+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: mysql_query raw php (/showthread.php?tid=24790)
mysql_query raw php - El Forum - 11-19-2009
[eluser]georgerobbo[/eluser]
Hello,
I have the following mysql query. For reasons I can't understand I get the error
Quote:Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/howardcheng/login.php on line 34
Code:
if($_POST['u'] != "username" && isset($_POST['u']) && $_POST['p'] != "" && isset($_POST['p']))
{
echo db_connect();
$username = mysql_real_escape_string($_POST['u']);
$username = trim($username);
$password = mysql_real_escape_string($_POST['p']);
$password = trim($password);
$query = mysql_query("SELECT * FROM members WHERE M_Username = $username");
while($b = mysql_fetch_array($query)) {
echo $b['Password'];
}
}
else
{
}mysql_query raw php - El Forum - 11-20-2009
[eluser]LifeSteala[/eluser]
Hello, try this replace this line:
Code:
$query = mysql_query("SELECT * FROM members WHERE M_Username = '$username'") or die (mysql_error());I've added single quotes to your WHERE clause and added a error handling task after the query so you can post us a specific error message (if necessary).
Thanks
mysql_query raw php - El Forum - 11-20-2009
[eluser]jedd[/eluser]
For what it's worth ...
[quote author="georgerobbo" date="1258689790"]
Code:
if($_POST['u'] != "username" && isset($_POST['u']) && $_POST['p'] != "" && isset($_POST['p']))This line needs help.
For starters, are you avoiding the input class for any particular reason?
You should test for something to exist before you test for its contents - you'll get less errors, and as a bonus it will give you better performance. (If you're using the input class, you don't need to do the isset() test manually - it's done as part of the input->post() call for you.)
It's also good practice to group these kinds of conditionals - even where the operator precedence is on your side - it just makes it easier to read.
Finally, the CI style guidelines encourage AND in place of && (and OR in place of ||), again in the name of readability. I tend to agree with them on this.
So, I'd suggest:
Code:
if ( (isset($_POST['u'])) AND (isset($_POST['p'])) AND ($_POST['u'] != "username") AND ($_POST['p'] != "") )mysql_query raw php - El Forum - 11-20-2009
[eluser]Nerijus[/eluser]
Why not using ActiveRecord?