I have fixed this, there was a problem in the clean function and a few other little errors, thankyou for all your help.
I seem to have a problem with my PHP Code. I keep getting the errors:
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given
Warning: mysql_num_rows() expects parameter 1 to be resource, string given
public function __construct() {
global $db, $core;
$this->sessionID = $core->encrypt(session_id());
$sessionQuery = $db->query("SELECT * FROM sessions WHERE `session_id` = '{$this->sessionId}'");
$sessionRow = $db->assoc($sessionQuery);
if($db->num($sessionQuery) > 0) {
$userQ = $db->query("SELECT * FROM users WHERE id = '{$sessionRow['user_id']}'");
$this->loggedIn = true;
$this->userData = $db->assoc($userQ);
}
}
}
$user = new User();
?> <br /><br />
You're passing $this->sessionId
instead of $this->sessionID
to the query. Note the difference in capitalization.
$sessionQuery
is not a valid mysql resource because you are passing the wrong variable in query hence query got failed.
I would suggest to handle mysql error to avoid this type of warnings.
You are storing session id in $this->sessionID
and using the $this->sessionId
in query
it should be
$db->query("SELECT * FROM sessions WHERE `session_id` = '{$this->sessionID}'");
public function __construct() {
global $db, $core;
$this->sessionID = $core->encrypt(session_id());
$sessionQuery = $db->query("SELECT * FROM sessions WHERE `session_id` = '{$this->sessionID}'");
if($sessionQuery){ // newly added line
$sessionRow = $db->assoc($sessionQuery);
if($db->num($sessionQuery) > 0) {
$userQ = $db->query("SELECT * FROM users WHERE id = '{$sessionRow['user_id']}'");
$this->loggedIn = true;
$this->userData = $db->assoc($userQ);
}
} // newly added line
}
}
$user = new User();
This happens when there is a syntax error in your query. Please confirm that your query has no syntax errors by running the query in PhpMyAdmin.
Also you should make sure that PHP is set to report warnings
http://php.net/manual/en/function.error-reporting.php
You can check your connection for errors programmatically using mysql_error
http://php.net/manual/en/function.mysql-error.php
Check for errors after you've created your connection and after every query you run. The resource object is only false
if there was a syntax error in your query, and it is easily identifiable by using mysql_error
You are passing the entire SQL string to mysql_real_escape_string
in your clean
function (which for some reason you deleted from your question).
This causes the passed single quotes to be escaped which results in a malformed SQL string which results in FALSE being returned, instead of a valid resource.
$sessionQuery = $db->query("SELECT * FROM sessions WHERE `session_id` = '{$this->sessionId}'");
public function query($string) {
global $core;
$string = $core->clean($string);
return mysql_query($string);
}
public function clean($string, $fordb = true) {
if(is_array($string)) {
foreach($string as $key => $value) {
$string[$key] = $this->clean($value, $fordb);
}
return $string;
} else {
$string = trim($string);
$input = htmlentities($input, ENT_COMPAT);
if($fordb == true) {
$string = mysql_real_escape_string($string);
return $string;
}
}
}
精彩评论