Jump to content

[SOLVED] Mysql not true then..


zero_ZX

Recommended Posts

Hi all

 

This is what i got:

<?php
mysql_select_db("phpaudit", $con);
      
$query = "select email FROM phpaudit_clients WHERE email = {$_POST['email']} and forumacc = 0";

$result = mysql_query($query,$con);


if(mysql_num_rows($result) < 1); /this one gives errors
{
echo  "An error occoured: <br /> Either your email on your forum account didn't match your client account's email <br /> Or maybe you have alreaddy upgraded a forum account? You are only allowed to upgrade one forum account.";

die();

}
?>

 

Dunno why it gives errors?

Link to comment
https://forums.phpfreaks.com/topic/152030-solved-mysql-not-true-then/
Share on other sites

If you postr the errors it will give us something to play with.

 

Would you take your car to the garage and say "it doesn't work properly?" They'd want to know HOW it doesn't work properly and a lot more information besides!

 

oh, if you post code, please use the CODE tags...


$result = mysql_query($query,$con) or die("SQL RAN: {$query}<br />Error: " . mysql_error());

 

That will tell you that there is an undefined column that will be the email address passed in via post. You need ' around string data.

 

$query = "select email FROM phpaudit_clients WHERE email = '{$_POST['email']}' and forumacc = 0";

 

I would also use mysql_real_escape_string on string data being passed in from a form to be used in the DB as that code is prone to SQL Injection.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.