I'm trying to Integrate HTML Purifier http://htmlpurifier.org/ to filter my user submitted data but I get the following error below. And I was wondering how can I fix this problem?
I get the following error.
on line 22: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given
line 22 is.
if (mysqli_num_rows($dbc) == 0) {
Here is the php code.
if (isset($_POST['submitted'])) { // Handle the form.
require_once '../../htmlpurifier/library/HTMLPurifier.auto.php';
$config = HTMLPurifier_Config::createDefault();
$config->set('Core.Encoding', 'UTF-8'); // replace with your encoding
$config->set('HTML.Doctype', 'XHTML 1.0 Strict'); // replace with your doctype
$purifier = new HTMLPurifier($config);
$mysqli = mysqli_connect("localhost", "root", "", "sitename");
$dbc = mysqli_query($mysqli,"SELECT users.*, profile.*
FROM users
INNER JOIN contact_info ON contact_info.user_id = users.user_id
WHERE users.user_id=3");
$about_me = mysqli_real_escape_string($mysqli, $purifier->purify($_POST['about_me']));
$interests = mysqli_real_escape_string($mysqli, $purifier->purify($_POST['interests']));
if (mysqli_num_rows($dbc) == 0) {
$mysqli = mysqli_connect("localhost", "root", "", "sitename");
$dbc = mysqli_query($mysqli,"INSERT INTO profile (user_id, about_me, interests)
VALUES ('$user_id', '$about_me', '$interests')");
}
if ($dbc == TRUE) {
$dbc = mysqli_query($mysqli,"UPDATE profile
SET about_me = '$about_me', interests = '$interests'
WHERE user_id = '$user_id'");
echo 'Your changes have been saved!
';
}
if (!$dbc) {
// There was an error...do something about it here...
print mysqli_error($mysqli);
return;
}
}
Answer
$dbc
is returning false. Your query has an error in it:
SELECT users.*, profile.* --You do not join with profile anywhere.
FROM users
INNER JOIN contact_info
ON contact_info.user_id = users.user_id
WHERE users.user_id=3");
The fix for this in general has been described by Raveren.
No comments:
Post a Comment