0
我收到此錯誤信息獲取:有問題,從數據庫
Warning: mysql_fetch_assoc() expects parameter 1 to be resource, string given in C:\wamp\www\dev\includes\class\class_db_mysql.php on line 67
Call Stack
# Time Memory Function Location
1 0.0030 343136 {main}() ..\edit.php:0
2 0.0103 437760 database->fetch_row() ..\edit.php:380
3 0.0103 437808 mysql_fetch_assoc () ..\class_db_mysql.php:67
頁面代碼:
<?php
require_once 'includes/header.php';
$_GET['edit'] = abs((int) $_GET['edit']);
function item_dropdown1($connection,$ddname="item1",$selected=-1)
{
global $db;
$ret="<select name='$ddname' type='dropdown'>";
$q=$db->query("SELECT * FROM stock ORDER BY name ASC");
if($selected < 1) { $ret.="<option value='0' selected='selected'>-- None --</option>"; }
else { $ret.="<option value='0'>-- None --</option>"; }
while($r1=$db->fetch_row($q))
{
$ret.="\n<option value='{$r1['id']}'";
if ($selected == $r1['id']) { $ret.=" selected='selected'";$first=1; }
$ret.=">{$r1['name']} For {$r1['cat']} > {$r1['subcat']}</option>";
}
$ret.="\n</select>";
return $ret;
}
$q1=$db->query("SELECT * FROM repairs WHERE r_id={$_GET['edit']}");
$selnotes=$db->query("SELECT * FROM notes WHERE linkedtoid={$_GET['edit']}");
$selparts=$db->query("SELECT * FROM usedparts WHERE binded_to={$_GET['edit']}");
$fq=$db->fetch_row($q1);
$fname = mysql_real_escape_string(strip_tags($_POST['first_name']));
$lname = mysql_real_escape_string(strip_tags($_POST['last_name']));
$email = mysql_real_escape_string(strip_tags($_POST['email']));
$cno = mysql_real_escape_string(strip_tags($_POST['contact_no']));
$fault = mysql_real_escape_string(strip_tags($_POST['fault']));
$make = mysql_real_escape_string(strip_tags($_POST['make']));
$device = mysql_real_escape_string(strip_tags($_POST['device']));
$model = mysql_real_escape_string(strip_tags($_POST['model']));
$price = mysql_real_escape_string(strip_tags($_POST['price']));
$notes = mysql_real_escape_string(strip_tags($_POST['notes']));
$status = mysql_real_escape_string(strip_tags($_POST['status']));
$posted = mysql_real_escape_string(strip_tags($_POST['posted']));
$partsfitted = $_POST['pf'];
if (isset($_POST['posted']) == 'TRUE') {
$db->query("UPDATE repairs SET r_oem='$make', r_device='$device', r_mod='$model', r_reserve='$fault', r_price='$price', r_notes='$notes', rc_fname='$fname', rc_lname='$lname', rc_email='$email', rc_contactno='$cno', rc_status='$status' WHERE r_id='{$_GET['edit']}'");
if ($partsfitted == 1) {
$db->query("UPDATE repairs SET rc_status=3 WHERE r_id='{$_GET['edit']}'");
if ($fq['part1id']) {
$item1=$fq['part1id'];
$db->query("UPDATE stock SET commited=commited-1, totalused=totalused+1 WHERE id='$item1'");
$db->query("UPDATE repairs SET part1id=0 WHERE r_id='{$_GET['edit']}' ");
}
if ($fq['part2id']) {
$item2=$fq['part2id'];
$db->query("UPDATE stock SET commited=commited-1, totalused=totalused+1 WHERE id='$item2'");
$db->query("UPDATE repairs SET part2id=0 WHERE r_id='{$_GET['edit']}' ");
}
if ($fq['part3id']) {
$item3=$fq['part1id'];
$db->query("UPDATE stock SET commited=commited-1, totalused=totalused+1 WHERE id='$item3'");
$db->query("UPDATE repairs SET part3id=0 WHERE r_id='{$_GET['edit']}' ");
}
if ($fq['part4id']) {
$item4=$fq['part1id'];
$db->query("UPDATE stock SET commited=commited-1, totalused=totalused+1 WHERE id='$item4'");
$db->query("UPDATE repairs SET part4id=0 WHERE r_id='{$_GET['edit']}' ");
}
if ($fq['part5id']) {
$item5=$fq['part1id'];
$db->query("UPDATE stock SET commited=commited-1, totalused=totalused+1 WHERE id='$item5'");
$db->query("UPDATE repairs SET part5id=0 WHERE r_id='{$_GET['edit']}' ");
}
else {print "This item has already been marked as repaired";}
}
echo '<font color="green">OK</font> : Successfully UPDATED ID'; PRINT " {$_GET['edit']} <b>";
echo '</b><br />';
}
if(!$_GET['edit'])
{
// no profile defined. give list of last 100 entries in table..
