Be a Supporter!

Php Error Help

  • 381 Views
  • 3 Replies
New Topic Respond to this Topic
Fallin-Again
Fallin-Again
  • Member since: Aug. 24, 2004
  • Offline.
Forum Stats
Member
Level 11
Blank Slate
Php Error Help 2012-11-03 16:11:27 Reply

I cant figure out why I am getting this error: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/teach/public_html/included/query.php on line 7

I have tried re-writting the first query and still no luck. Here is my code:

<?php
include("/home/teach/public_html/included/db_config.php");
echo("Loading<br /><br />");
$query1 = mysql_query("SELECT * FROM `TABLE 91` ORDER BY `SKU` DESC") or die("Q1: ".mysql_error());
if(mysql_error() == ""){

	while($qArray = mysql_fetch_array($query1)){
		
		$productModel = $qArray['SKU'];
		$productUPC = $qArray['UPC'];
		
		$query1 = mysql_query("UPDATE `products` SET `products_upc` = '$productUPC' WHERE `products_model` = '$productModel' LIMIT 1") or die("Q2: ".mysql_error());
		
		$productModel = "";
		$productUPC = "";
		
	}
}
?>

yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea

Fallin-Again
Fallin-Again
  • Member since: Aug. 24, 2004
  • Offline.
Forum Stats
Member
Level 11
Blank Slate
Response to Php Error Help 2012-11-03 16:25:06 Reply

Never mind, I figured out the problem. I had given the second query the same variable name as the first.


yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea yea

VigilanteNighthawk
VigilanteNighthawk
  • Member since: Feb. 13, 2003
  • Offline.
Forum Stats
Member
Level 03
Blank Slate
Response to Php Error Help 2012-11-03 20:12:13 Reply

Two points:
1) I would really suggest dropping the mysql extension and use either PDO or mysqli, preferable with prepared queires.
2) I would NOT display the msyql_error string on failure. It gives information on your database that can be exploited by attackers. Write it to a log file instead.


The Internet is like a screwdriver. You can use it to take an engine apart and understand it, or you can see how far you can stick it in your ear until you hit resistance.

Diki
Diki
  • Member since: Jan. 31, 2004
  • Offline.
Forum Stats
Moderator
Level 13
Programmer
Response to Php Error Help 2012-11-03 20:26:33 Reply

At 11/3/12 08:12 PM, VigilanteNighthawk wrote: 1) I would really suggest dropping the mysql extension and use either PDO or mysqli, preferable with prepared queires.

This is very true, and really, unless your PHP version doesn't support them, just use PDOs. The mysqli_* functions are going to be deprecated soon. Parameterised statements are a very good idea too.

At 11/3/12 08:12 PM, VigilanteNighthawk wrote: 2) I would NOT display the msyql_error string on failure. It gives information on your database that can be exploited by attackers. Write it to a log file instead.

Outputting errors directly to the browser is fine to do if it's done in a dev environment, but in production Vigilante is correct: write that to a log file. Errors should never be displayed in production.