-2

Warning: mysql_query() expects parameter 1 to be string, resource given in C:\xampp\htdocs\demo\mysql\login_create.php on line 26

Query failed. my Code below

  $connection = mysql_connect('localhost', 'root', '', 'loginapp');
    if($connection){
        echo "We are connected";
    }
    else{
     die("database connection failed");
    }

    $query = "INSERT INTO users(username,password)";
    $query .= "VALUES ('$username', '$password')";
    $result = mysql_query($connection, $query);
    if(!$result){
        die('Query failed' . mysql_error());
    }
}
John Joe
  • 12,412
  • 16
  • 70
  • 135
Nana Wireko Brobey IV
  • 1
  • Don't use mysql_* also where are the username and password variables defined? – Rotimi Sep 27 '17 at 03:32
  • The query string should be the first parameter, but you shouldn't use mysql_* functions as they are deprecated and are more vulnerable to sql injection. Read up on using mysqli_* functions or PDO :) – flauntster Sep 27 '17 at 03:40

2 Answers2

0

You are calling the function with the arguments in different order. Change the order this way:

$connection = mysql_connect('localhost', 'root', '', 'loginapp');
    if($connection){
        echo "We are connected";
    }
    else{
     die("database connection failed");
    }

    $query = "INSERT INTO users(username,password)";
    $query .= "VALUES ('$username', '$password')";
    $result = mysql_query($query, $connection); // <---- Here is the error
    if(!$result){
        die('Query failed' . mysql_error());
    }
}

By the way, I suggest you to do not use mysql_*, use mysqli or pdo. And use prepared statements to prevent sql injections

Hope this helps :)

Luis Cabrera Benito
  • 1,558
  • 13
  • 21
0

SQL query must be first argument.

$result = mysql_query($query, $connection);
Aurasphere
  • 3,841
  • 12
  • 44
  • 71
nithinTa
  • 1,632
  • 2
  • 16
  • 32