Jump to content

Recommended Posts

Hey guys, I am getting 2 of the same errors on lines 205 and 216  Here is the error I'm getting:

 

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/klrbal/public_html/Mafia-test/families.php on line 205

 

Here is the code:

<?
session_start();  

if (!(isset($_SESSION["real_name"])))
{
//echo "I'm not logged in";
header('Location: index.php');
}
else
{
echo "";
}


?>



<html>
<head>
<title>Mafia Syndicate BETA .::. Families</title></head>
    	<link REL="stylesheet" TYPE="text/css" HREF="main.css">

<script language=javascript src=Menus.js></script>

<body background="wallpaper.jpg">
<center> 
<table border="0" cellspacing="0" cellpadding="0" align="center" width="95%" class="cat">

<TR> 

<TD width="150" background="tdbg3.jpg" bgcolor="#222222" valign="top">
<?php include("leftmenu.php");?>
</TD>
  
    <td width="100%" valign="top">	<br>	


<?php

	$fetch=mysql_fetch_object(mysql_query("SELECT * FROM family WHERE name='$name' LIMIT 1"));
echo "$name";

////CREATE Family/////
if ($_POST['createfamily'] && $_POST['familyname']){

$familyname == $_POST['familyname']; 

if ($rankpoints <= 2250000){ 

echo "You must be an Underboss before you can make a family!";

}else{


if ($famlevel==0){

$finalcash = $cash - 10000000000000 ;

if ($finalcash <0){

echo "You do not have enough cash!";

}elseif ($finalcash >=0){

$num_true=mysql_num_rows(mysql_query("SELECT * FROM family WHERE id >1"));
if ($num_true >= 6){
echo "There are already 6 Family Slots!"; 
}else{

$num_true=mysql_num_rows(mysql_query("SELECT * FROM family WHERE name='$name'"));
if ($num_true >= 1){

echo "There is already a family with that name!";
}else{

function change($msg){
$post = $msg;
$post = str_replace("'", "`", $post); 
return $post;
}

$new=change($familyname);

mysql_query("INSERT INTO `family` ( `id` , `owner` , `name` , `bank` , `quote` , `news` , `slot` ) VALUES ('', '$username', '$new', '0', 'No Quote!', 'You have no family news8)', '10')");
mysql_query("UPDATE users SET famlevel='9' WHERE username='$username'");
mysql_query("UPDATE users SET cash='$finalcash', family='$new'  WHERE username='$username'");
mysql_query("INSERT INTO `logs` ( `id` , `who` , `action` , `date` , `ip`) VALUES ('', '$username', 'Formed a family named <b>$new</b>!', '$date', '$realip')");

echo "You have created the Family <b>$new!</b>";



}
}
}
}
}

}

if ($_POST['cancelapply']){

mysql_query("DELETE FROM familyreq WHERE username='$username'");

echo "You have cancelled your application!";

}



if ($_POST['leave'] && $famlevel >=2 && $famlevel <7){

if ($famlevel <= 0) 
{
echo "You are not in a Family!";
}else{


if ($famlevel >= 4) 
{
echo "You can not leave your Family!";
}else{

$healthloose=rand(85,95);

if ($health - $healthloose <=0){

mysql_query("UPDATE users SET family='None', famlevel='0', `health`='1' WHERE username='$username'");
}else{

mysql_query("UPDATE users SET family='None', famlevel='0', `health`=`health`-'$healthloose' WHERE username='$username'");

echo "You left your family and lost $health% health!";

}}}}

if ($_POST['change'] && strip_tags($_POST['newfamname']) && strip_tags($_POST['famid']) && $userlevel >=2){

$newfamname = $_POST['newfamname'];
$newfamname = strip_tags($newfamname);
$famid = $_POST['famid'];
$famid = strip_tags($famid);

$sql="SELECT * from families WHERE id='$famid'";
$result=mysql_query($sql);

while($rows=mysql_fetch_array($result)){ // Start looping table row 

$oname = $rows['name'];
}

$num_true=mysql_num_rows(mysql_query("SELECT * FROM family WHERE name='$newfamname'"));
if ($num_true >= 1){

echo "There is already a Family with that name!";
}else{


function change($msg)
{
$post = $msg;
$post = str_replace("'", "`", $post); 
return $post;
}

