golyath Posted September 19, 2006 Share Posted September 19, 2006 Hi i have written a simple searching script so that it builds a Sql statement and passes it back to another page for the results. It simply works with a check box if you want to see all items, and a drop down box if you want to serch with certain criterea and then a text box to enter the thing you are searching for...e.g. drop down = Firstname textbox = Edward. Searching for all records where firstname = Edward.this is the script: php: <? $crit=$_POST['crit']; $search=$_POST['search']; if($all == "all"){ $sql="SELECT * FROM users"; header("location:index.php?section=cPanel&control=members&ctrlMem=view&sqlCheck=$sql"); } else{ if($search == ""){ header("location:index.php?section=error&error=missing"); } else{ $sql="SELECT * FROM users WHERE $crit = '$search'"; //echo $sql; header("location:index.php?section=cPanel&control=members&ctrlMem=view&sqlCheck=$sql"); } } ?>this works fine if all is selected, and the Sql statement is sent back and works fine...But... If you try to use the section where you are searching for a certian criteria, the sql errors out when usign it on the next page saying: php:Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource ?>I have echoed out the sql when testing it to see if the sql statement is wrong, but i cant see anythign wrong with it:SELECT * FROM users WHERE firstname = 'Edward'If anyone can point me in the right direct it would be greatly appreciated.Thanks Quote Link to comment Share on other sites More sharing options...
onlyican Posted September 19, 2006 Share Posted September 19, 2006 That is saying that the function mysql_numrows is not a valid argument$sql = $_GET["Check"];mysql_query($sql);but I would strong advice against doing this, it allows people to type in the address bar the new query, and do anything to your database Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.