I am trying to see if the logged in user is verified. But there is an error:
Warning: mysql_fetch_array(): supplied
argument is not a valid MySQL result
resource in
/home/psmcouk/public_html/colemansystems/verify.php
on line 332
Here is the PHP code:
$user1 = $_SESSION['usr'];
$result = mysql_query("SELECT * FROM phpbb_members WHERE memberName=$user1");
while($row = mysql_fetch_array($result)) //LINE 332
{
$valid = $row['valid'];
}
if($valid == "1"){
echo "$user1, you're account is currently verified.";
}
I just can not see what is wrong with this code.
Thanks!
All the answers above are lame.
$user1 = mysql_real_escape_string($_SESSION['usr']);
$query = "SELECT valid FROM phpbb_members WHERE memberName='$user1' and valid=1";
$result = mysql_query($query) or trigger_error(mysql_error()." in ".$query);
$valid = mysql_num_rows($result);
if($valid){
echo "$user1, your account is currently verified.";
}
You probably have an SQL error. Try
if (!$result) {
echo 'Invalid query: ' . mysql_error() . "\n";
}
I guess $user should be quoted:
$result = mysql_query("SELECT * FROM phpbb_members WHERE memberName='$user1'");
You can always see whats wrong my placing echo mysql_error(); after the query
As already posted, you just have to put the user name in single quotations marks:
$query = "SELECT * FROM phpbb_members WHERE memberName = '".$user1."'";
Assuming, that the user name column is varchar. The code you used is only valid if you compare numbers, e.g. integers.
A general remark: Depending on the size of the columns of your database, it might be resonable to select specific rows rather than all using *. For instance:
$query = "SELCT memberName, valid FROM phpbb_members";
Try to use:
$result = mysql_query("SELECT * FROM phpbb_members WHERE memberName='$user1'")
or die(mysql_error()); // to get if any error exists
$user1 = $_SESSION['usr'];
$result = mysql_query("SELECT * FROM phpbb_members WHERE memberName=$user1");
while($row = mysql_fetch_field($result)) //LINE 332
{
$valid = $row['valid'];
}
if($valid == "1"){
echo "$user1, you're account is currently verified.";
}
try this.
You should test the result of mysql_query before using it, if you follow the examples from php.net :
$result = mysql_query("SELECT * FROM phpbb_members WHERE memberName=$user1");
if (!$result) {
die('Request problem : ' . msql_error());
}
while($row = mysql_fetch_array($result)) //LINE 332
...
Related
I am using MySQL to get data from table but it shows an exception. Here is the code I am using. I am calling this using URL to test:
$userName=mysql_real_escape_string($_GET['userName']);
$query = mysql_query("SELECT * FROM UserCredentials where UserName='$userName' ");
http://celeritas-solutions.com/pah_brd_v1/productivo/getUserData.php?userName=jamshaid.ali
Here is the exception
Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/content/i/h/u/ihus235/html/cs/pah_brd_v1/productivo/getUserData.php on line 74 []
Here is the full code
$userName=mysql_real_escape_string($_GET['userName']);
$query = mysql_query("SELECT * FROM UserCredentials Where UserName='$userName' ");
$rows = array();
while($row = mysql_fetch_assoc($query)) {
$rows[] = $row;
}
echo json_encode($rows);
?>
$query = sprintf("SELECT * FROM UserCredentials where UserName='%s'",mysql_real_escape_string($_GET['userName']));
$result = mysql_query($query);
if(result){
//do you code
}
Some suggestions -
Use isset() , like --
if(isset($_GET['userName'])) {
// Do the processing, most appropriate check whether form is submitted or not
}
Now your code will looks like-
// Sanatize the data, and make sure to safe your code from sql injections(prefer PDO or mysqli_)
if(isset($_GET['userName'])) {
$userName=mysql_real_escape_string($_GET['userName']);
$sql = "SELECT * FROM UserCredentials Where UserName='".$userName."'";
$query = mysql_query($sql, $conn) or die(mysql_error());
$rows = array();
while($row = mysql_fetch_assoc($query)) {
$rows[] = $row;
}
echo json_encode($rows);
}
?>
echo $sql; and run it in phpmyadmin to check your query is forming correctly or not, use var_dump() and read error/warning/notices to track errors.
I am using the JQuery Validation Plugin. I got the remote function working with the default php file.
I modified the php file to use my own version but mysql is returning
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/fastbluf/syatch/module/1.func.php on line 15
My PHP Code is the following. All my syntax looks correct.
<?php
// Last Edited: 4/23/12
$conn = mysql_connect('localhost','hidden','hidden') or die('Iam dying');
$rs = #mysql_select_db( "hidden", $conn) or die( "Err:Db" );
$do = $_REQUEST['do'];
$email= $_REQUEST['email'];
$user= $_REQUEST['user'];
function checkInfo($do,$email,$user){
switch ($do) {
case 1:
$sql = "select * from User_Base where Email_Address = $email";
$results = mysql_query($sql). mysql_error();
$nResults = mysql_num_rows($results);
if ($nResults > 0) {
$valid="false";
} else {
$valid="true";
}
break;
case 2:
//not yet
break;
}
return $valid;
}
echo checkInfo($do,$email,$user);
?>
The problem is that you're appending to your result, causing it to no longer be a valid result.
