1. 首頁
  2. 問答
  3. 警告:mysql_fetch_assoc():提供的參數不是PHP中的有效MySQL結果資源?

警告:mysql_fetch_assoc():提供的參數不是PHP中的有效MySQL結果資源?

2013-02-16 114 views
-4

我保證,這將是今天的最後一個問題。但是,我得到了一個錯誤「警告:mysql_fetch_assoc():提供的參數不是在/home/a1014025/public_html/practice/cart/cart.php一個有效的MySQL結果資源上線58」與此代碼:警告:mysql_fetch_assoc():提供的參數不是PHP中的有效MySQL結果資源?

<?php 
include('connect.php'); 
session_start(); 
?> 
<html> 
<head> 
    <title>Cart</title> 
    <link rel='stylesheet' href='css/main.css' /> 
</head> 
<body> 
    <?php 
    $page = 'index.php'; 

    if(isset($_GET['add'])){ 
     $add_id = $_GET['add']; 
     $quantity = mysql_query("SELECT id, quantity FROM products WHERE id='$add_id'"); 
     while($quantity_row = mysql_fetch_assoc($quantity)){ 
      if($quantity_row['quantity'] [email protected]$_SESSION['cart_'.$add_id]){ 
       @$_SESSION['cart_'.$_GET['add']]+='1'; 
       header('Location: index.php'); 
      } 
      else{ 
       header('Location: index.php?err=max'); 
      } 
     } 

    } 

    if(isset($_GET['remove'])){ 
     $_SESSION['cart_'.(int)$_GET['remove']]--; 
     header("Location: index.php"); 
    } 

    if(isset($_GET['delete'])){ 
     $_SESSION['cart_'.(int)$_GET['delete']]='0'; 
     header('Location: index.php'); 
    } 

    function products(){ 
     $get = mysql_query("SELECT id, name, description, price FROM products WHERE quantity > 0 ORDER BY id DESC"); 
     if(mysql_num_rows($get) == 0){ 
      echo "There are no products to display."; 
     } 
     else{ 
      while($get_row = mysql_fetch_assoc($get)){ 
       echo '<p>'.$get_row['name'].'<br />'.$get_row['description'].'<br />$'.$get_row['price'].' <a href="cart.php?add='.$get_row['id'].'">Add</a></p>'; 
      } 
     } 
    } 

    function paypal_items(){ 
     $num = 0; 
     foreach($_SESSION as $name => $value){ 
      if($value!=0){ 
       if(substr($name, 0, 5) == 'cart_'){ 
        $id = substr($name, 5, strlen($name)-5); 
        $get = mysql_query("SELECT id, name, price, shipping, shipping2 FROM products WHERE id=".$id); 
        while($get_row = mysql_fetch_assoc($get)){ 
         $num++; 
         echo '<input type="hidden" name="item_number_'.$num.'" value="'.$id.'">'; 
         echo '<input type="hidden" name="item_name_'.$num.'" value="'.$get_row['name'].'">'; 
         echo '<input type="hidden" name="amount_'.$num.'" value="'.$get_row['price'].'">'; 
         echo '<input type="hidden" name="shipping_'.$num.'" value="'.$get_row['shipping'].'">'; 
         echo '<input type="hidden" name="shipping2_'.$num.'" value="'.$get_row['shipping2'].'">'; 
         echo '<input type="hidden" name="quantity_'.$num.'" value="'.$value.'">'; 

        } 
       } 
      } 
     } 
    } 

    function cart(){ 
     $total = 0; 
     foreach($_SESSION as $name => $value){ 
      if($value>0){ 
       if(substr($name, 0, 5)=='cart_'){ 
        $id = substr($name, 5, strlen($name)-5); 
        $get = mysql_query("SELECT id, name, price FROM products WHERE id='$id'"); 
        while($get_row = mysql_fetch_assoc($get)){ 
         $sub = $get_row['price']*$value; 
         echo $get_row['name'].' x '.$value.' @ $'.number_format($get_row['price'], 2).' = $'.$sub.' <a href="cart.php?add='.$id.'">[+]</a> <a href="cart.php?remove='.$id.'">[-]</a> <a href="cart.php?delete='.$id.'">[Delete]</a><br />'; 
        } 
       } 
       $total += $sub; 
      } 
     } 
     if($total==0){ 
      echo "You cart is empty."; 
     } 
     else{ 
      echo "<p>Checkout with PayPal for your $".$total." total.</p>"; 
      ?> 
      <form action="https://www.paypal.com/cgi-bin/webscr" method="post"> 
      <input type="hidden" name="cmd" value="_cart"> 
      <input type="hidden" name="upload" value="1"> 
      <input type="hidden" name="business" value="[email protected]"> 
      <?php paypal_items(); ?> 
      <input type="hidden" name="currency_code" value="USD"> 
      <input type="hidden" name="amount" value="<?php echo $total; ?>"> 
      <input type="image" src="http://www.paypal.com/en_US/i/btn/x-click-but03.gif" name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> 
      </form> 
      <?php 

     } 
    } 

    ?> 
</body>

來源

2013-02-16 WorldxFree

+0

您是否考慮在Google上搜索您的問題? http://i.imgur.com/2YxuPMi.png – 2013-02-16 01:05:26

+0

是的,但我沒有找到任何東西,所以我來到這裏。 – WorldxFree 2013-02-16 01:06:11

+0

請再次搜索https://www.google.com/search?q=Warning%3A+mysql_fetch_assoc()%3A+supplied+argument+is+not+a+valid+MySQL+result+resource – 2013-02-16 01:07:01

回答

-1

看起來你必須在57號線的SQL錯誤 - 你的id的值應該是在引號:

$get = mysql_query("SELECT id, name, price, shipping, shipping2 FROM products WHERE id='".$id."'");

你可以有自動PHP報告中使用or

$get = mysql_query(...) or die(mysql_error());

順便說一句,你真的應該在提交之前清理你的查詢。無論何時將變量傳遞給SQL語句,都可以使用mysql_real_escape_string來防止SQL注入。

來源

2013-02-16 01:14:37

+1

'mysql_real_escape_string'將**不會**阻止SQL注入。 OP需要使用參數化語句。此外,'id'確實不**需要引號或轉義。 – Kermit 2013-02-16 01:17:53

0

請停止壓縮腳本中的錯誤。

@$_SESSION['cart_'.$_GET['add']]+='1';

啓用錯誤報告,讓您更好地瞭解腳本中的問題。

線58的代碼點:

57 $get = mysql_query("SELECT id, name, price, shipping, shipping2 FROM products WHERE id=".$id); 
58 while($get_row = mysql_fetch_assoc($get)){ 
    ...

由於您使用的函數內mysql_資源,連接是最有可能超出範圍。您必須將連接傳遞給函數或全局化連接。

function paypal_items($conn){

或者

function paypal_items(){ 
    global $conn;

我在你的previous question提到它,你似乎忽略它;您的腳本容易受到SQL注入的影響。我強烈催促你瞭解這是什麼,解決它並移動到mysqli_PDO

來源

2013-02-16 01:25:50 Kermit

 相關問題

  • 暫無相關問題^_^