Page 1 of 1

mysql_num_rows and warnings.....

Posted: Thu Aug 28, 2003 8:27 pm
by m3rajk
problem:
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /var/www/html/findyourdesire/stats.php on line 21
section of code causing it:

Code: Select all

# talk to the db
$db=mysql_connect($host, $login1, $pass1) or die("cannot access mysql"); # connect
$fyd=mysql_select_db('findyourdesire', $db) or die("cannot access db"); # select the db
$querystats=mysql_query("SELECT * FROM stats WHERE uid='$uin'", $db); # find the stats
$stats=mysql_fetch_array($querystats); # get the stats
$queryvotes=mysql_query("SELECT * FROM votes WHERE votee='$uin'", $db); # find the votes
$vc=mysql_num_rows($queryvotes); # how many votes
for($i=0;$i<$vc;$i++){ # for each vote
  $voteinfo=mysql_fetch_array($queryvotes); # get the vote info
  $vt+=$voteinfo['vote']; # find the vote total
}
if($vc==0){ $vc=1; }//prevent div by zero issue
i don't understand how $queryvotes can be anything but a valid sql query resource when $querystats is one

Posted: Thu Aug 28, 2003 9:25 pm
by McGruff
You definitely have a "votes" table?

Posted: Fri Aug 29, 2003 3:10 am
by JayBird
and a "votee" field?

Posted: Fri Aug 29, 2003 11:14 am
by m3rajk
yes.
SSH Secure Shell 2.4.0 (Build 163)
Copyright (c) 2000 SSH Communications Security Corp - http://www.ssh.com/

This copy of SSH Secure Shell is licensed for educational, charity,
and personal recreational/hobby use.
Any commercial use requires a separate license.


This program uses RSA BSAFEĀ® Crypto-C by RSA Security Inc.

[joshua@Ashes joshua]$ mysql -u ************** -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 3.23.56

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> use findyourdesire
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> show tables;
+--------------------------+
| Tables_in_findyourdesire |
+--------------------------+
| bio |
| comments |
| forums |
| friends |
| interests |
| mail |
| msgs |
| pests |
| posts |
| stats |
| threads |
| tops |
| users |
| votes |
+--------------------------+
14 rows in set (0.01 sec)

mysql> describe votes;
+----------+------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+------------------+------+-----+---------+-------+
| voter | int(10) unsigned | | MUL | 0 | |
| votee | int(10) unsigned | | MUL | 0 | |
| vote | float(3,1) | | MUL | 0.0 | |
+----------+------------------+------+-----+---------+-------+
3 rows in set (0.04 sec)

mysql>

Posted: Fri Aug 29, 2003 2:17 pm
by m3rajk
ok. i got the votes working... ummm.. i don't know how realted this is....the e-mail check doesn't work in the sign up and no matter what, even after resetting the pw with that script, the login script claims pe and login don't match.


email checkin signup:

Code: Select all

elseif($step==3){ # make sure the username, e-mail and passwords are ok
    $db=mysql_connect($host, $login1, $pass1) or die("cannot access mysql"); # connect
    $fyd=mysql_select_db('findyourdesire', $db) or die("cannot connect to db"); # select the db
    $user=mysql_query("SELECT * FROM users WHERE username='$un'",$db); # is there a user by that name?
    if(!(preg_match('/\w+/', $un))){$err=TRUE; $errs[]='Your Member Name has invalid characters.<br>Only Alpha-Numeric chara
cters and underscore are accepted'; $step=2;}
    elseif(mysql_num_rows($user)>0){$err=TRUE; $errs[]='That name is already in use. Please choose a new Member Name.'; $ste
p=2;}
    if(strlen($pw)<6){ $err=TRUE; $errs[]='Your Password <b>MUST</b> be at least 6 characters'; $step=2;}
    if($pw!==$pwc){ $err=TRUE; $errs[]='Your Password <b>MUST</b> match the check exactly'; $step=2;}
    if(!(preg_match('/^[\w\.\-]+@[\w\.\-]+\.\w\w\w?$/', $email))){$err=TRUE; $errs[]='Your E-Mail address does not appear to
 be valid'; $step=2;}
    else{
      $mail=mysql_query("SELECT * FROM users WHERE email='$email'",$db); # was this email used already?
      if(mysql_num_rows($mail)>0){ $err=TRUE; $errs[]='You already have an account. Click <a href="pass.php">here</a> to get
 your username and password sent to you.'; }
#      elseif(/*restricted e-mail list or preg_match()es of domains*/){ $err=TRUE; $errs[]='Your e-mail address is on the "d
o not send" list. You need to use YOUR e-mail address. If you feel you see this in err, please go to the forums and contact 
the administration.'; $step=2; }
    }
    if($dobm===00){ $err=TRUE; $errs[]='Please select your birth month. Several things are calculated upon your age. Please 
read the <a href="faq.php?seek=dob" target="_blank">FAQ</a> for more information.'; $step=2; }
    if($dobd===0){ $err=TRUE; $errs[]='Please select your birth day. Several things are calculated upon your age. Please rea
d the <a href="faq.php?seek=dob" target="_blank">FAQ</a> for more information.'; $step=2; }
    if($doby==='-'){ $err=TRUE; $errs[]='Please select your birth year. Several things are calculated upon your age. Please 
read the <a href="faq.php?seek=dob" target="_blank">FAQ</a> for more information.'; $step=2; }
    if($gender=='-'){ $err=TRUE; $errs[]='You forgot your gender. We seperate New and Top Users by gender. Therefore we requ
ire it.'; $step=2; }
and the login script...

