-4

what is error in this code output is

Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\xamp\htdocs\LMS\LMS\all_books.php on line 60

<?php
$sql1=mysql_query("SELECT COUNT(*) FROM book_list where book_id=$id AND status=0 AND item_type=0 AND condition='new'");
$count1 = mysql_result($sql1, 0, 0);
echo $count1;
?>
chris85
  • 23,846
  • 7
  • 34
  • 51
RaB
  • 1
  • 1
    Your query failed for some reason. Do some error reporting on the `mysql_query` exeuction. – chris85 Oct 28 '16 at 01:59
  • 1
    https://dev.mysql.com/doc/refman/5.5/en/keywords.html `condition` is reserved so it needs to be in backticks. – chris85 Oct 28 '16 at 02:05
  • **WARNING**: If you're just learning PHP, please, do not use the [`mysql_query`](http://php.net/manual/en/function.mysql-query.php) interface. It’s so awful and dangerous that it was removed in PHP 7. A replacement like [PDO is not hard to learn](http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/) and a guide like [PHP The Right Way](http://www.phptherightway.com/) explains best practices. Your user parameters are **not** [properly escaped](http://bobby-tables.com/php) and there are [SQL injection bugs](http://bobby-tables.com/) that can be exploited. – tadman Oct 28 '16 at 02:11
  • Aha, @Fred -ii- I was looking for that dup for a few minutes, can never find it. – chris85 Oct 28 '16 at 02:18

1 Answers1

0

The function mysql_result() expects a resource (a mysql result-set) as its first parameter but has instead been supplied with a boolean (true/false) value.

This is likely because your SQL query is malformed (condition is a reserved keyword); You ought to enclose your table and column names in backticks, for example:

SELECT COUNT(*) FROM `book_list` WHERE `book_id`=$id AND `status`=0 AND `item_type`=0 AND `condition`='new'
Drefetr
  • 412
  • 2
  • 7