-as-parameters-in-php-) and look at best answer - call_user_func. — Esoterica, Mar 20 '13 at 20:53
$sql = "SELECT test_table.points FROM test_table WHERE test_table.key = '" . $key . "'"; $query = mysqli_query($con, $sql); $row = mysqli_fetch_row($query); Shows it still wanting mysqli_result. And have yet to figure how to handle that. In mysql it never needed me to submit anything more than what I had. In mysqli it requires it. — Esoterica, Mar 20 '13 at 21:01
Pushing $con into write function to test, along with its close. The code now works like it did in mysql. The odd bit is mysql never complained about $con being outside the function, then being called into it. The error had nothing to do now with mysqli_fetch_row or mysqli_query(). It was $con all along. So now will look for ways to keep $con how I have it. Outside the function. And call it as a global within it. Strangely enough looking through what you wrote and me playing around helped. So thanks. Could you suggest good ways to call $con as global. As it is now in my script. — Esoterica, Mar 20 '13 at 22:13

score -1 · Answer 3 · answered Mar 20 '13 at 13:39

-1

Your class is pointless at the moment, perhaps stick to writing imperative style code as it will at least be cleaner.

At the moment, you should pass $con to your MYsql class to use itself as a resource, not try to access it as a global variable.

Your are not filtering your user's input either, this is dangerous and could lead to SQL injection attacks on your site.

I'd encourage you to read through these two articles, and once you grok them, I'd also encourage you to simply switch to using PDO with prepared statements. This will stop SQL injection attacks that your code currently allows.

http://net.tutsplus.com/tutorials/php/pdo-vs-mysqli-which-should-you-use/ http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/

answered Mar 20 '13 at 13:39

Ivo

5,378
2
18
18

Class is only pointless because you only see a segment of it. Do not judge the effectivity of it based on segmentation. Stick to whats being shown. Another php I have is handling error checks, filterings and the like. I will however, be looking at PDO. – Esoterica Mar 20 '13 at 22:29
1

@Dan if you don't show complete, self-sufficient code (and if not- clearly label it as such!) then don't blame me for observing such! I am not a wizard that always knows when you are showing me a complete solution or not! I can only comment on what is shown. – Ivo Mar 21 '13 at 00:14

Problems with converting mysql over to mysqli errors with mysqli_query & mysqli_fetch_row

3 Answers3