Jump to content

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in ...


Recommended Posts

When I try to submit my form it doesn't enter the data into the database. My page also shows this message:
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in .... line 18
Line 18 is marked below in the code.

Aside the code being dated, I can't get a handle on what to do to solve it. Can someone please help me out?

 


error_reporting (2039);
extract($_GET);
extract($_POST);

$server    = "server.com";
$username    = "uname";
$password    = "pword";
$database    = "mydb";

$db = @mysql_connect($server,$username,$password);
mysql_select_db($database);


if($submit =="save")
{
 $sales = addslashes($sales);
 $billing = addslashes($billing);
 $support = addslashes($support);
 $query = mysql_query("update variables set sales ='$sales', billing='$billing', support ='$support' where id = 1");
}
  $query = mysql_query("select sales, billing, support from variables");
  $row = mysql_fetch_array($query, MYSQL_ASSOC); // line 18
  $sales = stripslashes($row['sales']);
  $billing = stripslashes($row['billing']);
  $support = stripslashes($row['support']);

You are correct with it being old code.

 

Your connection or query most likely failed.

 

Start off with at least mysqli_* or pdo

Don't suppress your connection error with @

Don't use extract, either check with $_SERVER['REQUEST_METHOD'] or check if a specific method(value in array) is set and not empty

 

Don't add slashes, use pdo prepared statements or mysqli_real_escape_string

 

Echo your query and see if it's what you expect, double check the names

 

If you want multiple results use a while loop

 

mysqli_fetch_assoc example codes

Have you checked to see if MySQL is throwing any errors? Note that you can check with mysql_error():

http://php.net/manual/en/function.mysql-error.php

 

And as QuickOldCar suggested, you shouldn't use addslashes() to escape variables being used in a query. Note the following quote from the documentation for addslashes():

Please note that use of addslashes() for database parameter escaping can be cause of security issues on most databases.

 

If you don't plan to upgrade to PDO or MySQLi at this time, you can use mysql_real_escape_string():

http://php.net/manual/en/function.mysql-real-escape-string.php

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.