Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming mysql_query raw php
mysql_query raw php
  • El Forum
    Guest
  •  
#1
11-19-2009, 04:03 PM

[eluser]georgerobbo[/eluser]
Hello,

I have the following mysql query. For reasons I can't understand I get the error
Quote:Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/howardcheng/login.php on line 34

Code:
if($_POST['u'] != "username" && isset($_POST['u']) && $_POST['p'] != "" && isset($_POST['p']))
        {
            echo db_connect();
            
            $username = mysql_real_escape_string($_POST['u']);
            $username = trim($username);

            $password = mysql_real_escape_string($_POST['p']);
            $password = trim($password);
                    
            $query = mysql_query("SELECT * FROM members WHERE M_Username = $username");
            
            while($b = mysql_fetch_array($query)) {
                
            echo $b['Password'];
            
            }
            

        }
        else
        {
        }
  • El Forum
    Guest
  •  
#2
11-20-2009, 04:17 AM

[eluser]LifeSteala[/eluser]
Hello, try this replace this line:

Code:
$query = mysql_query("SELECT * FROM members WHERE M_Username = '$username'") or die (mysql_error());

I've added single quotes to your WHERE clause and added a error handling task after the query so you can post us a specific error message (if necessary).

Thanks
  • El Forum
    Guest
  •  
#3
11-20-2009, 06:00 AM

[eluser]jedd[/eluser]
For what it's worth ...
[quote author="georgerobbo" date="1258689790"]
Code:
if($_POST['u'] != "username" && isset($_POST['u']) && $_POST['p'] != "" && isset($_POST['p']))
[/quote]

This line needs help.

For starters, are you avoiding the input class for any particular reason?

You should test for something to exist before you test for its contents - you'll get less errors, and as a bonus it will give you better performance. (If you're using the input class, you don't need to do the isset() test manually - it's done as part of the input->post() call for you.)

It's also good practice to group these kinds of conditionals - even where the operator precedence is on your side - it just makes it easier to read.

Finally, the CI style guidelines encourage AND in place of && (and OR in place of ||), again in the name of readability. I tend to agree with them on this.

So, I'd suggest:
Code:
if ( (isset($_POST['u']))  AND  (isset($_POST['p']))  AND ($_POST['u'] != "username")  AND  ($_POST['p'] != "") )
  • El Forum
    Guest
  •  
#4
11-20-2009, 06:15 AM

[eluser]Nerijus[/eluser]
Why not using ActiveRecord?




Theme © iAndrew 2016 - Forum software by © MyBB