php - fetch_assoc () errors

0

Good,

I created this code to make FETCH of all the data through a SEARCH.

If I write for example "Olaaaaa", it does not give the error and shows the search, but if I give space and say for example "Olaaa Souuuuu", it shows this error.

Fatal error: Call to a member function fetch_assoc() on a non-object in D:\xampp\htdocs\Superfacil_v1.2.8.9\inc\class_search.php on line 32

Line 32 is basically this

    $smtp_category_cc = "SELECT count(*) as total FROM public_ads WHERE $construct";
    $smtp_category_qry_cc = $con->query($smtp_category_cc);
    $total_request = $smtp_category_qry_cc->fetch_assoc(); 

Total code is

    $name = mysqli_real_escape_string($con, sanitize($_GET['search']));
$category = mysqli_real_escape_string($con, sanitize($_GET['category']));
$x = 0; 
$q = str_replace(array("\",";"), "", $name);  // remove ALL backslashes & remove ALL ";" -> for sql security: no (simple) injection of commands
$q = trim($q);
$search_exploded = explode(" ", $q);

foreach($search_exploded as $search_each ) { 

    $x++; 
    $construct = " "; 

    if($x == 1) { 
        $construct .= "ads_title LIKE '%$search_each%' AND category_id = '$category' AND ads_active = 1 AND ads_end = 0"; 
    } else {     
        $construct .= "AND ads_brand LIKE '%$search_each%' AND category_id = '$category' AND ads_active = 1 AND ads_end = 0"; 
    }
} 

/**************************/
$smtp_category_cc = "SELECT count(*) as total FROM public_ads WHERE $construct";
$smtp_category_qry_cc = $con->query($smtp_category_cc);
$total_request = $smtp_category_qry_cc->fetch_assoc();     

echo '<p class="shop-results">Encontrados <span class="badge">'. $total_request['total'] .'</span> <strong>An&uacute;ncios</strong>. </p>';      
/**************************/    


$get_search = "SELECT ads_id, client_id, category_id, ads_title, ads_brand, ads_content, ads_price, ads_views, ads_image_1, ads_image_2, ads_image_3, ads_date FROM public_ads WHERE $construct";
$get_search_qry = $con->query($get_search);


if($get_search_qry->num_rows > 0) {

Could you tell me what this error is?

========================== ERROR 2:

erro:You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'AND ads_brand LIKE '%dsadsa%' AND category_id = '31' AND ads_active = 1 AND ads_' at line 1
    
asked by anonymous 20.07.2018 / 22:30

1 answer

0

There are no spaces at the beginning and end of the string, otherwise they will join / concatenate and this will do something that was meant to be:

SELECT ... WHERE foo='bar' AND baz='bar' AND bar='bar'

turn around:

SELECT ... WHERE foo='bar'ANDbaz='bar'ANDbar='bar'

and $construct = " "; also has to stay out of foreach

$construct = " "; 

foreach($search_exploded as $search_each ) { 

    $x++; 

    if($x == 1) { 
        $construct .= " ads_title LIKE '%$search_each%' AND category_id = '$category' AND ads_active = 1 AND ads_end = 0 "; 
    } else {     
        $construct .= " AND ads_brand LIKE '%$search_each%' AND category_id = '$category' AND ads_active = 1 AND ads_end = 0 "; 
    }
}

Otherwise you can add or die to get the error (you can use if too):

$smtp_category_qry_cc = $con->query($smtp_category_cc) or die('erro:' . $con->error);

Another way to resolve the foreach loop to add items to the where would be an array, for example:

$wherearr = array();

foreach($search_exploded as $search_each ) { 

    $x++; 

    if($x == 1) { 
        $wherearr[]= "ads_title LIKE '%$search_each%' AND category_id = '$category' AND ads_active = 1 AND ads_end = 0"; 
    } else {     
        $wherearr[]= "ads_brand LIKE '%$search_each%' AND category_id = '$category' AND ads_active = 1 AND ads_end = 0"; 
    }
}


$construct = implode(' AND ', $wherearr);//Junta a array separada por espaços em uma string
    
20.07.2018 / 23:14