MikeDXUNL Posted July 1, 2008 Share Posted July 1, 2008 TABLE `achievements` achid | gameid | achname | 1 5 Perfectionist 2 5 5x Eggs TABLE `guides` guideid | achid | gameid | guidetext 1 1 5 Complete the game, etc etc 2 2 5 Throw 5 Eggs <?php $gameid = $_GET['gameid']; //in this case it is 5 $get_achs = mysql_query("SELECT * FROM achievements LEFT JOIN guides on achievements.achid = guide.achid WHERE achievements.gameid = '$gameid'") or die(mysql_error()); while($ach = mysql_fetch_array($get_achs, MYSQL_ASSOC)) { echo $ach['guidetext']; } ?> instead of getting my result, i get: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\wamp\www\achunlocked\viewgame.php on line 196 Any Help please? Thanks in advance, Mike Link to comment https://forums.phpfreaks.com/topic/112692-solved-left-join/ Share on other sites More sharing options...
br0ken Posted July 1, 2008 Share Posted July 1, 2008 This might not help but I added a typecast statement to remove the SQL injection risk. Give it a try and tell us if it works. The error you're getting means that the value in $get_achs is not a valid MySQL result set. <?php $gameid = (int)$_GET['gameid']; // Typecast as int. Remove SQL injection risk $get_achs = mysql_query("SELECT * FROM achievements LEFT JOIN guides on achievements.achid = guide.achid WHERE achievements.gameid = '$gameid'") or die(mysql_error()); if (mysql_num_rows($get_achs) > 0) { while($ach = mysql_fetch_assoc($get_achs)) { echo $ach['guidetext']; } } ?> Link to comment https://forums.phpfreaks.com/topic/112692-solved-left-join/#findComment-578758 Share on other sites More sharing options...
MikeDXUNL Posted July 1, 2008 Author Share Posted July 1, 2008 Unknown column 'guide.achid' in 'on clause' it was supposed to be guides not guide i found it thanks! Link to comment https://forums.phpfreaks.com/topic/112692-solved-left-join/#findComment-578761 Share on other sites More sharing options...
br0ken Posted July 1, 2008 Share Posted July 1, 2008 Congratulations! But please, still take my advise about typecasting. <?php $gameid = (int)$_GET['gameid']; ?> By doing this it forces the variable $gameid to contain a number so if a user entered malicious code into this variable in the URL, it would be automatically stripped out. Without this your code is wide open to SQL injection. Please hit the 'Topic Solved' link in the bottom left of this page, if that is all? Link to comment https://forums.phpfreaks.com/topic/112692-solved-left-join/#findComment-578768 Share on other sites More sharing options...
MikeDXUNL Posted July 1, 2008 Author Share Posted July 1, 2008 my actual $gameid was this $gameid = (!isset($_GET['gameid']) || !is_numeric($_GET['gameid']) || $_GET['gameid'] < 1) ? 1 : $_GET['gameid']; if put what i did in the post for the purpose of the post Link to comment https://forums.phpfreaks.com/topic/112692-solved-left-join/#findComment-578775 Share on other sites More sharing options...
br0ken Posted July 1, 2008 Share Posted July 1, 2008 That's all very confusing. It is much easier to simply typecast it though, you gotta agree? Link to comment https://forums.phpfreaks.com/topic/112692-solved-left-join/#findComment-578777 Share on other sites More sharing options...
MikeDXUNL Posted July 1, 2008 Author Share Posted July 1, 2008 i do. thanks for the heads up Link to comment https://forums.phpfreaks.com/topic/112692-solved-left-join/#findComment-578779 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.