print "Click a listing below to edit it.";
$qresults=$db->query("SELECT * FROM repairs order by r_id DESC LIMIT 100");
print "<table border=\"1\" cellspacing=\"1\" width=\"80%\"><tr style='background:lightblue'><th colspan=\"6\"><h3>Last 100 entries in descending order.</h3></th></tr>";
echo '<tr class="bgalt5"><th>First Name</th><th>Last Name</th><th>Phone No</th><th>Device</th><th>status</th><th>Edit/Delete</th></tr>';
while($qr=$db->fetch_row($qresults))
{
if ($alternate % 2 == 0){
echo "<tr class='bgalt1'>";
}
else{
echo "<tr class='bgalt3'>";
}
print "
<td>{$qr['rc_fname']}</td>
<td>{$qr['rc_lname']}</td>
<td>{$qr['rc_contactno']}</td>
<td>{$qr['r_oem']} > {$qr['r_device']} > {$qr['r_mod']}</td>
<td>";
if ($qr['rc_status'] == 1) {echo 'Received';}
else if ($qr['rc_status'] == 2) {echo 'Part Waiting';}
else if ($qr['rc_status'] == 3) {echo 'Complete';}
else if ($qr['rc_status'] == 4) {echo 'Beyond Repair';}
else if ($qr['rc_status'] == 5) {echo 'In Progress';}
else {echo 'Error: Status value is not a expected/possible value.';}
print"</td><td><a href=\"edit.php?edit={$qr['r_id']}\"><font color=\"green\">Edit</font></a> | <a href=\"delete.php?del={$qr['r_id']}\"><font color=\"red\">X</font></a></tr>";
$alternate++;
}
print "<table>";
}
else
{
if($db->num_rows($q1) == 0)
{
print "Sorry, we could not find a repair with that ID, check your source.";
}
if($db->num_rows($q1) == 1)
{
print "<fieldset>
<script>
function ins_apple(){
var text = \"Apple\";
document.forms.edit.make.value = text;
}
function ins_microsoft(){
var text = \"Microsoft\";
document.forms.edit.make.value = text;
}
function isn_hp(){
var text = \"HP\";
document.forms.edit.make.value = text;
}
function ins_dell(){
var text = \"Dell\";
document.forms.edit.make.value = text;
}
function ins_samsung(){
var text = \"Samsung\";
document.forms.edit.make.value = text;
}
function ins_toshiba(){
var text = \"Toshiba\";
document.forms.edit.make.value = text;
}
function ins_asus(){
var text = \"Asus\";
document.forms.edit.make.value = text;
}
function ins_lenovo(){
var text = \"Lenovo\";
document.forms.edit.make.value = text;
}
function ins_iphone(){
var text = \"iPhone\";
document.forms.edit.device.value = text;
}
function ins_ipod(){
var text = \"iPod\";
document.forms.edit.device.value = text;
}
function ins_ipad(){
var text = \"iPad\";
document.forms.edit.device.value = text;
}
function ins_generic_tablet(){
var text = \"Generic Tablet\";
document.forms.edit.device.value = text;
}
</script>
<form name='edit' method='post'>
<input type=\"hidden\" name=\"posted\" value=\"TRUE\">
<table width =\"80%\" border=\"1\"><tr style='background:lightblue'><th colspan=\"4\"><h1>Editing record for {$fq['rc_fname']} {$fq['rc_lname']}</h1></th></tr><tr><td>
<tr class='bgalt1'><td><label for='name'>First Name:</label></td><td><input type='text' name='first_name' id=\"name\" value=\"{$fq['rc_fname']}\" /></td>
<td><label for='lname'>Last Name: </label></td><td><input type='text' id='lname' name='last_name' value=\"{$fq['rc_lname']}\" /></td></tr>
<tr class='bgalt3'><td><label for='email'>Email:</label></td><td> <input type='text' id='email' name='email' value=\"{$fq['rc_email']}\" /></td>
