Boolean given where parameter should be resource

Question

I'm having one error when I try to use my function and I don't know how can I fix it.

function is_valid($email_e, $email_code_e, $username_e) {
    $email = mysql_real_escape_string($email_e);
    $email_code = mysql_real_escape_string($email_code_e);
    $username = sanitize($username_e);
    return (mysql_result
               (mysql_query
                   ("SELECT COUNT(*) FROM `users`
                     WHERE `username` = $username
                     AND `email_code` = $email_code
                     AND `email` = $email"), 0) == 1) ? true : false;
 }

Warning: mysql_result() expects parameter 1 to be resource, boolean given in /home/meuts3/public_html/core/functions/users.php on line 34

I'm trying to make a forget password system and when someone try to get a new password, he receives a link with email_code, username and email. When he clicks, he goes to a changepassword page, in this page, I will check if these information is valid using the function is_valid, so if is_valid I have to return the user_id to start a session user_id.

How can I do that?

Thanks, I really appreciate you guys.

Possible duplicate [mysql_fetch_array() expects parameter 1 to be resource, boolean given in select](http://stackoverflow.com/questions/2973202/mysql-fetch-array-expects-parameter-1-to-be-resource-boolean-given-in-select?answertab=votes#tab-top). — John Conde, Jul 15 '13 at 02:20
See [this answer](http://stackoverflow.com/a/11674313/250259) for how to troubleshoot this. — John Conde, Jul 15 '13 at 02:21

score 2 · Answer 1 · edited Jul 15 '13 at 02:23

2

You have an error in sql statement. You must quote $username, $email_code & $email in ''.

SELECT COUNT(*) FROM `users` WHERE `username` = '$username'  AND `email_code` = '$email_code' AND `email` = '$email'

So mysql_query returns false, not a resource object.

edited Jul 15 '13 at 02:23

icedwater

4,701
3
35
50

answered Jul 15 '13 at 02:18

MrSil

608
6
12

score 0 · Answer 2 · answered Jul 15 '13 at 02:20

first, avoid mysql_* functions as they're deprecated.

second, the process should be like,

we select the user_id
If number of rows fetched is 0 then no such user else we get a unique user_id

so let's write the sql considering your column name for user_id is user_id and user_id is always>0:

$q = "SELECT user_id FROM `users` WHERE `username` = '$username'  AND `email_code` = '$email_code' AND `email` = '$email'";
$r = mysql_query($q);            //warning I don't like mysql_* functions

if(mysql_num_rows($r)>0){           //we have got more than 0 rows

    $d = mysql_fetch_assoc($r);
    return $d['user_id'];

} else {                            // No such username, email, email_code combination found in database
    return 0;
}

score 0 · Accepted Answer · answered Jul 15 '13 at 02:23

Try this:

function is_valid($email_e,$email_code_e,$username_e) {

    $email = mysql_real_escape_string($email_e);
    $email_code = mysql_real_escape_string($email_code_e);
    $username = sanitize($username_e);

    $sql = "SELECT user_id FROM `users`
            WHERE `username` = $username  
              AND `email_code` = $email_code 
              AND `email` = $email";

    $result = mysql_query($sql) or die(mysql_error());

    if(mysql_num_rows($result) <= 0)
     return -1;

    return  mysql_result($result,1);

}

Boolean given where parameter should be resource

3 Answers3