ansaurus

Question

why the data can't dispaly in the form???

Answer 1

A:

Change this to do:

$resulDetail = mysql_query($queryDetail);

to

$resulDetail = mysql_query($queryDetail) or die(mysql_error());

and post the error you get.

Pentium10 2010-03-18 21:09:38

the error still same.....Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\Program Files\xampp\htdocs\e-Complaint(FYP)\userView.php on line 101

shimaTun 2010-03-18 21:15:07

your sql query is wrong, print it

Pentium10 2010-03-18 21:34:33

Answer 2

A:

Considering your code :

$resulDetail = mysql_query($queryDetail);
$detail = mysql_fetch_array($resultDetail);

This kind of error is likely to happen when mysql_query fails -- and return false ; which means $resultDetail is not a resource, and cannot be used as a parameter to mysql_fetch_array.

This means you should test if $resultDetail is not false before calling mysql_fetch_array :

$resulDetail = mysql_query($queryDetail);
if ($resulDetail === false) {
    // while developping, you can echo the error message
    // in production, you should log it to a file
    echo mysql_error();
} else {
    // query has been run OK
    // => You can use the result :
    $detail = mysql_fetch_array($resultDetail);
    // ...
}

Humph : looking closer at your code, you have this :

$resulDetail = mysql_query($queryDetail);
$detail = mysql_fetch_array($resultDetail);

In the first line, the result of mysql_query is stored to $resulDetail, with no t !
And, in the second line, you are using $resultDetail, with a t !

i.e. the variable used for mysql_fetch_array doesn't exist -- hence is considered as null -- not a valid resource.

As a sidenote, even if this is not the cause of the problem in this specific case, but you are building your query like this :

$subject = $_GET['type'];
$comment = $_GET['id'];
$queryDetail = " SELECT * FROM campuscomplaint " . " WHERE subject = '" . $subject . "' AND comment = '" . $comment . "' ";

Which means you are not escaping the data before injecting it into the SQL query -- which is bad and can lead to SQL injections (which can cause an error while executing the query)

You should use mysql_real_escape_string on those strings, before injecting them into the SQL query :

$subject = mysql_real_escape_string($_GET['type']);
$comment = mysql_real_escape_string($_GET['id']);
$queryDetail = " SELECT * FROM campuscomplaint " . " WHERE subject = '" . $subject . "' AND comment = '" . $comment . "' ";

Pascal MARTIN 2010-03-18 21:10:19

i not understand....can u explain more detail....

shimaTun 2010-03-18 21:17:33

Heu... which part did you not understand ?

Pascal MARTIN 2010-03-18 21:19:43

the data still can't display....

shimaTun 2010-03-18 21:35:11

Answer 3

A:

Your $resultDetail is not a resource, and cannot be used as a parameter to mysql_fetch_array(). from my practise - test all your queries with mysql "sql"! u can find more detailed information about an error there!!!

Syom 2010-03-18 21:51:23

Answer 4

A:

shimaTun, as you commented in a previous answer, "supplied argument is not a valid MySQL result resource". This means that your query is invalid, and mysql_query() is returning a mysql ERROR resource, not a RESULT resource. Change your code to the following:

$resultDetail = mysql_query($queryDetail);
if (mysql_error()) {
   die("MySQL error: " . mysql_error());
}

and re-run the script. That will spit out the exact error that the query is causing.

Incidentally, what's with all the "bordercolor" and "bgcolor" attributes in your td tags? You're obviously using CSS, since there's "class" attributes as well. Why not save a few kilobytes of bandwidth by styling your table cells with the style sheet? It also makes the HTML far easier to read.

You'll also want to fix up how the HTML is generated. Consider the case where the data you're inserting into the form contains a double quote or a tag:

<textarea name="comment" rows="5" cols="40"><?php echo $detail['message']; ?></textarea>

What if $detail['message'] looked like "Hello, </textarea> I'm outside your tags, messing with your HTML". The generated html will look like:

<textarea name="comment" rows="5" cols="40">Hello, </textarea> I'm outside your tags, messing with your HTML</textarea>

and now part of comment is gone, reduced to just Hello,, because it's broken out from the containing <textarea>. Unless your form data is stored pre-escaped (generally a bad idea), you should ALWAYS output it into the form via the htmlspecialchars() function, like this:

<textarea><?php echo htmlspecialchars($detail['message']) ?></textarea>

which will nicely translate <, >, &, ' and " into their character-entity equivalents.

Marc B 2010-03-19 03:22:37

ansaurus

tags:

views:

answers:

why the data can't dispaly in the form???

related questions