[SOLVED] Hwo to check if SQL query has returned a result

[williamZanelli]

Hey guys,

 

I'm trying to extract some data from a database, What I want is, if there's no result returned, to redirect to some page, otherwise redirect to another page.

 

My code is something like

 

$sql = "Select * FROM quiz WHERE userID = $id";
$result = mysql_query ($sql);

if ($result){

//redirect to  nodata page
}
else{

//do something else

 

The "if ($result)" statment doesnt seem to work, as it is true, even when the query returns no results.

 

Any ideas on how I can fix this??

 

Thanks in advance for your thoughts.

 

 

[DarkWater]

if (mysql_num_rows($result) > 0) {

}
else {

}

 

Also, make sure to sanitize $id if it's from GET or POST and add or die(mysql_error()); or your preferred method of handling MySQL errors to the end of the query.

[williamZanelli]

DarkWater,

 

Thanks for the response.

 

The code provided yourself solves the stated problem.

 

What is the prupose of sanitize?

 

I do have the "die" code, but only in one place, when I connect to the database

 

$con = mysql_connect($servername,$username,$password);
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

 

I'm not sure how to incorprate this into my code.

 

Thanks for your help.

 

William

[.josh]

mysql_query will return a result source on a select query if results are returned, and FALSE if nothing is returned.  If nothing is returned, your condition should fail.  Your code block is written correctly, which means the problem is not in the condition, but somewhere else.  Perhaps you can start with doing some kind of var dump on $result inside the condition (comment out the redirect, of course), and taking a look at what's being returned.

[DarkWater]

mysql_query will return a result source on a select query if results are returned, and FALSE if nothing is returned.  If nothing is returned, your condition should fail.  Your code block is written correctly, which means the problem is not in the condition, but somewhere else.  Perhaps you can start with doing some kind of var dump on $result inside the condition (comment out the redirect, of course), and taking a look at what's being returned.

 

I'm fairly sure it only returns FALSE when there was an actual error with the query, otherwise you'd always have your "or die()"'s activating if there were no results.

[PFMaBiSmAd]

Only a query that fails to execute (no connection to a database server, no database selected, syntax error) returns a FALSE value. A query that executes but has zero rows in the result set is a successful query and returns a result resource.

[DarkWater]

Only a query that fails to execute (no connection to a database server, no database selected, syntax error) returns a FALSE value. A query that executes but has zero rows in the result set is a successful query and returns a result resource.

 

Yeah, so it still populates the variable even though it's just a blank result set.  You need to use mysql_num_rows() here.

[.josh]

Ah you guys are right, I guess I had a foobar moment.  I checked the manual and there it was, just like you said.  Thing is, I already knew that...don't know what caused me to think that right now...maybe it's cuz I haven't gone to bed yet...

[DarkWater]

Ah you guys are right, I guess I had a foobar moment.  I checked the manual and there it was, just like you said.  Thing is, I already knew that...don't know what caused me to think that right now...maybe it's cuz I haven't gone to bed yet...

 

I think that Foobar should be a candy bar for programmers.  Honestly.  I think that a good portion of programmers have used classes or functions named "foo", "bar", or "foobar" at least twice.

[williamZanelli]

Thank you for your comments guys,

 

I used DarkWaters suggestion

 

mysql_num_rows() ...

 

And it's worked.

 

Still unsure abouut sanitize/die as mentioned by DarkWater earlier.

 

Regards

 

Wills

[.josh]

you sanitize a variable to prevent sql injection attacks.  you use die/trigger_error for error handling to not only make your life easier for debugging, but also to control what happens and what's being shown to the user when errors happen.