PHP MySQL fetch_array error (boolian given)

Question

i'm currently working on a user profile page. The code should get the username from the URL with the $_GET function. But when I want to echo this data it gives a weird error,

( ! ) Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\wamp\www\pvp\user.php on line 22
Call Stack
#   Time    Memory  Function    Location
1   0.0010  675120  {main}( )   ..\user.php:0
2   0.0111  697392  mysql_fetch_array ( )   ..\user.php:22

This is the code:

require 'includes/connection.php';
require 'includes/common.php';
if (empty($_SESSION['user'])) {
    echo '<a href="login.php">login here</a> to view this profile!';
}
else {
    echo 'you are logged in!';
    if (isset($_GET['user'])) {
        $user = $_GET['user'];
        echo $user;
        $query = "SELECT * FROM  `users`  WHERE username = $_GET[user]";
        $result = mysql_query($query);
        $post = mysql_fetch_array($result);
    }
    else {
        echo 'No user selected';
    }
}

What am I doing wrong?? Please help me out thanks

See [this answer](http://stackoverflow.com/a/11674313/250259) for help on how to troubleshoot this — John Conde, Aug 24 '13 at 15:30
maybe on this line `$_GET[user]` you forget single quotes `$_GET['user']` — Black Sheep, Aug 24 '13 at 15:31
You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use [a modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are also **vulnerable to** [**SQL injection attacks**](http://bobby-tables.com/) that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. — DCoder, Aug 24 '13 at 15:51

score 2 · Answer 1 · answered Aug 24 '13 at 15:34

2

It's clear that, there is my error with your query, so print out your mysql error before

$user=$_GET['user'];
$query = "SELECT * FROM  `users`  WHERE username = '$user'";
$result = mysql_query($query) or die(" DB Error:".mysql_error());

answered Aug 24 '13 at 15:34

Ajmal M Sali

608
6
14

score 0 · Answer 2 · answered Aug 24 '13 at 15:31

0

try this

   $myvar = mysql_real_escape_string($_GET['user'])
 $query = "SELECT * FROM  `users`  WHERE username = '".$myvar."'  ";

you should escape your variable before using it.

answered Aug 24 '13 at 15:31

echo_Me

36,552
5
55
77

score 0 · Answer 3 · answered Aug 24 '13 at 15:40

The php doc : mysql_query() returns a resource on success, or FALSE on error. If you got a boolean and not a resource, that means you have an error.

Check your query string : $query = "SELECT * FROM users WHERE username = ".$user; here is the problem.

if username is a string, add the quotes ('your string var') : $query = "SELECT * FROM users WHERE username = '".$user."';

score 0 · Answer 4 · answered Aug 24 '13 at 15:45

the second parameter of the mysql_query() is the connection resourse

you must have defined a connection variable while making connection in 'includes/connection.php' like this :

$conn=mysql_connect('host','user','password');

you have to place that variable in

$result=mysql_query($query,$conn);

score 0 · Answer 5 · answered Aug 24 '13 at 15:53

0

When username is a string u have to use quotes .

$query = "SELECT * FROM users WHERE username = '".$userName."' ";

Since your query is wrong mysql_fetch_array gets a empty result so it throws an error. !

answered Aug 24 '13 at 15:53

Arun Kumar M

848
9
14

PHP MySQL fetch_array error (boolian given)

5 Answers5