<td>Contact Number:</td><td><input type='text' name='contact_no' value=\"{$fq['rc_contactno']}\"/></td></tr>
<tr class='bgalt1'><td><label for='make'>Make: </label></td>
<td><input type='text' id='make' name='make' value=\"{$fq['r_oem']}\" /><br />
<input onclick='ins_apple()' type='button' value='Apple' id='button'>
<input onclick='ins_microsoft()' type='button' value='Microsoft' id='button'>
<input onclick='ins_hp()' type='button' value='HP' id='button'>
<input onclick='ins_dell()' type='button' value='Dell' id='button'><br />
<input onclick='ins_samsung()' type='button' value='Samsung' id='button'>
<input onclick='ins_toshiba()' type='button' value='Toshiba' id='button'>
<input onclick='ins_asus()' type='button' value='Asus' id='button'>
<input onclick='ins_lenovo()' type='button' value='Lenovo' id='button'>
</td><td>device: </td><td><input type='text' id= 'device' name='device' value=\"{$fq['r_device']}\" /><br />
<input onclick='ins_iphone()' type='button' value='iPhone' id='button'>
<input onclick='ins_ipod()' type='button' value='iPod' id='button'>
<input onclick='ins_ipad()' type='button' value='iPad' id='button'>
<input onclick='ins_generic_tablet()' type='button' value='Generic Tablet' id='button'>
</td></tr>
<tr class='bgalt3'><td>Model: </td><td><input type=\"text\" name=\"model\" value=\"{$fq['r_mod']}\"/></td><td>Price: </td><td><input type='text' name='price' value=\"{$fq['r_price']}\"'/></td></tr>
<tr class='bgalt1'><td>Fault</td><td><input type=\"text\" name=\"fault\" value=\"{$fq['r_reserve']}\" /></td><td>Notes: </td><td><input type=\"text\" name=\"notes\" value=\"{$fq['r_notes']}\" onfocus=\"if (this.value=='Add Notes') this.value='';\"/></td></tr>
<tr class='bgalt3'><td>Status: </td><td>";
if ($fq['rc_status'] == 1) {
echo'<select name="status" value="options">
<option value="1">Received</option>
<option value="2">Part Waiting</option>
<option value="3">Complete</option>
<option value="4">Beyond Repair</option>
<option value="5">In Progress</option>
</SELECT>';
}
else if ($fq['rc_status'] == 2) {
echo'<select name="status" value="options">
<option value="2">Part Waiting</option>
<option value="1">Received</option>
<option value="3">Complete</option>
<option value="4">Beyond Repair</option>
<option value="5">In Progress</option>
</SELECT>';
}
else if ($fq['rc_status'] == 3) {
echo'<select name="status" value="options">
<option value="3">Complete</option>
<option value="1">Received</option>
<option value="2">Part Waiting</option>
<option value="4">Beyond Repair</option>
<option value="5">In Progress</option>
</SELECT>';
}
else if ($fq['rc_status'] == 4) {
echo'<select name="status" value="options">
<option value="4">Beyond Repair</option>
<option value="1">Received</option>
<option value="2">Part Waiting</option>
<option value="3">Complete</option>
<option value="5">In Progress</option>
</SELECT>';
}
else if ($fq['rc_status'] == 5) {
echo'<select name="status" value="options">
<option value="5">In Progress</option>
<option value="1">Received</option>
<option value="2">Part Waiting</option>
<option value="3">Complete</option>
<option value="4">Beyond Repair</option>
</SELECT>';
}
// error with status code. Use default
else {echo'<select name="status" value="options">
