Android Question Error in php to my sql connection

P

piyushvekariya025

Member
Licensed User
Longtime User
I got error when run php code while connecting to mysql. Please help me.

Error given below...
( ! ) Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given in C:\Program Files\Ampps\www\Piyush\test.php on line 21
Call Stack

( ! ) Warning: mysqli_free_result() expects parameter 1 to be mysqli_result, boolean given in C:\Program Files\Ampps\www\Piyush\test.php on line 26
Call Stack

my php script is given below

<?php

$databasehost = "localhost";
$databasename = "PiyushDB";
$databaseusername ="root";
$databasepassword = "Piyush@001";

$con = mysqli_connect($databasehost,$databaseusername,$databasepassword, $databasename) or die(mysqli_error($con));
mysqli_set_charset ($con , "utf8");
$query = file_get_contents("php://input");
$sth = mysqli_query($con, $query);

if (mysqli_errno($con)) {
header("HTTP/1.1 500 Internal Server Error");
echo $query.'\n';
echo mysqli_error($con);
}
else
{
$rows = array();
while($r = mysqli_fetch_assoc($sth)) {
$rows[] = $r;
}
$res = json_encode($rows);
echo $res;
mysqli_free_result($sth);
}
mysqli_close($con);
?>
 
Sort by date Sort by votes
Brandsum

Brandsum

Well-Known Member
Licensed User
piyushvekariya025 said:
I got error when run php code while connecting to mysql. Please help me.

Error given below...
( ! ) Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given in C:\Program Files\Ampps\www\Piyush\test.php on line 21
Call Stack

( ! ) Warning: mysqli_free_result() expects parameter 1 to be mysqli_result, boolean given in C:\Program Files\Ampps\www\Piyush\test.php on line 26
Call Stack

my php script is given below

<?php

$databasehost = "localhost";
$databasename = "PiyushDB";
$databaseusername ="root";
$databasepassword = "Piyush@001";

$con = mysqli_connect($databasehost,$databaseusername,$databasepassword, $databasename) or die(mysqli_error($con));
mysqli_set_charset ($con , "utf8");
$query = file_get_contents("php://input");
$sth = mysqli_query($con, $query);

if (mysqli_errno($con)) {
header("HTTP/1.1 500 Internal Server Error");
echo $query.'\n';
echo mysqli_error($con);
}
else
{
$rows = array();
while($r = mysqli_fetch_assoc($sth)) {
$rows[] = $r;
}
$res = json_encode($rows);
echo $res;
mysqli_free_result($sth);
}
mysqli_close($con);
?>
Click to expand...
If you run a mysql query and it fails then it will return false instead of mysql result. So before calling mysqli_fetch_assoc check if the result variable is false or not. If you get false then you can check the error by calling mysqli_error($con). It is recommended to google it when you get any php error. You will get the solution faster.
 
Upvote 0
P

piyushvekariya025

Member
Licensed User
Longtime User
Erel said:
Why aren't you using jRDC2? It will be simpler, with better performance and much more powerful.
Click to expand...
Hi Erel, Thank you for replying me. I am new in Android. I have developed an app in which database is on 'Go daddy web server'. I saw jRDC2 tutorial. In this tutorial only this sever is running on B4J. Now my question is that how this jRDC2 server is implemented on it.
 
Upvote 0
nwhitfield

nwhitfield

Active Member
Licensed User
Longtime User
Most likely, there's something wrong in the SQL, which is causing the query to fail, and return false. Remember things like column names are case sensitive.

Also, your script is at heart a security catastrophe waiting to happen. What's to stop someone just POSTing 'DELETE FROM users' or something equally destructive?

If you're accepting input from elsewhere, you should use pre-prepared queries, or at the very least escape data before it goes anywhere near the database. Think what you're wanting to do, and consider an approach more like an API, eg include in the POST command a parameter that says what you want, and other options to specify parameters. For instance:

B4X: 
<?php

// set up the database as $mydb; using mysqli here, and object methods
$mydb = new mysqli('localhost','userName','password','database') ;
$mydb->query('set names utf8mb4') ;

$action = strtolower($_POST['ACTION']) ;

switch ( $action ) {
  case 'getall' :
    $query = "SELECT * FROM clients" ;
    break ; 

  case 'getbyname' :
    $query = sprintf("SELECT * FROM clients WHERE name = '%s'",$mydb->real_escape_string($_POST['NAME']) ;
    break ;
}

$result = $mydb->query($query) ; 
// check for an error, if you wish, here, then get the results:

$data = array() ;

while ( $r = $result->fetch_assoc() ) {
  $data[] = $r ;
}

header('Content-Type: application/json; charset=utf-8') ;
print json_encode($data) ;

?>

I'd also seriously consider implementing some sort of security, even as simple as requiring an api key, without which no results will be returned.
 
Upvote 0
You must log in or register to reply here.
Top