$results = mysql_query($sql). mysql_error();
Try changing this to be something like this:
$results = mysql_query($sql) or die(mysql_error());
Your query should also be changed to quote the email address, and the address should be escaped to prevent attacks (SQL Injection):
$email = mysql_real_escape_string($_REQUEST['email']);
$sql = "select * from User_Base where Email_Address = '$email'";
Fix your query to
$sql = "select * from User_Base where Email_Address = '".$email."'";
I want to do a really simple task: check if an inserted id matches one found in a mysql database. If no match, an alert box will appear displaying an invalid id message. The problem that I have is my script ALWAYS returns found, even if the id does not exist in the database. Here is my script, any idea what is wrong?
PHP SCRIPT:
<?php
//connect to server....
$id = $_GET["id"];
$query = 'SELECT * from users where id = $id';
$result = mysql_query($query) or trigger_error(mysql_error().$query);
if (empty($result))
{
$response = "notfound";
echo $response;
}
else
{
$response = "found";
echo $response;
}
// Close connection to the database
mysql_close($con);
?>
You're using single quotes instead of double quotes on your query assignment. You must use double quotes or string concatenating.
$query = "SELECT * from users where id = $id";
OR
$query = 'SELECT * from users where id = ' . $id;
And you're also probably doing this in the insert, which is why it's always being 'found'.
Try:
$query = 'SELECT * from users where id = '.(int) $id;
$result = mysql_query($query) or trigger_error(mysql_error().$query);
$num_rows = mysql_num_rows($result);
if($num_rows > 0) {
echo "found";
}
else {
echo "not found";
}
I am no t familiar with php syntax but can you replace the if condition to be something like this
$result = mysql_query($query) or trigger_error(mysql_error().$query);
if($result)
{
$response = "found";
echo $response;
}
else
{
$response = "notfound";
echo $response;
}
I've got a php script with this statement:
$query = "SELECT type
FROM users
WHERE username = '$username'";
$result = $database->query($query);
if($result == 1) {
echo "whatever";
continue;
}
The problem is that the if never runs and when I created a print statement to print $result before the if runs, it prints a Reference ID#. So result is never == 1 because it is being assigned the reference ID #.
What the heck am I doing wrong? How do I assign the value of 'type' which is an INT, instead of it's contents Reference ID#?
you have to fetch that line first ...
$query = "SELECT type FROM users WHERE username = '$username'";
$result = $database->query($query);
$row = mysql_fetch_assoc($result);
if($row['type'] == 1)
{
echo "whatever";
}
You need to use mysql_fetch_assoc() or mysql_fetch_array() to get the result into an array:
$query = $database->query("SELECT type FROM users WHERE username = '$username'");
$result = mysql_fetch_assoc($query);
if($result['type'] == 1)
{
echo "whatever";
continue;
}
try
<?php
$result = mysql_fetch_assoc($database->query($query));
$id = $result['type'];
if($type == 1)
{
Yes. You have to check it like:
$query = "SELECT type FROM users WHERE username = '$username'";
$result = $database->query($query);
if($result)
{
echo "whatever";
continue;
}
This is a Boolean check, but... In php we have weak types - everything is true, except on false, 0, '' (empty string), null, etc.
If you want to make a good Boolean check including type, then you have:
if(bool_val === true)
{
..
}
// or
if(bool_val && is_bool(bool_val))
{
..
}
This query object returns a result resource in php. And you probably receive #Resource ID, which is some kind of pointer in php code.
If you receive something like this (#Resource ID) - this means your query has passed correctly and no error occured.
I have a checklogin page and followin codes;
$sql = "select * from users where username = '$username' and password = '$password'";
$result = mysql_query($sql) or die ( mysql_error() );
if(mysql_num_rows($result)>0)
{
$line = mysql_fetch_assoc($result);
$count++;
}
if ($count == 1)
{
$_SESSION['login'] = "true";
$_SESSION['username'] = $username;
$_SESSION['usertype'] = $line['type'];
}
And the $_SESSION['usertype'] is always 1 even though it is different in database, what am I doing wrong
I'd suggest you do a little debugging through the entire process.
Verify that $username and $password are what you expect them to be before you run the query:
echo "Username: {$username} Password: {$password}<br/>";
Verify that your query is returning the right values:
$line = mysql_fetch_assoc($result);
echo "<pre>";
var_dump($line);
echo "</pre>";
If both of those tests return the expected values, then you may have to investigate your session - is it being started properly? Is it being reset somewhere?
$line is returning 1 because it is a boolean yes/no result. A result was found hence it returns 1.
You have to iterate through $line or access result set #1 directly with $line[0]['type'];
Or just fetch a single row:
Taken from the manual:
**Example #1 Fetching one row with mysql_fetch_row()**
<?php
$result = mysql_query("SELECT id,email FROM people WHERE id = '42'");
if (!$result) {
echo 'Could not run query: ' . mysql_error();
exit;
}
$row = mysql_fetch_row($result);
echo $row[0]; // 42
echo $row[1]; // the email value
?>
In you case, if you changed your select to "select type from users .... " instead of "select *"
$line[0]