<option value="1">Received</option>
<option value="2">Part Waiting</option>
<option value="3">Complete</option>
<option value="4">Beyond Repair</option>
<option value="5">In Progress</option>
</SELECT>';}
print "</td><td><input type=\"checkbox\" name=\"pf\" value=\"1\"> Parts Fitted?</td><td colspan=\"1\"><input type='submit' value='Edit Record' /></form></td></tr>
</table></fieldset>";
// now the notes
if (isset($_GET['notedel'])) {
$selnotestodel=$db->query("SELECT * FROM notes WHERE id={$_GET['notedel']}");
if (mysql_num_rows($selnotestodel)) {
$db->query("DELETE FROM notes WHERE id='{$_GET['notedel']}'");
//print "<div style='background:lightgreen; width:150px'><p><strong>Notes Was Successfully Deleted!</strong></p></div>";
print "<script>alert('Note Deleted Successfully');</script>";
header("location: edit.php?edit={$fq['r_id']}");
}
else
{
print "<div style='background:#FF9494; width:150px'><p><strong>Sorry the note you are trying to delete doesn't appear to exist...</strong></p></div>";
}
}
if (isset($_POST['n_csumbit'])) {
$nsubject = mysql_real_escape_string($_POST['n_subj']);
$nnote = mysql_real_escape_string($_POST['n_comments']);
$npby = mysql_real_escape_string($_POST['n_by']);
$db->query("INSERT INTO notes (linkedtoid, subject, note, postedby) VALUES('{$_GET['edit']}','$nsubject','$nnote','$npby')");
// print "<div style='background:lightgreen; width:150px'><p>Notes Added Successfully.<br /> Added by: {$_POST['n_by']}</p></div>";
print "<script>alert('Note added Successfully');</script>";
header("Refresh: 0;");
}
print "<hr /><center><h2>Detailed Notes:</h2></center>
<table width =\"80%\" border=\"1\"><tr style='background:lightblue'><th>Time</th><th>Subject</th><th>Comment</th><th>Made By</th><th>Actions</th></tr>";
if ($db->num_rows($selnotes)) {
while ($nts=$db->fetch_row($selnotes)) {
if ($alternate % 2 == 0){
echo "<tr class='bgalt1'>";
}
else{
echo "<tr class='bgalt3'>";
}
$mysqldate = date('d/m/Y H:i:s', $nts['time']);
print "
<td width='10%'>
{$nts['time']}
</td><td width='25$'>
{$nts['subject']}
</td><td width='55%'>
{$nts['note']}
</td><td width='5%'>
{$nts['postedby']}
</td><td width='5%'>
<a href='edit.php?edit={$_GET['edit']}¬edel={$nts['id']}' title='Delete Note'><font color=red><b>X</b></font></a>
</td></tr>
";
$alternate++;
}
}
else {
print "<tr class='bgalt4'><td colspan='5'><center><b>No notes on this repair</b></center></td></tr>";
}
print "
<form name='n_commentspost' method='post'><fieldset>
<input type=\"hidden\" name=\"n_csumbit\" value=\"1\">
<tr class='bgalt5'><th colspan='5'>Add New Note</th></tr>
<tr class='bgalt5'>
<td>
Subject
</td>
<td>
Comments
</td>
<td>
Made By
</td>
<td colspan='2'>
Submit
</td>
</tr>
<tr class='bgalt1'>
<td>
<input type=\"text\" name=\"n_subj\"/>
</td>
<td>
<textarea name=\"n_comments\"></textarea>
</td>
<td>
<select name=\"n_by\" value=\"options\">
<option value=\"Jon\">Jon</option>
<option value=\"Jason\">Jason</option>
<option value=\"Clodagh\">Clodagh</option>
</select>
</td>
<td colspan='2'>
<input type='submit' value='Add Note' />
</td>
</tr>
</form></fieldset>
";
print "</table>";
if (isset($_GET['partdel'])) {
$selpartstodel=$db->query("SELECT * FROM usedparts WHERE id={$_GET['partdel']}");
