Hi. Everything seemed to be working fine. I was so happy with myself for being able to get it working. And, then I typed in the following url and get an error message. http://www.genealogymailbox.com/funeral/search.php?cid=20/ Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/melagoo/public_html/funeral/_header.php on line 39 And, afterwards on other pages I get: Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/melagoo/public_html/funeral/_header.php on line 39 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 select CT_Name from countylist where CountyID=20/ So, I uploaded an original version of header.php and then the site worked with no warning message. So, then I typed in that above url again.... and I got the same Warning message again. But, if I clean my browser history, cookies and delete files and then visit the main page of the website the warning message is gone. This other url shows that cid=20 is for Italy. http://www.genealogymailbox.com/funeneral/search.php?cid=20/ Why can't I visit a specific page (like Italy) ? I would appreciate any help or suggestions. Not really sure what I need to post here to give you enough details. Should I post the contents of header.php ? Thank you.
Change this line: $result = mysql_query("Select * from countylist where CountyID=$cid"); PHP: to $result = mysql_query("Select * from countylist where CountyID=$cid") OR die (mysql_error()); PHP: If you get an error message post it here again.
I think the problem is the url has a / at the end. http://www.genealogymailbox.com/fune...ch.php?cid=20/ If I remove the slash the url works. So, the problem probably isn't in header.php . It must be in the email that is sent out to people who want to join. That is where this url with the slash is appearing. ---- Yes, the problem was in acct_email.php I wonder why the Warning said header.php Oh, well. It's all fixed now. The email sends the correct url with no / . Thank you all for your help. Have a good evening.
My guess is that the slash is being appended to the cid parameter and this is causing the header.php file to break.
well, if there's a / that's being introduced at the end of the link, try checking from which script this slash is being introduced and remove it. It might have been used to use double quote in a double quoted code
It's all well and good to say 'try and find the place where that slash is appended' but when I see things like that, it usually says that you aren't cleaning your user input well enough... If a slash gets through, there's a good chance that a semi-colon could get through... then we have good old SQL injection to worry about! Get to and do some scrubbing of your user inputs. That's all there is to it
TwistmyArm, Hi. Well, I really wouldn't know where to start. I didn't write the script program I'm using. I really know very little about php. The guy who created it was hoping a bunch of people would get involved and help evolve the script but no one did. And, so he lost interest in the script program. So, he still makes it available for download but I think only 3 people ever downloaded it. So, there is no directions or anything about how to set it up or customize it and such. I'm just trying to customize it a bit for my use. And, finding some problems along the way. There a few bugs in the script, but overall it's good for the basic use I need it for. Thank you all for your help.