0

Im getting this Error:

Warning: mysql_result(): supplied argument is not a valid MySQL result resource

Ive checked other questions on this and can't seem to find the answer. Any thoughts on it? 

$query = mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `username` = '$username' AND `active` == 1");
return(mysql_result($query, 0) == 1) ? true : false;
RightLeftRight12
  • 99
  • 2
  • 13

3 Answers3

3

The reason why your query won't work is because your are wrapping the column name and table name with single quotes. They are identifiers and not string literals so they shouldn't be wrap with single quote.

SELECT COUNT(id) FROM users WHERE username = '$username'

If it happens that the column names and tables names used are a reserved keyword, they can be escape with backticks not with single quotes.

In this case, the backticks aren't required since none of them are reserved keywords.

Other links:

As a sidenote, the query is vulnerable with SQL Injection if the value(s) of the variables came from the outside. Please take a look at the article below to learn how to prevent from it. By using PreparedStatements you can get rid of using single quotes around values.

Community
  • 1
  • 1
John Woo
  • 258,903
  • 69
  • 498
  • 492
2

the query should be, you used ' around column name, you have to surround the it with `

mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `username` = '$username'");

change this

`active` == 1");

to

`active` = 1");
Yogesh Suthar
  • 30,424
  • 18
  • 72
  • 100
1

This is not a correct way of escaping column use backtick operator if you wish to like this

$query = mysql_query("SELECT COUNT(`id`) FROM `users` WHERE `username` = '$username'");
chandresh_cool
  • 11,753
  • 3
  • 30
  • 45