Code: Select all

[joshua@Ashes fyd]$ cat login.php
<?php
include("/home/joshua/includes/fyd.incs.php"); # includes file
# variables used
$pass=MD5($_POST['pass']); $login=FALSE; $duration=NULL; $title='Login Page'; $error=FALSE; $gmto=NULL;
$uid=NULL; 

if(isset($_POST['un'])){ # check the db if this isn't the first loading of the page
  $un=$_POST['un']; # what was the passed username?
  $db=mysql_connect($host, $login2, $pass2) or die("cannot access mysql"); # connect
  $fyd=mysql_select_db('findyourdesire', $db) or die("cannot connect to db"); # select the db
  $lookup=mysql_query("SELECT * FROM users WHERE username='$un'", $db);
  if(mysql_num_rows($lookup)==0){ $error=TRUE; } # there was no user by that name
  else{ # retrieve the info
    $info=mysql_fetch_array($lookup); # get all the info associated with the user
    if($pass==$info['password']){ # the passwords match
      $sa=$info['site_access'];
      if((contains($sa, $regulars))||(contains($sa, $desireds))){ # you're not suspended
        $login=TRUE; $duration=$info['login_duration']; # set login to true, cookie duration code
        $gmto=$info['gmt_offset']; $rtds=$info['tds']; $utds=$tds[$rtds]; # set the gmt offset & time display
        $currip=$_SERVER['REMOTE_ADDR']; # get the new ip
        $update=mysql_query("UPDATE users SET last_login_ip='$currip',last_login_date='$now' WHERE uid='$uid'", $db); # update login date and ip
        $expire=time()+(60*$durr[$duration]); # set expiration by formula time()+seconds*minutes*hrs*days*yrs
        setcookie(un, $un, $expire); # set username
        setcookie(pw, $pass, $expire); # set password
        setcookie(login, TRUE, $expire); # set login
        setcookie(gmto, $gmto, $expire); # set the gmt offset
        setcookie(utds, $rtds, $expire); # set the time display style
      }
    }
  }
}

/* *******************************************************
   ** find where we are and call the creation functions **
   ******************************************************* */

if(isset($_POST['un'])){
  if($login){
    bgnpg($title); nav(); success($un); clspg();
  }else{
    bgnpg($title); nav(); login($un, TRUE, $error); clspg();
  }
}else{
  bgnpg($title); nav(); login('', FALSE, FALSE); clspg();
}

/* *********************************
   ** create the appropriate page **
   ********************************* */
function success($un){
  echo <<<END
      <h1>Welcome back $un!</h1>
      <p>Please choose where to go next</p>
      $tsw100
          <tr>
            <td align="center"><a href="index.php">Home</a></td>
            <td align="center"><a href="forums.php">Forums</a></td>
            <td align="center"><a href="search.php">Search</a></td>
          </tr>
      </table>
    </center>
  </body>
</html>
END;
}

function login($un, $err, $error){
  if($err){ # there was an error
    if($error){ # there is no such user
          echo "      <font color="#ff0000"><h1>We do not have a record of any user by that name. Please check your spelling</h1></font>";
    }else{ # password issue
      echo '      <font color="#ff0000"><h1>YOUR LOGIN & PASSWORD DID NOT MATCH OUR RECORDS. PLEASE CHECK SPELLING AND TRY AGAIN</h1></font><p><font size="-1">If you are sure your login and password are correct, please check the forums. The two times you are not allowed to login are when your e-mail address is unvalidated or you have been suspended. In the latter case there should be a thread in either the fakes or problems/comments/suggestions forum stating what the problem is.';
    }
  }
  if($err){$un=$_POST['un'];}else{$un='';} # set un's value
  echo <<<END
      <form action="$_SERVER[PHP_SELF]" method="POST">
        $tsnw
            <tr><td>Your Member Name</td><td><input type="text" name="un" size="15" maxsize="15" value="$un"></td></tr>
            <tr><td>Your Password</td><td><input type="password" name="pass" size="15" maxsize="15"></td></tr>
            <tr><td><a href="pass.php">Lost Your PW?</a></td><td><input type="submit" value="Login!"></td></tr>
        </table>
      </form>
END;
}
?>