$newfamname=change($newfamname);

mysql_query("UPDATE users SET family='$newfamname' WHERE family='$oname'");
mysql_query("UPDATE familyreq SET famid='$newfamname' WHERE family='$oname'");
mysql_query("UPDATE forum_answer SET place='$newfamname' WHERE place='$oname'");
mysql_query("UPDATE forum_question SET place='$newfamname' WHERE place='$oname'");
mysql_query("UPDATE family_donations SET family='$newfamname' WHERE family='$oname'");
mysql_query("UPDATE family SET name='$newfamname' WHERE id='$crewid'");
mysql_query("UPDATE BG SET family='$newfamname' WHERE family='$oname'");


echo "You changed the family $oname to $newfamname!";

}}
?>


<table border="1" class="sub2" align="center" cellspacing="0" cellpadding="1" bordercolor=black width=81%>
<tr>
<td align="center" colspan="5" class="header">Families</td>
</tr>
<?
include "includes/db_connect.php"; 

$sql="SELECT * FROM family ORDER by id ASC";
$result=mysql_query($sql);


while($rows=mysql_fetch_array($result)){ // Start looping table row 

$name=$rows['owner'];
$famname=$rows['id'];
$famname2=$rows['name'];


$sql2="SELECT * from users WHERE family='$famname2'";
$result2=mysql_query($sql2);

$num=mysql_num_rows($result2);
?>
<tr>
<td width="70%"><a href="viewfamprofile.php?viewfamily=<? echo $famname ?>"><? echo $rows['name']; ?></a></td><td width="20%"><a href="viewprofile.php?viewuser=<? echo $name ?>"><? echo $rows['owner']; ?></a></td><td width="10%"><? echo "$num"; ?></td>
</tr>
<?
}
?>
    <tr>
      <td colspan="5" align="right"><?
  
  $num_true=mysql_num_rows(mysql_query("SELECT * FROM families WHERE id >1"));

  
   echo "$num_true"; ?>/6 Families</td>
    </tr>
</table>

<br>
<br>
<?
if ($famlevel == 0) 
{
?>
<form method="post" action="families.php">
<table border="1" cellspacing="0" cellpadding="2" bordercolor="black" align="center" width="30%" class="sub2">
    <tr>
          <td class="header" colspan="2" align="center">Create Family </td>
    </tr>
	<tr>
<td>
      <p><font color="blue"><b>Making a Family will Cost $10,000,000,000,000.
You must be ranked Underboss + to make a Family.</b></font></p></td>
</tr>
<tr>
<td width="92%" bgcolor="#3c3025" border="0">
<center>
Family Name:<br>
<input type="text" style="border:1px solid black;" name="familyname">
<br><br>
<input type="submit" value="Create Family" name="createfamily"></center>	  </td>
    </tr>
<?
$num_true=mysql_num_rows(mysql_query("SELECT * FROM familyreq WHERE username='$username'"));
if ($num_true == 1){
?>

    <tr>
      <td class="header" colspan="2" align="center">Pending Application</td>
    </tr>
<?
include "includes/db_connect.php"; 

$sql="SELECT * FROM crewapply WHERE username='$username'";
$result=mysql_query($sql);


while($rows=mysql_fetch_array($result)){ // Start looping table row 
?>
    <tr>
      <td colspan="2" align="center">
  You have applied to <b><? echo $rows['family']; ?></b><br><br>
  <input type="submit" value="Cancel Application" name="cancelapply"></td>
    </tr>
<?
}}	
?>	
</table></form>
<?
}
?>
<br>

<table border="1" cellspacing="0" cellpadding="2" bordercolor="black" align="center" width="30%" class="sub2">
    <tr>
      <td class="header" colspan="2" align="center">Leave Family</td>
    </tr>
    <tr>
      <td colspan="2" align="center"><font color="red"><b>Note: Leaving Family can result in you losing 85-95% health</b></font>
  <br>
  <br>
  <input type="submit" value="Leave Family" name="leave">	  </td>
    </tr>
<? if ($famlevel >=7 && $fetch->slot <200){ ?>
    <tr>
      <td class="header" colspan="2" align="center">Upgrade Family Size</td>
    </tr>
<tr>
<td align="center">
<?

if ($fetch->slot ==100){$next=250; $upgradecost=10000000000;}
elseif ($fetch->slot ==250){$next=500; $upgradecost=15000000000;}
elseif ($fetch->slot ==500){$next=1000; $upgradecost=20000000000;}
elseif ($fetch->slot ==1000){$next=2000; $upgradecost=30000000000;}	

?>
Your family's current size is <b><? echo $fetch->slot ; ?></b>, it will cost $<? echo number_format($upgradecost); ?> to upgrade it to <? echo $next ;?>.<br>
<input type="submit" name="upgrade" value="Upgrade">
</td>
</tr>
<? } ?>

</form>
<?
if ($userlevel >= 5) 
{
?>
<form method="post" action="">
<table border="1" cellspacing="0" cellpadding="2" bordercolor="black" align="center" width="30%" class="sub2">
    <tr>
      <td class="header" colspan="2" align="center">Change Family Name</td>
    </tr>
    <tr>
      <td width="90%" align="center">Family ID:<br><input style="border:1px solid black;" type="text" name="famid"><br></td>
    </tr>
    <tr>
      <td align="center">New Family Name:<br><input type="text" style="border:1px solid black;" name="newfamname"><br><br>
  <input type="submit" value="Change" name="change">	  </td>
    </tr>
</table>
</form>
<br><br>
<? }
?>	

<?
if ($userlevel >= 15) 
{
?>

<form method="post" action="">
<table border="1" cellspacing="0" cellpadding="2" bordercolor="black" align="center" width="30%" class="sub2">
    <tr>
      <td class="header" colspan="2" align="center">Drop Family</td>
    </tr>
    <tr>
      <td width="90%" align="center"><br>
  <center><select name="famnamedrop">
<?
include "includes/db_connect.php"; 

$sql="SELECT * FROM family ORDER by id";
$result=mysql_query($sql);


while($rows=mysql_fetch_array($result)){ // Start looping table row 
?>
<option><? echo $rows['name']; ?></option>
<?
}
?>
</select>
<br><br>
<input type="submit" value="Drop Family" name="dropfamily"></center>
  
  </td>
    </tr>
</table>
</form>

<? } ?>	
<br><br>


</td>



  	  <TD width="150" valign="top">
<?php include("rightmenu.php");?>
</TD>

</TR>


</table>

</center>
</body>
</html>

Link to comment
https://forums.phpfreaks.com/topic/181046-solved-help-with-errors/
Share on other sites

Sounds like an SQL error, what line is 205

 

update

$sql2="SELECT * from users WHERE family='$famname2'";
$result2=mysql_query($sql2);

$num=mysql_num_rows($result2);

to

$sql2="SELECT * from users WHERE family='$famname2'";
$result2=mysql_query($sql2) or die($sql2."<br>\n".mysql_error()); //updated

$num=mysql_num_rows($result2);

 

this should give you an error that it a little more helpful

It makes perfect sense.. let me explain

 

in this query what am i searching for ?

remember you need to quote the string your searching for

SELECT * from users WHERE family='MadTechie's' AND Firstname = 'this is a 'quote' test' 

 

So you could say i am searching for 'MadTechie' and 'this is a ' but then we have some invalid SQL commands

What does s' do ? and for that matter what's quote' test' theirs not command called quote?

 

Now to make SQl understand that mean find 'MadTechie's' you need to let it know that the quote is part of the string and not ending the string,

 

to do that you need to escape it with a slash, ie

SELECT * from users WHERE family='MadTechie\'s' AND Firstname = 'this is a \'quote\' test' 

 

Now you can use addslashes, or mysql_real_escape_string, i recommend mysql_real_escape_string as its part of the sql pack and prevents SQL injection

here's an example

$sql2="SELECT * from users WHERE family='".mysql_real_escape_string($famname2)."'";

ok, I think I know what you were saying, I changed it to not have the quotes around $famname2 and got this:

 

SELECT * from users WHERE family=Da Corleones

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Corleones' at line 1

No, you need the quotes to tell SQL your searching for a string, BUT the string can NOT have a quote in it,

 

when you search for

SELECT * from users WHERE family='Da Corleone's'

the system read its as

SELECT * from users WHERE family='Da Corleone'

then the system sees

s'

thats not valid SQL.. hence the error

 

So you need to tell the system that the quote IN

Da Corleone's
is PART OF the string

to do that you escape it ie

Da Corleone\'s

Now theirs a function to do that for you..

replace the line with

$sql2="SELECT * from users WHERE family='".mysql_real_escape_string($famname2)."'";

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.