gsquare567 Posted April 29, 2007 Share Posted April 29, 2007 Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in abc.php on line 57 and my code is: $find_user = $_GET['username']; $result = mysql_query("SELECT * FROM AuthDB WHERE Username = '$find_user'"); if($row = mysql_fetch_array($result)) Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 29, 2007 Share Posted April 29, 2007 You should check to see whether you're getting an MySQL error on the query. That should tell you more. Plus, you really should sanitize the input to guard against MySQL insertion attacks by using the function mysql_real_escape_string() <?php $find_user = mysql_real_escape_string(stripslashes($_GET['username'])); $query = "SELECT * FROM AuthDB WHERE Username = '$find_user'"; $result = mysql_query($query) or die("Problem with the query <pre>$query</pre>" . mysql_error()); if($row = mysql_fetch_array($result)) ?> Ken Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 well, when i add in an echo $find_user = $_GET['username']; echo "SELECT * FROM AuthDB WHERE Username = '$username'"; $result = mysql_query("SELECT * FROM AuthDB WHERE Username = '$find_user'"); if($row = mysql_fetch_array($result)) and the url ends with /abc.php?username=test&password=abcdef, it says: SELECT * FROM AuthDB WHERE Username = 'test' Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource so it has nothing to do with the result variable Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 29, 2007 Share Posted April 29, 2007 That's not what I said to do. Read my post again. Ken Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 SELECT * FROM AuthDB WHERE Username = 'test'Problem with the query Query was empty ur very smart. but how do i fix this? Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 ok, i understood that it wasnt in the db, then apparently my db was deleted, so i made a new one and now i get this: SELECT * FROM AuthDB WHERE Username = 'test'Problem with the query Resource id #2 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #2' at line 1 Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 29, 2007 Share Posted April 29, 2007 I still don't think you're using the code I posted, but some combination of your code and mine. Please post the exact code that you're using. Ken Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 $find_user = $_GET['username']; echo "SELECT * FROM AuthDB WHERE Username = '$username'"; $query = mysql_query("SELECT * FROM AuthDB WHERE Username = '$find_user'"); $result = mysql_query($query) or die("Problem with the query <pre>$query</pre>" . mysql_error()); if($row = mysql_fetch_array($result)) Quote Link to comment Share on other sites More sharing options...
trq Posted April 29, 2007 Share Posted April 29, 2007 $query = mysql_query("SELECT * FROM AuthDB WHERE Username = '$find_user'"); $result = mysql_query($query) or die("Problem with the query <pre>$query</pre>" . mysql_error()); Man, do you understand what your code is attempting? Seriously, you need to learn to debug. Always check your queries actually succeed before trying to use any results from them. <?php $find_user = mysql_real_escape_string(stripslashes($_GET['username'])); $query = "SELECT * FROM AuthDB WHERE Username = '$find_user'"; if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { while ($row = mysql_fetch_assoc($result)) { // display the data. } } else { echo "No results found"; } } else { echo "Problem with the query <pre>$query</pre>" . mysql_error(); } ?> Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 whats the difference? Quote Link to comment Share on other sites More sharing options...
trq Posted April 29, 2007 Share Posted April 29, 2007 mysql_query returns a resource. Your trying to feed a resource back into mysql_query. Your code makes NO sense at all and funnily enough, doesn't work. Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 29, 2007 Share Posted April 29, 2007 Plenty. Just compare the code you're using with Thorpe's code and you should see where you've made your mistakes. Ken Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 same errors basically: Problem with the query Resource id #2 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #2' at line 1 Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource Quote Link to comment Share on other sites More sharing options...
AndyB Posted April 29, 2007 Share Posted April 29, 2007 That simply is not possible. Nothing in Ken's code or Thorpe's code would echo "resource id" anything. Sounds like you still haven't made your code the same as the perfectly good code that's been offered to you. Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 maybe its the code after it: if($row = mysql_fetch_array($result)) { // password checking $find_pass = $_GET['password']; if($row['Password'] == $find_pass) { // ip checking $find_ip = $_SERVER['REMOTE_ADDR']; $ip = $row['IP']; if($row['IP'] == $find_ip || strlen($ip) == 0) { if(strlen($ip) == 0) // set ip if not already set { mysql_query("UPDATE AuthDB SET IP = '$find_ip' WHERE Username = '$find_user'"); } $find_time = date("l, F jS, Y") . " at " . date("g:i:s A"); mysql_query("UPDATE AuthDB SET Last Login = '$find_time' WHERE Username = '$find_user'"); $valid = true; } } } Quote Link to comment Share on other sites More sharing options...
AndyB Posted April 29, 2007 Share Posted April 29, 2007 Since none of the queries there have any error trapping, that code is not responsible for the error message you posted. C'mon, it's late. Take a closer look at what you're doing. Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 echo "Problem with the query <pre>$query</pre>" . mysql_error(); } if($row = mysql_fetch_array($result)) thats where the errors r comin from Quote Link to comment Share on other sites More sharing options...
AndyB Posted April 29, 2007 Share Posted April 29, 2007 That's echoing resource #2? OK, you win. Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 i dont get it, what's resource #2? is it like an explosive bomb or somethin? i'll post all my code: <?php $mysql_host = '**********'; $mysql_user = '***********'; $mysql_pass = '*******'; $mysql_db = '**********'; // mysql connecting $dbc = mysql_connect($mysql_host, $mysql_user, $mysql_pass) or DIE('Could not connect to the MySQL server: ' . mysql_error()); mysql_select_db($mysql_db, $dbc) or DIE('Could not select the database: ' . mysql_error()); $valid = false; if ($_SERVER["HTTP_X_FORWARDED_FOR"] != "") { $IP = $_SERVER["HTTP_X_FORWARDED_FOR"]; $proxy = $_SERVER["REMOTE_ADDR"]; $host = $_SERVER["HTTP_X_FORWARDED_FOR"]; } else { $IP = $_SERVER["REMOTE_ADDR"]; $host = $IP; } echo "HOST: " . $host . "<br>"; echo "PROXY: " . $proxy . "<br>"; echo "IP: " . $ip . "<br>"; // username checking $find_user = $_GET['username']; echo "SELECT * FROM AuthDB WHERE Username = '$username'"; $query = mysql_query("SELECT * FROM AuthDB WHERE Username = '$find_user'"); //$result = mysql_query($query) or die("Problem with the query <pre>$query</pre>" . mysql_error()); if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { while ($row = mysql_fetch_assoc($result)) { // display the data. echo $row['Username']; } } else { echo "No results found"; } } else { echo "Problem with the query <pre>$query</pre>" . mysql_error(); } if($row = mysql_fetch_array($result)) { // password checking $find_pass = $_GET['password']; if($row['Password'] == $find_pass) { // ip checking $find_ip = $_SERVER['REMOTE_ADDR']; $ip = $row['IP']; if($row['IP'] == $find_ip || strlen($ip) == 0) { if(strlen($ip) == 0) // set ip if not already set { mysql_query("UPDATE AuthDB SET IP = '$find_ip' WHERE Username = '$find_user'"); } $find_time = date("l, F jS, Y") . " at " . date("g:i:s A"); mysql_query("UPDATE AuthDB SET Last Login = '$find_time' WHERE Username = '$find_user'"); $valid = true; } } } if($valid) { echo "ACCEPTED"; } else { echo "DENIED"; } ?> Quote Link to comment Share on other sites More sharing options...
trq Posted April 29, 2007 Share Posted April 29, 2007 Look. Here you assign the resource returned by mysql_query to the variable $query. $query = mysql_query("SELECT * FROM AuthDB WHERE Username = '$find_user'"); Then, here you try an execute a query using that same resource stored in $query. Do you even know what mysql_query returns? if ($result = mysql_query($query)) { You need to do some tutorials on basic database querying. Were here to help with code, not teach you step by step. Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 29, 2007 Share Posted April 29, 2007 Replace these three lines: <?php $find_user = $_GET['username']; echo "SELECT * FROM AuthDB WHERE Username = '$username'"; $query = mysql_query("SELECT * FROM AuthDB WHERE Username = '$find_user'"); ?> with <?php $find_user = mysql_real_escape_string(stripslashes($_GET['username'])); $query = "SELECT * FROM AuthDB WHERE Username = '$username'"; $result = mysql_query($query) or die("Problem with the query <pre>$query</pre><br>" . mysql_error()); ?> Ken Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 Look. Here you assign the resource returned by mysql_query to the variable $query. $query = mysql_query("SELECT * FROM AuthDB WHERE Username = '$find_user'"); Then, here you try an execute a query using that same resource stored in $query. Do you even know what mysql_query returns? if ($result = mysql_query($query)) { You need to do some tutorials on basic database querying. Were here to help with code, not teach you step by step. false if didnt work or a value if true Quote Link to comment Share on other sites More sharing options...
trq Posted April 29, 2007 Share Posted April 29, 2007 Its a resource actually, not a value. So then... can you explain why you have the code you have? $query = mysql_query("SELECT * FROM AuthDB WHERE Username = '$find_user'"); if ($result = mysql_query($query)) { How does that make sense? Quote Link to comment Share on other sites More sharing options...
gsquare567 Posted April 29, 2007 Author Share Posted April 29, 2007 **** u guys know this shit too well... u shud be hacking google and i cant explain the code, but i can explain that its 1 am and i have to pry my eyes open. instead of $query i shud've put $result Quote Link to comment Share on other sites More sharing options...
AndyB Posted April 29, 2007 Share Posted April 29, 2007 Actually, all you had to do was accurately copy code given to you by Ken or Thorpe instead of cobbling together what you did. Everybody would have saved time. And it's 1:00 am here too. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.