bugmero Posted May 8, 2010 Share Posted May 8, 2010 Hi, I made this code : connecttodb($hostname_connSquash,$database_connSquash,$username_connSquash,$password_connSquash); function connecttodb($hostname_connSquash,$database_connSquash,$username_connSquash,$password_connSquash) { global $link; $link=mysql_connect ("$hostname_connSquash","$username_connSquash","$password_connSquash"); if(!$link){die("Could not connect to MySQL");} mysql_select_db("$database_connSquash",$link) or die ("could not open db".mysql_error()); } $id=$_GET['id']; $qres = mysql_query("SELECT * FROM `$clubprefix"."_player` WHERE id='$id'"); $result=mysql_query($qres); $rows=mysql_fetch_array($result); ?> <table width="400" border="0" cellspacing="1" cellpadding="0"> <tr> <form name="form1" method="post" action="update_skill.php"> <td> <table width="100%" border="0" cellspacing="1" cellpadding="0"> <tr> <td> </td> <td colspan="3"><strong>Update skill level</strong> </td> </tr> <tr> <td align="center"> </td> <td align="center"> </td> <td align="center"> </td> <td align="center"> </td> </tr> <tr> <td align="center"> </td> <td align="center"><strong>Forehand/Backhand</strong></td> <td align="center"><strong>Fitness/Movement</strong></td> <td align="center"><strong>Serve/Return</strong></td> <td align="center"><strong>Volley</strong></td> <td align="center"><strong>Special Shots</strong></td> <td align="center"><strong>Playing Style</strong></td> <td align="center"><strong>Tournament Experience</strong></td> </tr> <tr> <td> </td> <td align="center"><input name="FB" type="text" id="FB" value="<? echo $rows['FB']; ?>"></td> <td align="center"><input name="FM" type="text" id="FM" value="<? echo $rows['FM']; ?>" size="15"></td> <td><input name="SR" type="text" id="SR" value="<? echo $rows['SR']; ?>" size="15"></td> <td align="center"><input name="Vol" type="text" id="Vol" value="<? echo $rows['Vol']; ?>"></td> <td align="center"><input name="SS" type="text" id="SS" value="<? echo $rows['SS']; ?>"></td> <td align="center"><input name="PS" type="text" id="PS" value="<? echo $rows['PS']; ?>"></td> <td align="center"><input name="TE" type="text" id="TE" value="<? echo $rows['TE']; ?>"></td> </tr> <tr> <td> </td> <td><input name="id" type="hidden" id="id" value="<? echo $rows['id']; ?>"></td> <td align="center"><input type="submit" name="Submit" value="Submit"></td> <td> </td> </tr> </table> </td> </form> </tr> </table> <? // close connection mysql_close(); ?> And i get this error : Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in .............line 23 It displays the form but not the data inside each box . What am i doing wrong ? Thanks Link to comment https://forums.phpfreaks.com/topic/201102-error-on-fetch-array/ Share on other sites More sharing options...
Pikachu2000 Posted May 8, 2010 Share Posted May 8, 2010 Separate your query string from the mysql_query() and echo it. Chances are it doesn't look anything like you'd expect it to. Also, assuming the $_GET['id'] var is an integer, you should cast it as such before allowing it to be used in a DB query. $id = (int) $_GET['id']; Otherwise, if it's a string, it should be e sanitized with mysql_real_escape_string(). By not typecasting/sanitizing user supplied input before placing it in a query, you're leaving yourself wide open to sql injection attacks. $query = "SELECT field1, field2 FROM table WHERE id = $id"; echo $query; mysql_query($query) or die ( mysql_error() ); Link to comment https://forums.phpfreaks.com/topic/201102-error-on-fetch-array/#findComment-1055099 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.