Mysqli echo problem!

Hi!

So I just started to work with Mysqli and trying to output a normal echo which is no problem at all with mysql but adding an “i” and a connection variable didn’t cut it with this for some reason.
What I simply want to do is if a value is more than 0 I want to gather the information and simply echo it out.

Here is my php code:

<?php include 'session_check.php'; ?>
<?php
//Parse the form data and add inventory item to system.
if (isset($con, $_POST['dummy_name'])){
	
	$pid = mysql_real_escape_string($con, $_POST['thisID']);
	$dummy_name = mysql_real_escape_string($con, $_POST['dummy_name']);
	$country = mysql_real_escape_string($con, $_POST['country']);
	$price = mysql_real_escape_string($con, $_POST['price']);

	//See if that product name is an identical match to another product in the system.
	$sql = mysqli_query($con, "UPDATE dummy SET dummy_name='$dummy_name', country='$country', price='$price' WHERE id='$pid'");
	if($_FILES['fileField']['tmp_name'] !=""){
		//Place image in the folder.
		$newname = "$pid.jpg";
		move_uploaded_file($_FILES['fileField']['tmp_name'], "../dummy_images/$newname");
	}
	header("location: dummy_list.php");
	exit();
}
?>
<?php
//Gather this product's full information for inserting automatically into the edit form below on page.

if(isset($_GET['pid'])){
	$targetID = $_GET['pid'];
	$sql = mysqli_query ($con, "SELECT * FROM dummy WHERE id='$targetID' LIMIT 1");
	$productCount = mysqli_num_rows($sql); // Count number of rows to outpout.
	if(!$productCount > 0){
		while($row = mysqli_fetch_array($sql)){
			$dummy_name = $row["dummy_name"];
			$country = $row["country"];
	}
} else {
	echo "This dummy don't exsist.";
	exit();
	}
}

And some html to that!

<div class="innerDiv">
            <form action="dummy_edit.php" enctype="multipart/form-data" name="add_dummy_form" id="add_dummy_form" method="post">
                
                <!-- Name -->
                <div class="add_dummyinfo">
                    <p>Name</p>
                </div>
                <div class="add_dummyinput">
                  <label>
                    <input name="dummy_name" type="text" id="add_dummy_name" value="<?php echo $dummy_name; ?>" />
                  </label>
                </div>
                <div class="clear"></div>
                
                <!-- country -->
                <div class="add_dummyinfo">
                    <p>country</p>
                </div>
                <div class="add_dummyinput">
                  <label>
                    <input name="country" type="text" id="add_dummy_country" value="<?php echo $country; ?>" />
                  </label>
                </div>
                <div class="clear"></div>
                
                <!-- Price -->
                <div class="add_dummyinfo">
                    <p>Price</p>
                </div>
                <div class="add_dummyinput">
                  <label>
                    <input name="price" type="text" id="add_dummy_textfield" value="<?php echo $price; ?>" />
                  </label>
                </div>
                <div class="clear"></div>
                
                <!-- Image -->
                <div class="add_dummyinfo">
                    <p>Image (500*375 px)</p>
                </div>
                <div class="add_dummyinput">
                  <label>
                    <input type="file" name="fileField" id="add_dummy_image" />
                  </label>
                </div>
                <div class="clear"></div>
                
                <!-- Update Submit -->
                <div class="add_dummyinput">
                  <label>
                    <input type="hidden" name="thisID" value="<?php echo $targetID; ?>" />
                    <input type="submit" name="button" id="add_dummy_button" value="edit" />
                  </label>
                </div>
                <div class="clear"></div>
            </form>
 		</div><!-- INNERDIV -->

Any help is appreciated!
Thank you!

Can you perform a var_dump() upon your $con variable? Also, your escaping functions (mysql_real_escape_string()) need to be updated to mysqli_.

On another note, you’re also vulnerable to SQLi. I’d advise you to leverage prepared statements since mysqli has them. Check out this article for more information: http://www.sitepoint.com/avoid-the-original-mysql-extension-1/

Oops, the escape strings do have mysqli just forgot to put it in quetion hehe ^^
I know the connection is right because I use it on other pages and I would get a different error if connection didn’t work.
Checked out the page you linked and was a good read but didn’t make me any wiser in the issue in mind :confused:

Thanks for helping! :slight_smile:

Looking closer at your code, you seem to be using an exclamation mark in the following statement:


    if(!$productCount > 0){ 

This negates any positive integer to 0, causing the condition to be false (not executing the body). Remove the exclamation mark (and preferably prevent the SQLi injection with respect to the $targetID variable), and let me know if that works.

Tried to remove it but still the same issue. :frowning:
I think the issue is in fetching the rows. I can see in the URL that I’m on the right ID page.

I managed to solve the issue.
I can’t believe that I forgot that I import the mid and not pid value to get $thisID.
After hours and hours of problem solving it just hit me…
I’m so stupid haha :stuck_out_tongue:

Thanks for all your help tho and the page you linked helped me get a better overview of mysqli :slight_smile: