rdkd1970 Posted May 11, 2011 Share Posted May 11, 2011 Can someone help me with this error message...I tried another layout but I think I am getting the same problem where it is not recognizing the next page of the sessions and including the id for a member to continue Invalid query:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #4' at line 1 Whole query:Resource id #4 This is the page. <?php session_start(); ?> <?php ini_set ("display_errors", "1"); error_reporting(E_ALL); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Welcome</title> </head> <body> <?php /* Program: login.php * Desc: Displays the new member welcome page. Greets * member by name and gives a choice to enter * restricted section or go back to main page. */ include('Connections/connect_to_mysql.php'); $id = ''; $firstname = ''; $lastname = ''; $country = ''; $email = ''; //Formulate Query //This is the best way to perform an SQL query $query = mysql_query("SELECT id,firstname FROM `Members` WHERE id='%s' AND firstname='%s'"); //Perform Query $result = mysql_query($query); //Check result //This shows the actual query sent to MySQL and the error. Useful for debugging. if(!$result){ $message = 'Invalid query:' . mysql_error() . "\n"; $message .= 'Whole query:' . $query; die($message); } //Use result //Attempting to print $result won't allow access to information in the resource //One of the mysql result functions must be used //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc. while($row=mysql_fetch_assoc($result)){ echo Welcome, $row['firstname']; } //Free the resources associated with the result set mysql_free_result($result); ?> <p>Your new Member accounts lets you enter the members only section of our web site. You'll find special discounts, a profile of matches, live advise from experts, and much more.</p> <p>Your new Member ID and password were emailed to you. Store them carefully for future use.</p> <div style="text-align: center"> <p style="margin-top: .5in; font-weight: bold"> Glad you could join us!</p> <form action="profile.php" method="post"> <input type="submit" value="Enter the Members Only Section"> </form> <form action="index.php" method="post"> <input type="submit" value="Go to Main Page"> </form> </div> </body> </html> :'( Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 The problem is probably here: //Formulate Query //This is the best way to perform an SQL query $query = mysql_query("SELECT id,firstname FROM `Members` WHERE id='%s' AND firstname='%s'"); //Perform Query $result = mysql_query($query); mysql_query returns a result. You then take that result and try and query again, passing the result as the query. //Formulate Query //This is the best way to perform an SQL query $result = mysql_query("SELECT id,firstname FROM `Members` WHERE id='%s' AND firstname='%s'"); if(!$result){ ... Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 Okay that brought the page up with no errors but why did the Welcome, firstname not show up??? Oh and thanks for that.... Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 Well this query isn't going to match any rows probably. SELECT id,firstname FROM `Members` WHERE id='%s' AND firstname='%s' Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 I replaced it with echo "Welcome, $firstname"; still get no results. Could it be still not accepting the $result in this line.... while($row=mysql_fetch_assoc($result)){ echo "Welcome, $firstname"; Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 You're missing the point of my reply. The query is not going to return any rows. You need to look at the WHERE clause and figure out how to get PHP variables in there so that you actually find the row for the member who just logged in. I would assume that id is all you need in your query, but there's no way to know from the code you presented, where the id value is suppossed to come from. My assumption is that some prior operation might have set it in a session variable, so you could use it in the query like so: $result = mysql_query("SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id'}"); Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 this is my update and error message is Invalid query:Query was empty Whole query: $query = mysql_query("SELECT id, firstname FROM `Members` WHERE $id={$_SESSION['id']}"); //Perform Query $result=mysql_query($query); //Check result //This shows the actual query sent to MySQL and the error. Useful for debugging. if(!$result){ $message = 'Invalid query:' . mysql_error() . "\n"; $message .= 'Whole query:' . $query; die($message); } //Use result //Attempting to print $result won't allow access to information in the resource //One of the mysql result functions must be used //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc. while($row=mysql_fetch_assoc($result)){ echo "Welcome, $firstname"; } //Free the resources associated with the result set mysql_free_result($result); Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 Why did you revert back your code to the same problem we already fixed? Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 Sorry I got lost for a moment but I did this to it and now I get this message. Notice: Undefined variable: query in /home/ebermy5/public_html/login.php on line 39 Invalid query:Unknown column '$id' in 'where clause' Whole query: $result = mysql_query("SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id']}"); //Check result //This shows the actual query sent to MySQL and the error. Useful for debugging. if(!$result){ $message = 'Invalid query:' . mysql_error() . "\n"; $message .= 'Whole query:' . $query; die($message); } //Use result //Attempting to print $result won't allow access to information in the resource //One of the mysql result functions must be used //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc. while($row=mysql_fetch_assoc($result)){ echo "Welcome, $firstname"; } //Free the resources associated with the result set mysql_free_result($result); Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 Well the problem appears to be that you are setting the value of $_SESSION['id'] to be literally '$id' rather than the numeric value of the id for the user. You need to check the script that does that work. Based on your error checking code here is what I would suggest you change to make things a bit easier, and eliminate the notice you're getting for the undefined variable. $query = "SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id']}"; $result = mysql_query($query); //Check result //This shows the actual query sent to MySQL and the error. Useful for debugging. if(!$result){ $message = 'Invalid query:' . mysql_error() . "\n"; $message .= 'Whole query:' . $query; die($message); } //Use result //Attempting to print $result won't allow access to information in the resource //One of the mysql result functions must be used //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc. while($row=mysql_fetch_assoc($result)){ echo "Welcome, $firstname"; } //Free the resources associated with the result set mysql_free_result($result); Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 We must be getting somewhere as I am not getting any messages but I think it has welcomed everyone at the same time. Here is what I get Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Welcome, Your new Member accounts lets you enter the members only section of our web site. ..... Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 Well, your code is looping and will echo for every row in the result set. Also you need to actually use the data in the $row variable. echo "Welcome, {$row['firstname']}"; What this indicates to me is that you have some issue with your routine where it is inserting multiple rows with the same id, which is something that should not be possible if there is a proper primary key on the table. Fixing the welcome message should help you figure out more about what you have, but at this point you're at least making a valid query and getting a result set back. Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 We are almost there I am jumping out of my skin..... Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 That still welcomes everyone by firstname and just gives them their own line. Should I put $col instead of $row. Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 this is the new error message Notice: Use of undefined constant firstname - assumed 'firstname' in /home/ebermy5/public_html/login.php on line 48 Welcome, Steven It repeats all the names I put in the db as a test. so I am not sure if I have to use the email 1 as a confirmation that it is one member but then I have the problem of needing an email address to test lots of them. Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 the primary key in my tables is id only Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 At the top add this code so you can see what the actual query is. $query = "SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id']}"; var_dump($query); Just add the var_dump there. Hopefully you have phpMyAdmin setup so you can look at the contents of the database, and issue queries to it. Whatever the query is, it is returning multiple rows when you expect that it should only select 1. You need to figure out why that is. Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 This is the SQL in my phpmyadmin SELECT * FROM `Members` WHERE 1 It is automatically there. Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 var_dump results in this error message Notice: Undefined index: id in /home/ebermy5/public_html/login.php on line 32 string(45) "SELECT id, firstname FROM `Members` WHERE id=" Invalid query:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 Whole query:SELECT id, firstname FROM `Members` WHERE id= Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 At the point you are running this, you don't have a session, or the variable $_SESSION['id'] is not set. Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 I noticed that happened after i put in the var_dump so I removed it I am going to make changes to my form. Thanks for all your help. I will come back after I check a few things. Just glad to be getting as far as I got with your help. Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 Okay I added the password field in my form (not sure why I had it out in the first place) but I updated that to my form and did nothing to the Welcome page but now I get this message. Notice: Undefined index: id in /home/ebermy5/public_html/login.php on line 32 Invalid query:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 Whole query:SELECT id, firstname FROM `Members` WHERE id= :-\ Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 There is no mystery to the problem -- the query will not be valid if the query is not valid, and currently it is missing a value for the id. Stepping back for a minute, I made some assumptions based on your code as provided. How many scripts do you have, and when is this script being called. I assumed it was a script that was called AFTER you login with another script, AND that assigns the user id to a session variable named $_SESSION['id']. IF that assumption is incorrect this query will not execute. Quote Link to comment Share on other sites More sharing options...
rdkd1970 Posted May 11, 2011 Author Share Posted May 11, 2011 Here is my form <?php error_reporting(E_ALL); ini_set("display_errors", 1); include_once ("Connections/connect_to_mysql.php"); $err=''; $id=''; $firstname=''; $lastname=''; $password=''; $country=''; $email=''; $_SESSION['$id']='id'; if(isset($_POST["submit"])){ // Validate form data if($_POST["firstname"]=='') $err.='Please enter First Name<br>'; if($_POST["email"]=='') $err.='Please enter Email<br>'; if($err==''){ // Check if there are duplicate entries in the 'contacts' table $sql_check = mysql_query("SELECT id FROM `Members` WHERE firstname='".addslashes($_POST["firstname"])."' and Email='".addslashes($_POST["email"])."'"); if($row = mysql_fetch_array($sql_check)){ $err.='Can not add duplicate entry<br>'; } else{ // adding new record to 'contacts' table $results = mysql_query("INSERT INTO Members (firstname,lastname,password,country,Email) values ('".mysql_real_escape_string($_POST["firstname"])."','".mysql_real_escape_string($_POST["lastname"])."','".mysql_real_escape_string($_POST["password"])."','".mysql_real_escape_string($_POST["country"])."','".mysql_real_escape_string($_POST["email"])."')") or die (mysql_error()); $id = mysql_insert_id(); $userid = mysql_insert_id(); // redirecting to success screen if($results){ header("Location: login.php"); }else die(mysql_error()); } } } ?> <html> <head> <title>Add New Contact</title> </head> <body> <h2>Register with us</h2> <?php echo $err==''?'''<p style="color:red;">'.$err.'</p>') ?> <form method="post" action="form.php"> <table border="0"> <tr> <td valign="middle">First Name:</td> <td><input type="text" name="firstname" size="30" value="<?php echo htmlspecialchars($firstname) ?>"></td> </tr> <tr> <td valign="middle">Last Name:</td> <td><input type="text" name="lastname" size="30" value="<?php echo htmlspecialchars($lastname) ?>"></td> </tr> <tr> <td valign="middle">Password:</td> <td><input type="password" name="password" size="32" value="<?php echo htmlspecialchars($password) ?>"></td> </tr> <tr> <td valign="middle">Country:</td> <td><input type="text" name="country" size="30" value="<?php echo htmlspecialchars($country) ?>"></td> </tr> <tr> <td valign="middle">Email:</td> <td><input type="text" name="email" size="30" value="<?php echo htmlspecialchars($email) ?>"></td> </tr> </table><br> <input type="submit" name="submit" value=" Submit! "> </form> </body> </html> Here is my welcome page <?php session_start(); ?> <?php ini_set ("display_errors", "1"); error_reporting(E_ALL); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Welcome</title> </head> <body> <?php /* Program: login.php * Desc: Displays the new member welcome page. Greets * member by name and gives a choice to enter * restricted section or go back to main page. */ include('Connections/connect_to_mysql.php'); $id = ''; $firstname = ''; $lastname = ''; $country = ''; $email = ''; //Formulate Query //This is the best way to perform an SQL query $query = "SELECT id, firstname FROM `Members` WHERE id={$_SESSION['id']}"; $result = mysql_query($query); //Check result //This shows the actual query sent to MySQL and the error. Useful for debugging. if(!$result){ $message = 'Invalid query:' . mysql_error() . "\n"; $message .= 'Whole query:' . $query; die($message); } //Use result //Attempting to print $result won't allow access to information in the resource //One of the mysql result functions must be used //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc. while($row=mysql_fetch_assoc($result)){ echo "Welcome, {$row[firstname]}"; } //Free the resources associated with the result set mysql_free_result($result); ?> <p>Your new Member accounts lets you enter the members only section of our web site. You'll find special discounts, a profile of matches, live advise from experts, and much more.</p> <p>Your new Member ID and password were emailed to you. Store them carefully for future use.</p> <div style="text-align: center"> <p style="margin-top: .5in; font-weight: bold"> Glad you could join us!</p> <form action="profile.php" method="post"> <input type="submit" value="Enter the Members Only Section"> </form> <form action="index.php" method="post"> <input type="submit" value="Go to Main Page"> </form> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 There is a lot of stuff wrong with your initial form script. -First off, you want to query only by the email address when looking for someone. You should add a unique index in the mysql table on the email column to make sure mysql won't allow 2 rows with the same email address to be enetered. -you call mysql_insert_id() 2x in a row. You can't do that. You call it, you get the last inserted id. Call it again you will get an error -- it's a 1 shot, per insert deal. -Your main problem right now is that you are setting the $_SESSION['id'] in the wrong place, and your assignment is wrong. I don't have much time, so i gave a guick pass and tried to fix what I could. error_reporting(E_ALL); ini_set("display_errors", 1); include_once ("Connections/connect_to_mysql.php"); $err=''; $id=''; $firstname=''; $lastname=''; $password=''; $country=''; $email=''; if(isset($_POST["submit"])){ // Validate form data if($_POST["firstname"]=='') $err.='Please enter First Name '; if($_POST["email"]=='') $err.='Please enter Email '; if($err==''){ // Check if there are duplicate entries in the 'contacts' table $sql_check = mysql_query("SELECT id FROM `Members` WHERE Email='".mysql_real_escape_string($_POST["email"])."'"); if($row = mysql_fetch_array($sql_check)){ $err.='Can not add duplicate entry '; } else { // adding new record to 'contacts' table $results = mysql_query("INSERT INTO Members (firstname,lastname,password,country,Email) values ('".mysql_real_escape_string($_POST["firstname"])."','".mysql_real_escape_string($_POST["lastname"])."','".mysql_real_escape_string($_POST["password"])."','".mysql_real_escape_string($_POST["country"])."','".mysql_real_escape_string($_POST["email"])."')") or die (mysql_error()); if($results){ $userid = mysql_insert_id(); $_SESSION['id'] = $userid; // redirecting to success screen header("Location: login.php"); } else { die(mysql_error()); } } } } ?> Add New Contact Register with us ' '.$err.'') ?> </pre> <form method="post" action="form.php"> First Name: Last Name: Password: Country: Email: </form> <br><br><b Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.