Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New to the CF scene
    Join Date
    Oct 2009
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL resu, php wrong

    hi
    can someone please help me? i am trying to send activation code to new member and i get only wrong msg in my files....

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/arash/public_html/activation.php on line 11
    Invalid Validation Code

    PHP Code:
    <?php
    session_start
    ();
    include 
    "mysql.php";
    $c;
    if(!
    $_GET['code'] || !$_GET['act'])
    {
    die(
    "Invalid Use Of System.");
    } else {
    $code=$_GET['code'];
    $cq=mysql_query("select * from confirm where code=$code",$c);
    if(
    mysql_num_rows($cq)== 0)
    { die(
    "Invalid Validation Code"); }
    $r=mysql_fetch_array($cq);
    if(
    $_GET['act'] == 'activate')
    {
    mysql_query("UPDATE users SET confirmed='1' WHERE userid={$r[user]}",$c);
    mysql_query("DELETE FROM confirm WHERE code=$code",$c);
    print 
    "Account Validated!<br />
    <a href='login.php'>Login</a>"
    ;
     } else if(
    $_GET[act] == 'cancel')
    {
    mysql_query("DELETE FROM users WHERE userid={$r[user]}",$c);
    mysql_query("DELETE FROM confirm WHERE code=$code",$c);
    print 
    "Your account has successfully been cancelled, Were sorry you had to leave.";exit;
    } else {
    die(
    "Invalid Action.");
    }

    }
    ?>

  • #2
    met
    met is offline
    Regular Coder
    Join Date
    Oct 2009
    Location
    United Kingdom
    Posts
    728
    Thanks
    4
    Thanked 119 Times in 119 Posts
    PHP Code:
    $code=$_GET['code'];
    $cq=mysql_query("select * from confirm where code=$code",$c); 
    is wrong, $code will be a string and you need to wrap it in quotes:
    PHP Code:
    $code=$_GET['code'];
    $cq=mysql_query("select * from confirm where code='".$code."'",$c); 
    and its very unwise to have the $code directly in to the query, read up on SQL injection;

  • #3
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    what is $c and what do you intend to do with this line:
    PHP Code:
    $c
    also what do intent to do with $c in this?
    PHP Code:
    $cq=mysql_query("select * from confirm where code=$code",$c); 
    why you assume that everything is ok and don't check $cq to see if is really ok?

    best regards

  • #4
    met
    met is offline
    Regular Coder
    Join Date
    Oct 2009
    Location
    United Kingdom
    Posts
    728
    Thanks
    4
    Thanked 119 Times in 119 Posts
    well mysql_query takes 2 parameters, the query string and a resource identifier. $c will be a database connection, probably set in the included file mysql.php but it isn't really necessary unless working with multiple connections.

  • #5
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by met View Post
    well mysql_query takes 2 parameters, the query string and a resource identifier. $c will be a database connection, probably set in the included file mysql.php but it isn't really necessary unless working with multiple connections.
    probably you are right, I prefere to wait op answer,

    best regards


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •