tags:

views:

53

answers:

4
+1  Q: 

MySQL: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource

Hi,

I have this bug:

mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/marlon/domains/webmasterplaats.nl/public_html/edit.php on line 36

This is the code: 

    <?php
    $ip = $_SERVER['REMOTE_ADDR'];
    $toegang[] = '86.91.195.26';
    $toegang[] = '84.86.189.70';

    $valid = true;
    if(in_array($ip, $toegang) || isset($valid))
    {
 if(isset($_GET['id']))
 {
  if($_SERVER['REQUEST_METHOD'] == 'POST')
  {
   mysql_query("UPDATE news SET titel='" . mysql_real_escape_string($_POST['titel']) . "', inhoud='" . mysql_real_escape_string($_POST['edit2']) . "' WHERE id='" . mysql_real_escape_string($_GET['id']) . "'");

   echo 'Met success geupdate.' ;
  }
   $database = mysql_connect('localhost','marlonhe19','123456789asd');
   mysql_select_db('wmp', $database);

  $id = $_GET['id'];

  $mysql = mysql_query("SELECT * FROM news WHERE id='$id' ;");

  while($row = mysql_fetch_assoc($mysql)){
   $id = $row['id'];
   $titel = $row['titel'];
   $inhoud = $row['inhoud'];

  echo '
  <form id="form1" name="form1" method="post" action="">
  <input type="text" name="titel" value="$titel" /><br />
  <textarea name="edit2">$inhoud</textarea> <br />
  <input type="submit" name="Submit" value="Opslaan" />';
    }
    }
    }

What's the problem?

+3  A: 

Warning: SQL injection possible. It looks like your query failed.

Replace this:

$mysql = mysql_query("SELECT * FROM news WHERE id='$id' ;");

With:

$mysql = mysql_query("SELECT * FROM news WHERE id='$id' ;") or die(mysql_error());

You should make your own error handling function, it's prefferable to display an error message, without exiting immediately.

Lekensteyn  2010-08-25 17:09:45
+1  A: 

You don't need a semi colon(;) in:

$mysql = mysql_query("SELECT * FROM news WHERE id='$id' ;");

Since you are passing a ;, the query execution fails and mysql_query return false and not an object. When you pass false to mysql_fetch_assoc it gives the error that you are getting.

Always add error check:

$mysql = mysql_query("SELECT * FROM news WHERE id='$id'") or die(mysql_error());

Looks like your DB selection part has a problem. Add error checking to that aswell:

EDIT:

mysql_select_db('wmp', $database) or die(mysql_error());
codaddict  2010-08-25 17:10:37
Yeah i now have this: $mysql = mysql_query("SELECT * FROM news WHERE id='$id'");But it still give's the error.
Andre Woons  2010-08-25 17:14:08
Ohh I added the or die thing, and it sais "No db selected", but how can that be , i copied the connect thing from index.php.. It's exactly the same
Andre Woons  2010-08-25 17:15:23
Are you sure your `$id` has correct id.
codaddict  2010-08-25 17:15:32
Yes, i checked every id possible.
Andre Woons  2010-08-25 17:16:18
Updated my answer.
codaddict  2010-08-25 17:19:34
Access denied for user 'marlonhe19'@'localhost' to database 'wmp' I get that error. But i't doesnt give me that on my homepage..
Andre Woons  2010-08-25 17:20:58
Do you have a solution?
Andre Woons  2010-08-25 17:31:30
A: 

You should check for errors, eg.

$news_result = mysql_query("SELECT * FROM news WHERE id='$id'")
                   or die("Query failed: ".mysql_error());

In addition, you should name your query result variables something sensible, i.e. not $mysql and you should be using bind variables to protect against SQL injection. Consider a query string of the following:

page.php?id='+OR+'1'='1
ar  2010-08-25 17:15:08
A: 

Have you tried running the query from mysql prompt. Looks like query returns error. Try changing your line

$mysql = mysql_query("SELECT * FROM news WHERE id='$id' ;");

to

$mysql = mysql_query("SELECT * FROM news WHERE id='$id' ;") or die(mysql_error());
Zimbabao  2010-08-25 17:16:04

related questions

Remove Quotes and Commas from a String in MySQL
What's the best way of converting a mysql database to a sqlite one?
How do you manage databases in development, test, and production?
Multiple foreign keys?
Add 1 to a field (MySQL)
Issues using MS Access as a front-end to a MySQL database back-end?
Bigger than a char but smaller than a blob
How do I retrieve my MySQL username and password?
Long-time LAMP Developer moving to VB.NET
How do I Concatenate entire result sets in MySQL?
Full complete MySQL database replication? Ideas? What do people do?
SQL: Distribution of table in time
SQLite vs MySQL
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Multiple Updates in MySQL
MySQL/Apache Error in PHP MySQL query
What all do I need to escape when sending a (My)SQL query?
Auto Generate Database Diagram MySQL
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
Python and MySQL
SQL Server 2005 implementation of MySQL REPLACE INTO?
How to export data from SQL Server 2005 to MySQL
Throw Error In MySQL Trigger
Binary Data in MySQL