montgomery Posted August 16, 2007 Share Posted August 16, 2007 Here my querry that I have a problem with: $dbl1 = "SELECT * FROM PHPAUCTIONXL_swopboards WHERE posterid= '".$_SESSION["PHPAUCTION_LOGGED_IN"]."' AND auction= '".$_SESSION["CURRENT_ITEM"]."' AND enddate>='".$NOW."' AND status!='i' "; $result_dbl1 = mysql_query ($dbl1); if ($result_dbl1) { $SWOPBOARDID = mysql_result($result_dbl1,0,"id"); <----line 413 } Sometimes I get the warining: Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 65 in /var/www/web52/html/testserver/item.php on line 413 It seems that the problem comes when the variable '".$_SESSION["CURRENT_ITEM"]."' is not set. I was hoping, what in this case the querry just does not give any result. Is there a way to say: "If querry gives a warining than don´t show it? " Link to comment https://forums.phpfreaks.com/topic/65281-warning-if-variable-is-not-set/ Share on other sites More sharing options...
radalin Posted August 16, 2007 Share Posted August 16, 2007 try $result_dbl1 = @mysql_query ($dbl1); the "@" sign will set error_reporting to zero for that function and any error which can occur will not be shown. Link to comment https://forums.phpfreaks.com/topic/65281-warning-if-variable-is-not-set/#findComment-326112 Share on other sites More sharing options...
akitchin Posted August 16, 2007 Share Posted August 16, 2007 if you want to avoid trying to grab a result when it returns no rows, simply use mysql_num_rows() on the query's resource ID to find out how many rows it pulled. however, if your query is an invalid resource, this function too will fail. the better step is to not run the query at all if your $_SESSION value is empty: if (!empty($_SESSION['CURRENT_ITEM'])) { // do the query hustle! } also, please use code tags when posting code in the future. Link to comment https://forums.phpfreaks.com/topic/65281-warning-if-variable-is-not-set/#findComment-326119 Share on other sites More sharing options...
radalin Posted August 16, 2007 Share Posted August 16, 2007 I forgot to mention. (Can't edit my own post) while sending variables to an sql query use mysql_real_escape_string() to protect your database and you application from sql injection. your query should be like: <?php $dbl1 = "SELECT * FROM PHPAUCTIONXL_swopboards WHERE posterid= '".mysql_real_escape_string($_SESSION["PHPAUCTION_LOGGED_IN"])."' AND auction= '".mysql_real_escape_string($_SESSION["CURRENT_ITEM"])."' AND enddate>='".mysql_real_escape_string($NOW)."' AND status!='i' "; ?> Link to comment https://forums.phpfreaks.com/topic/65281-warning-if-variable-is-not-set/#findComment-326161 Share on other sites More sharing options...
montgomery Posted August 18, 2007 Author Share Posted August 18, 2007 I forgot to mention. (Can't edit my own post) while sending variables to an sql query use mysql_real_escape_string() to protect your database and you application from sql injection. your query should be like: <?php $dbl1 = "SELECT * FROM PHPAUCTIONXL_swopboards WHERE posterid= '".mysql_real_escape_string($_SESSION["PHPAUCTION_LOGGED_IN"])."' AND auction= '".mysql_real_escape_string($_SESSION["CURRENT_ITEM"])."' AND enddate>='".mysql_real_escape_string($NOW)."' AND status!='i' "; ?> I am working with an existing software and customize it. So far I have not seen the "mysql_real_escape_string()" in the whole application. If you say this is not save then I hope, what my data is protected in an other way. There are many includes on the page. Perhaps this safety feature is automated (is that possible?). Thanks for your suggestions! Link to comment https://forums.phpfreaks.com/topic/65281-warning-if-variable-is-not-set/#findComment-327433 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.