...

View Full Version : PHP MySQL "Resource ID #4" Problem



wolfetone
01-17-2008, 11:21 AM
Hi, I'm making a website and it requires a user area. I've gotten code to make a login script, but when a user logs in they get the error:


Query error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #4' at line 1

This is the code for the manage-check.php file, which the index page sends the user information to:

<?php
session_start();
include('db.php');

if(isset($_POST['submit'])) :
// Username and password sent from signup form
// First we remove all HTML-tags and PHP-tags, then we create a sha1-hash
$username = strip_tags($_POST['username']);
$password = sha1(strip_tags($_POST['password']));

// Make the query a wee-bit safer
$query = mysql_query("SELECT ID FROM system_users WHERE username = '%s' AND password = '%s' LIMIT 1;");
$result = mysql_query ($query)
or die("Query error: ". mysql_error());

// Register the user ID for further use
$_SESSION['member_id'] = $row['id'];
header('Location: members-only.php');
endif;
phpinfo();
?>

The database file code is this:

<?php
define('SQL_USER', 'root');
define('SQL_PASS', '-');
define('SQL_DB', 'vet_database');

// Creates link to the database server
$link = mysql_connect('localhost', SQL_USER, SQL_PASS);
if(!$link) :
die('Could not connect: ' . mysql_error());
endif;

// Select a database where our member tables are stored
$db = mysql_select_db(SQL_DB, $link);
if(!$db) :
die ('Can\'t connect to database : ' . mysql_error());
endif;
?>

The MySQL database table that stores the information is set out in the following way with the current information:

id username password status emp_no first_name last_name member_id
1 wolfetone cat 1 1 David Richards
1


The PHP version is 5, and the MySQL version is 5.0.45. Any help would be apprieicated. By the way, I'm not that proficient in PHP so excuse me for the amateurish mistakes in the code lol.

ahallicks
01-17-2008, 12:12 PM
Sounds like it's not getting a result... try printing your query and running that through your mysql program... and try putting 'id' in small letters, not caps.

You also need to fetch it to an array before looking for the rows...


$row = mysql_fetch_array($result);

shyam
01-17-2008, 12:28 PM
// Make the query a wee-bit safer
$query = mysql_query("SELECT ID FROM system_users WHERE username = '&#37;s' AND password = '%s' LIMIT 1;");

?>

thats actually gotta be


$query = mysql_query(
sprintf("SELECT ID FROM system_users WHERE username = '%s' AND password = '%s' LIMIT 1;", $username, $password)
);

CFMaBiSmAd
01-17-2008, 12:34 PM
There are actually two queries. The first one should not be a query at all, but should be changed to sprintf.

wolfetone
01-21-2008, 01:03 PM
I put in the suggestions given, it now brings up the following:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\manage-check.php on line 34.

Although, after this it displays the phpinfo result.

weblive
01-21-2008, 05:08 PM
Hi,

Have you tried to print the query and run it in your mysql? ie. phpMyAdmin?

That can be for many reasons, though I believe it's a field mispell, but it can be a crashed table also, for example...

CFMaBiSmAd
01-21-2008, 06:10 PM
The original code you posted had error checking and error reporting on the mysql_query(). This would have told you why the query failed. You need to add the following onto the mysql_query() statement -


or die("Query error: ". mysql_error());



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum