[SOLVED] Can't figure out whats wrong.

[Twister1004]

Hey everyone! I'm Back =D.

 

So here is what I'm trying to do

 

Objective: I am trying to get rid of this error,

Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in C:\Documents and Settings\Compaq_Owner\Desktop\Server Files\Web Server\xampp\htdocs\dreamweaver sites\iMatch\edit\about.php on line 11

 

Problem: I can't really figure it out, I've tried many things, but I havent had luck yet =(

 

Script

<?php session_start(); error_reporting(E_ALL); require("login.php");?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>iMatch | Edit About You</title>
<style>
</style>
</head>
<body>

<?php
$sql = mysql_query("SELECT about FROM `profile` WHERE `accountid` = '{$_SESSION['login_id']}'");
$result = mysql_fetch_assoc($sql);
?>
Edit about your self: Please use less than 350 character(s). <br />
<form METHOD="POST" ACTION="">
<textarea name="about" id="about" rows="10" cols="60" MAXLENGTH="350" />
<?php echo $result[0]; ?>
</textarea><br />
<input name="submit" type="submit" id="submit" value="Submit" /><br/>
<?php

if(!isset($_POST['submit'])){
// echo "Sorry, your information could not be completed at this time. Please contact an Admin.";
}
elseif(!isset($_SESSION['login_id'])){
echo "You are not logged in! Please login before you try to edit your account information";
}
else{
$content = $_POST['about'];
$enter = mysql_real_escape_string("UPDATE `profile` SET `about` = '$content' WHERE profileid = '{$_SESSION['login_id']}'");
echo "Your information has been edited.";
}
?>
</form>
</body>
</html>

 

The problem is here

$result = mysql_fetch_assoc($sql);

 

And hints or tips? =)

 

Thanks for your help! It is very appreciated!

[Psycho]

Quite simply, your query is failing. Add some error handling to find out why:

 

$query = "SELECT about FROM `profile` WHERE `accountid` = '{$_SESSION['login_id']}'";
$sql = mysql_query($query) or die ("Query:<br>$query<br>Error:<br>".mysql_error());

[Brian W]

$sql = mysql_query("SELECT about FROM `profile` WHERE `accountid` = '".$_SESSION['login_id']."'") or die(mysql_error());

I think that is a bit more functional and it has the error reporter

[Psycho]

$sql = mysql_query("SELECT about FROM `profile` WHERE `accountid` = '".$_SESSION['login_id']."'") or die(mysql_error());

I think that is a bit more functional and it has the error reporter

 

How is that more functinoal? It only shows the error. By echoing the query to the page along with the eorror it is much more informative.

[Andy-H]

$content = mysql_real_escape_string($_POST['about']);

$enter = mysql_query("UPDATE profile SET about = '$content' WHERE profileid = '" . mysql_real_escape_string($_SESSION['login_id']) . "' LIMIT 1")or die(mysql_error());

 

 

[Brian W]

$sql = mysql_query("SELECT about FROM `profile` WHERE `accountid` = '".$_SESSION['login_id']."'") or die(mysql_error());

I think that is a bit more functional and it has the error reporter

How is that more functinoal? It only shows the error. By echoing the query to the page along with the eorror it is much more informative.

 

The "functional thing was about the {$_SESSION['login_id']} vs ".$_SESSION['login_id']."

Either way will work I believe, the whole read out of the query and error are unnecessary but may come in handy...

[Twister1004]

Thank you everyone!

Id like to call out Andy H and mjdamato.

Thank you Andy for putting in the mysql_real_escape_string I so carelessly left out. And mjdamato, which helped me find my error.

 

How careless of me.... I kinda forgot to add in my config.php which allowed me to access the database XD