if (mysql_num_rows($selpartstodel)) {
$db->query("DELETE FROM usedparts WHERE id='{$_GET['partdel']}'");
//print "<div style='background:lightgreen; width:150px'><p><strong>Notes Was Successfully Deleted!</strong></p></div>";
print "<script>alert('Part Deleted Successfully');</script>";
header("location: edit.php?edit={$fq['r_id']}");
}
else
{
print "<div style='background:#FF9494; width:150px'><p><strong>Sorry the part you are trying to delete doesn't appear to exist...</strong></p></div>";
}
}
if (isset($_POST['pa_csumbit'])) {
$name = mysql_real_escape_string($_POST['part_name']);
$linkedto = mysql_real_escape_string($_POST['n_comments']);
if (strlen($_POST['item']) > 1) {
$db->query("INSERT INTO usedparts (binded_to, part_name) VALUES('{$_GET['edit']}','{$_POST['item1']}')");
}
else {
$db->query("UPDATE repairs SET part1id={$_POST['item1']} WHERE r_id={$_GET['edit']}");
$db->query("UPDATE stock SET commited=commited+1, s_count=s_count-1 WHERE id={$_POST['item1']}");
$db->query("INSERT INTO usedparts (binded_to, part_name) VALUES('{$_GET['edit']}','$name')");
}
// print "<div style='background:lightgreen; width:150px'><p>Notes Added Successfully.<br /> Added by: {$_POST['n_by']}</p></div>";
print "<script>alert('part added Successfully');</script>";
header("Refresh: 0;");
}
print "<hr /><center><h2>Parts Used/Needed For This Job:</h2></center>
<table width =\"80%\" border=\"1\"><tr style='background:lightblue'><th>Part Name</th><th>Failed?</th><th>Actions</th></tr>";
if ($db->num_rows($selparts)) {
$partspart1=$db->query("SELECT * FROM stock WHERE id='{$pts['part_name']}'");
$partss=$db->fetch_row("$partspart1");
while ($pts=$db->fetch_row($selparts)) {
if ($alternate % 2 == 0){
echo "<tr class='bgalt1'>";
}
else{
echo "<tr class='bgalt3'>";
}
print "
<td width='60%'>";
print "{$partss['name']}";
print "
</td><td width='20%'>
{$pts['failed']}
</td><td width='20%'>
<a href='edit.php?edit={$_GET['edit']}&partdel={$pts['id']}' title='Delete Note'><font color=red><b>X</b></font></a>
</td></tr>
";
$alternate++;
}
}
else {
print "<tr class='bgalt4'><td colspan='3'><center><b>No parts used for this repair</b></center></td></tr>";
}
print "
<form name='parts_usedpost' method='post'><fieldset>
<input type=\"hidden\" name=\"pa_csumbit\" value=\"1\">
<tr class='bgalt5'><th colspan='5'>Add A Part</th></tr>
<tr class='bgalt5'>
<td>
Part
</td>
<td colspan='2'>
Submit
</td>
</tr>
<tr class='bgalt1'>
<td>
Part Name:<input type=\"text\" name=\"part_name\"/> or Part: ".item_dropdown1($c,'item1')."
</td>
<td colspan='2'>
<input type='submit' value='Add Part' />
</td>
</tr>
</form></fieldset>
";
print "</table>";
}
print "</div>";
}
?>
我不知道如何或者是有一個替代方法,但什麼我需要的是
取$_GET['edit']使用它檢查我的usedparts表,找到鏈接到id的使用部分。然後需要顯示它們。爲什麼這部分,只有那部分不工作?
我不需要人告訴我「這應該驗證」或這是不安全的。它在本地網絡中的白名單上運行。安全不是問題。
編輯:我已經克服了mysql_fetch_assoc錯誤。現在我的問題是我剛剛實現...
如果他們使用下拉,part_name保存爲id。 如果他們輸入一個新的項目名稱,而不是現有的名稱,它是文本。
如何檢查part_name是否爲int或文本,如果它是一個int,我需要使用該int作爲id從庫存表中獲取庫存項目的名稱。然後從該行獲得其名稱。如果它的文本我只想按原樣輸出文本。我該如何檢查一下是否是int,並且做一些差異化的事情。
preg_match會合適嗎?
也許你應該檢查的mysql_query返回一個錯誤。像'die(mysql_error());' – majidarif
'安全不是問題',這是我聽過的糟糕/懶惰的編碼實踐的最大藉口....如果你習慣於使用這個藉口,你會在有一天有用的地方使用它......並且你從未聽說過一個不滿意的員工? –
即時通訊跳過這一段,我有可能盲目試圖找到什麼開始和停止。嘗試並將代碼減少到實際問題。 –