Click here to Skip to main content
15,868,101 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
hello I need some help with my code to fixthis error of mysqli_num_rows() expects parameter 1 to be mysqli_result PLEASE HELP !
here is my code to display my data in a live search with ajax
PHP
<pre>
<?php

include("config.php");
if(isset($_POST['input'])){

    $input = $_POST['input']; 

    $query = "SELECT * FROM wheat_genes WHERE Gene_Name LIKE '{$input}%' OR Gene_id LIKE '{$input}%' OR Gene_Annotation '{$input}%' OR Gene_Regulation LIKE '{$input}%'"; 

    $result = mysqli_query($con, $query); 
    
    if(mysqli_num_rows($result)>0){?>
        <table class="table table-bordered table-striped mt-4">
            <thead>
                 <tr>
                    <th>ID</th>
                    <th>Gene_id</th>
                    <th>Gene_Name</th>
                    <th>Gene_Annotation</th>
                    <th>Gene_Regulation</th>
                    <th>CDS</th>
                    <th>Primer_R</th>
                    <th>Primer_F</th>
                    <th>CG%</th>
                    <th>Compelet_seqence</th>
                 </tr>
            </thead>
            <tbody>
                <?php
                while($row=mysqli_fetch_assoc($result)){
                    $id = $row["ID"];
                    $Gene_id= $row["Gene_id"];
                    $Gene_Name = $row["Gene_Name"];
                    $Gene_Annotation = $row["Gene_Annotation"];
                    $Gene_Regulation = $row["Gene_Regulation"];
                    $CDS = $row["CDS"];
                    $Primer_R = $row["Primer_R"];
                    $Primer_F = $row["Primer_F"];
                    $CG = $row["CG%"];
                    $Compelet_seqence = $row["Compelet_seqence"];

                }
                ?>
                <tr>
                    <td><?php echo $ID ;?></td>
                    <td><?php echo $Gene_id ;?></td>
                    <td><?php echo $Gene_Name ;?></td>
                    <td><?php echo $Gene_Annotation ;?></td>
                    <td><?php echo $Gene_Regulation ;?></td>
                    <td><?php echo $CDS ;?></td>
                    <td><?php echo $Primer_R ;?></td>
                    <td><?php echo $Primer_F ;?></td>
                    <td><?php echo $CG ;?></td>
                    <td><?php echo $Compelet_seqence ;?></td>

                
                </tr>

            </tbody>
        </table>
        <?php
    

    }else{
        echo "<h4 class='text-danger text-center mt-3'>No data Found</h4>";
    }
    
};
?>    


What I have tried:

PHP
<pre><?php

include("config.php");
if(isset($_POST['input'])){

    $input = $_POST['input']; 

    $query = "SELECT * FROM wheat_genes WHERE Gene_Name LIKE '{$input}%' OR Gene_id LIKE '{$input}%' OR Gene_Annotation '{$input}%' OR Gene_Regulation LIKE '{$input}%'"; 

    $result = mysqli_query($con, $query); 
    
    if(mysqli_num_rows($result)>0){?>
        <table class="table table-bordered table-striped mt-4">
            <thead>
                 <tr>
                    <th>ID</th>
                    <th>Gene_id</th>
                    <th>Gene_Name</th>
                    <th>Gene_Annotation</th>
                    <th>Gene_Regulation</th>
                    <th>CDS</th>
                    <th>Primer_R</th>
                    <th>Primer_F</th>
                    <th>CG%</th>
                    <th>Compelet_seqence</th>
                 </tr>
            </thead>
            <tbody>
                <?php
                while($row=mysqli_fetch_assoc($result)){
                    $id = $row["ID"];
                    $Gene_id= $row["Gene_id"];
                    $Gene_Name = $row["Gene_Name"];
                    $Gene_Annotation = $row["Gene_Annotation"];
                    $Gene_Regulation = $row["Gene_Regulation"];
                    $CDS = $row["CDS"];
                    $Primer_R = $row["Primer_R"];
                    $Primer_F = $row["Primer_F"];
                    $CG = $row["CG%"];
                    $Compelet_seqence = $row["Compelet_seqence"];

                }
                ?>
                <tr>
                    <td><?php echo $ID ;?></td>
                    <td><?php echo $Gene_id ;?></td>
                    <td><?php echo $Gene_Name ;?></td>
                    <td><?php echo $Gene_Annotation ;?></td>
                    <td><?php echo $Gene_Regulation ;?></td>
                    <td><?php echo $CDS ;?></td>
                    <td><?php echo $Primer_R ;?></td>
                    <td><?php echo $Primer_F ;?></td>
                    <td><?php echo $CG ;?></td>
                    <td><?php echo $Compelet_seqence ;?></td>

                
                </tr>

            </tbody>
        </table>
        <?php
    

    }else{
        echo "<h4 class='text-danger text-center mt-3'>No data Found</h4>";
    }
    
};
?>    
Posted
Updated 15-May-22 13:12pm
Comments
Richard Deeming 16-May-22 4:45am    
Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation/interpolation to build a SQL query. ALWAYS use a parameterized query.
PHP: SQL Injection - Manual[^]
Member 15636942 20-May-22 8:11am    
i didn't understand please can u fix the problem?
Richard Deeming 20-May-22 8:40am    
Your lack of understanding is not a problem I can fix.

Read the links I posted, and then fix the critical security vulnerability in your code.

1 solution

Look at the message: mysqli_num_rows() expects parameter 1 to be mysqli_result, bool given.
What is parameter 1? It's $result.
Now go and read the PHP documentation of mysqli_query and you'll see why it might return false, which is a bool value, instead of a mysqli_result.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900