-1

I keep having an error in mysql_fetch_(assoc,array,row) I can't find the problem and when I try to count the rows of the result by using echo the result is 1

Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in C:\wamp\www\Jocales\login.php on line 88 in query SELECT * FROM users WHERE uName ='nuha' AND uPassword = '123'

 <?php 

   $login= $_POST['login']; 
   $password= $_POST['password'];

      if($login && $password){
       $con = mysql_connect("localhost", "root", "")or die ('no connection');
       mysql_select_db("jocales",$con) or die ('no');
       $query= "SELECT * FROM users WHERE uName ='$login' AND uPassword = '$password'";
       $result = mysql_query($query)or die(mysql_error()." in query $query");

       $record=mysql_fetch_assoc($query) or die(mysql_error()." in query $query"); 
  ?>
Sirko
  • 72,589
  • 19
  • 149
  • 183
Nuha Almadani
  • 1
  • 3
    Check `mysql_error()` to see what is wrong. Besides, have a look at [PDO](http://php.net/pdo) and [`mysqli`](http://php.net/mysqli) as `mysql_x` functions are deprecated! Furthermore in the posted form your code is wide open to SQL injections. – Sirko May 01 '13 at 16:55

3 Answers3

1

Change

$record=mysql_fetch_assoc($query)

To

$record=mysql_fetch_assoc($result)

Note: Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO, or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

WARNING: You code is vulnerable to SQL Injection.

Zoe
  • 27,060
  • 21
  • 118
  • 148
Rikesh
  • 26,156
  • 14
  • 79
  • 87
0

The function mysql_fetch_assoc() expects one parameter and it should be a resource type. You're providing a string.

$query= "SELECT * FROM users WHERE uName ='$login' AND uPassword = '$password'";
$result = mysql_query($query)or die(mysql_error()." in query $query");

//this is the issue!
$record = mysql_fetch_assoc($query) or die(mysql_error()." in query $query");

the last statement should be

$record = mysql_fetch_assoc($result) or die(mysql_error()." in query $query");

NOTE (straight from php.net about mysql_*)

Warning

This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information.

Community
  • 1
  • 1
Ejaz
  • 8,719
  • 3
  • 34
  • 49
0

use this code ( replace $query with $result )

<?php 

   $login= $_POST['login']; 
   $password= $_POST['password'];

      if($login && $password){
       $con = mysql_connect("localhost", "root", "")or die ('no connection');
       mysql_select_db("jocales",$con) or die ('no');
       $query= "SELECT * FROM users WHERE uName ='$login' AND uPassword = '$password'";
       $result = mysql_query($query)or die(mysql_error()." in query $query");

       $record=mysql_fetch_assoc($result) or die(mysql_error()." in query $query"); 
  ?>
Ali Akbar Azizi
  • 3,272
  • 3
  • 25
  • 44