-1

I trying to but this code into my page

<?php
 include'../../includes/config.php';
mysqli_query($con, 'UPDATE action SET watch = watch+1 WHERE title = $title ');
?>

I getting this error

Catchable fatal error: Object of class mysqli could not be converted to string in

The problem is with $con variable because when I delete it the problem is done.

Please help me and forgive me for the spelling because I am Arabic.

chris85
  • 23,846
  • 7
  • 34
  • 51
Dev To Give
  • 73
  • 8
  • You are using the wrong quotes. Should be doubles quotes so variable is interpreted as such. http://stackoverflow.com/questions/3446216/what-is-the-difference-between-single-quoted-and-double-quoted-strings-in-php – chris85 Jun 30 '15 at 23:48
  • please be more visible and give me the solve – Dev To Give Jun 30 '15 at 23:55
  • The issue I'm referring to may not be your issue but it will be an issue in the future. You query should be, `"UPDATE action SET watch = watch + 1 WHERE title = '$title'"`. The title needs to be in quotes because it is a string in SQL and the query needs to be in double quotes so the variable is interpreted. – chris85 Jun 30 '15 at 23:58
  • Where is `$con` defined? – chris85 Jul 01 '15 at 00:03
  • I figured that much what does it look? Like this `$con = mysqli_connect(.....`? Do you check for errors on the connecting? – chris85 Jul 01 '15 at 00:08
  • $con=mysqli_connect("host","db","pass"); – Dev To Give Jul 01 '15 at 00:18
  • the last code is in varible its look like $content = " "; – Dev To Give Jul 01 '15 at 00:20
  • Does this connection work else where? – chris85 Jul 01 '15 at 00:21
  • i'd sure like to know how this ends `Catchable fatal error: Object of class mysqli could not be converted to string in` but I have my own reason why your code's failing. – Funk Forty Niner Jul 01 '15 at 00:23

1 Answers1

1

I'm not sure if you solved this or not, but I'm submitting the following answer just in case.

This query is failing for a few reasons.

mysqli_query($con, 'UPDATE action SET watch = watch+1 WHERE title = $title ');
                           ^^^^^^                                   ^^^^^^

Firstly, you're using a MySQL reserved word called "action", then $title stands at being a string.

You need to wrap the "action" column name in ticks and $title in quotes, and possibly escaping that data should it contain anything that MySQL will complain about, such as apostrophes for instance.

I.e.:

$title = mysqli_real_escape_string($con, $title);
mysqli_query($con, "UPDATE `action` SET watch = watch+1 WHERE title = '$title' ");

Then in comments you added $con=mysqli_connect("host","db","pass");

The syntax is:

  • host
  • username
  • password (if one is required)
  • database

References:

Procedural style example, from the manual:

<?php
$link = mysqli_connect('localhost', 'my_user', 'my_password', 'my_db');

if (!$link) {
    die('Connect Error (' . mysqli_connect_errno() . ') '
            . mysqli_connect_error());
}

echo 'Success... ' . mysqli_get_host_info($link) . "\n";

mysqli_close($link);
?>

Add or die(mysqli_error($con)) to mysqli_query().

Add error reporting to the top of your file(s) which will help find errors.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// rest of your code

Sidenote: Error reporting should only be done in staging, and never production.

If you want to check if your query was truly successful, use affected_rows().

However, your present code is open to SQL injection. Use prepared statements, or PDO with prepared statements, they're much safer.

Footnotes:

  • It's unsure as to where/how the $title variable is defined as, but seeing a word as such, tells me it's most likely a string and you may need to elaborate on that.
Community
  • 1
  • 1
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141