I have a form validation page. database connection is checked. all ok. the post vasiable are also checked but still this simple program is throwing an error. $name=$_POST['username']; $pass=md5($_POST['password']); $sql="select * from admi n_user where admin_name= '".$name."' and admijn_password= '".$pass."'"; $rs=mysql_query($sql); $count=mysql_num_rows($rs); echo $count; It's just a simple program i have done this thousand time but i don't now why this is throwing a warning. Recently i have upgraded my wamp version PHP 5.3.0 Mysql 5.1.36 can any one suggest me the possible reason
Ensure that you escape user submitted data before querying, to avoid sql parsing issues, furthermore ensure the table 'admin_user' exists and the column's 'admin_name' and 'admin_password' exist. <?php $name = mysql_real_escape_string($_POST['username']); $pass = md5($_POST['password']); //change the following query to the correct table/columns if need be... $sql = "SELECT * FROM admin_user WHERE admin_name = '{$name}' AND admin_password = '{$pass}'"; $rs = mysql_query($sql); $count = mysql_num_rows($rs); echo $count; ?> PHP:
$name=$_POST['username']; $pass=md5($_POST['password']); $sql="SELECT * FROM `admin_user` WHERE `admin_name`= '".$name."' AND `admijn_password`= '".$pass."'"; $rs=mysql_query($sql); if(!$rs) { die(mysql_error()); } $count=mysql_num_rows($rs); echo $count; PHP: Try the above, even if it doesn't fix it it, it should give more information for you to work with. Furthermore, is your mysql_connect and mysql_select_db in order?
If you search for any portion of that error message you will find that it means that your query failed to execute due to an error. For debugging purposes only (remove it after you are done), echo mysql_error(); on the next line right after the line with the mysql_query() statement.