OOP PHP and MySQL need help in multiple select statement

PHP
1

Hi,

Good day!

I am new in coding of PHP in OOP way.

I found a sample OOP MySQL connect to database and it works fine, but when I tried to add another query for displaying output I got an error:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\oop_report\class_lib.php on line 46

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\oop_report\class_lib.php on line 46

this is my


<?php
class createConnection //create a class for make connection
{
    var $host = "localhost";
    var $username = "root";
    var $password = "";
    var $database = "operators_report";
    var $myconn;
    var $select;
    var $query;
    function connectToDatabase() //create a function for connect to database
    {
        $conn = mysql_connect($this->host,$this->username,$this->password);

        if(!$conn) // testing the connection
        {
            die ("Cannot connect to the database");
        }
        else
        {
            $this->myconn = $conn;

            echo "Connection established";
        }

        return $this->myconn;
    }

    function selectDatabase() //selecting the database
    {
        mysql_select_db($this->database); //use php inbuil function for select database

        if(mysql_error()) //if error occured display the error message\\
        {
            echo "Cannot find the database " . $this->database;
        }
        echo "Database selected..";
    }

    function query_select($select)
    {
        $this->query= mysql_query($select);
    }
    function fetch_query()
    {
        return mysql_fetch_array($this->query);
    }
    function closeConnection() //close the connection
    {
        mysql_close($this->myconn);

        echo "Connection closed";
    }
}
?>

and index.php


<?php
include('class_lib.php');

$connection = new createConnection(); //I created a new object

$connection->connectToDatabase(); //connected to the database

echo "<br/>"; //putting  a html break

$connection->selectDatabase();  // select database

echo "<br/>";
$select = "SELECT * From process_list";

  $result = $connection->query_select($select); //query process_list table
  echo "<table border= '1'>";
  echo "<tr>";
  while ($row = $connection->fetch_query()) //fetch data
  {
        $process_id = $row['process_id'];
        $process_name = $row['process_name'];

        echo "<th>$process_name</th>";


      $select_ = "SELECT p.process_name, SUM(o.compound_output) AS output, shift_date
        FROM process_list AS p JOIN op_output AS o ON (p.process_id = o.process_id)
        WHERE WEEK(shift_date, 0) = '45' AND p.process_name = '$process_name';
        GROUP BY shift_date";
        $result_ = $connection->query_select($select_); //query process_list table
        echo "<tr>";
        while($row_output = $connection->fetch_query()){
            $output = $row_output['output'];

            echo "<td>$output</td>";
        }
        echo "</tr>";

  }
  echo "</tr>";
  echo "</table>";
echo "<br/>";
$connection->closeConnection(); // closed connection
?>

Thank you

2

The example that you found is out of date. The mysql_* extension is now deprecated as of the current version of PHP and will very likely be removed from the next 5.x version and will likely not be in PHP 6.x (when it eventually is released). You should migrate over to either the mysqli_* extension or to PDO. PDO is a better choice as it doesn’t tie you down so much to a particular database server software.

Your code is vulnerable to a SQL Injection Attack. You should use Prepared Statements to prevent SQL Injection attacks. Have a read of this article from the PHP manual, it shows how to use prepared statements with PDO and also explains the principle.

3

The OP is likely having a very old legacy script, even the object properties are declared using var rather than public/private/protected. Anyway, its indeed still common to see deprecated mysql_ functions even nowadays, and last time I checked on popular newbie tutorial sites like w3schools.com they have mostly updated to using mysqli extension.