Mysql_Num_Rows(): Supplied Argument Is Not a Valid MySQL Result Resource

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource

Change $result = @mysql_query ($query);

with

$result = mysql_query ($query) or die(mysql_error());

and see if you have any errors.

EDIT:

You missed a comma after oc.price and before prd.products_id. Change your query like this:

$query = "SELECT us.users_id, us.users_first_name, us.users_surname, us.users_business, 
             ord.order_id, ord.users_id, ord.total, ord.order_date,  
             oc.oc_id, oc.order_id, oc.products_id, oc.quantity, oc.price/*here*/,/**/
             prd.products_id, prd.products_name, prd.price      
         FROM users AS us, orders AS ord, order_contents AS oc, products AS prd  
         WHERE ord.order_id=$id
         AND us.users_id = ord.users_id
         AND ord.order_id = oc.order_id
         AND oc.products_id = prd.products_id    
         ";

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource with no mysql_error()

Replace mysql_num_rows($results == 0) with mysql_num_rows($results) == 0 in your code

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource - Cannot Find a Fix

With just some standard indentation it becomes very clear what's going on, as Explosion Pills already pointed out:

<?
ob_start();
include 'easygpt_config.php';
ob_end_clean();
if (isset($_POST['login'])) {
    $username = trim($_POST['username']);
    $password = trim($_POST['password']);
    if ($username == NULL OR $password == NULL) {
        $final_report .= "Please complete both fields";
        $check_user_data = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
    } else {
        if (mysql_num_rows($check_user_data) == 0) {
            $final_report .= "This username does not exist";
        } else {
            $get_user_data = mysql_fetch_array($check_user_data) or die("A MySQL error has occurred.<br />Your Query: " . $your_query . "<br /> Error: (" . mysql_errno() . ") " . mysql_error());
            if ($get_user_data['password'] == $password) {
                $start_idsess   = $_SESSION['username'] = "" . $get_user_data['username'] . "";
                $start_passsess = $_SESSION['password'] = "" . $get_user_data['password'] . "";
                $final_report .= "<meta http-equiv='Refresh' content='0; URL=http://www.google.com>";
            }
        }
    }
}
if (isset($_SESSION['username']) && isset($_SESSION['password'])) {
}
?>  

You're executing the query (and thus setting $check_user_data) in the if block, and testing it in the else block.

Want to avoid this kind of mess in the future? Indent your code manually or get one of the bazillion code editors that can handle that chore for you. Or use one of the many online prettyprinting services (like [beta.phpformatter.com])(http://beta.phpformatter.com/).

And last but not least, stop using the deprecated mysql_ functions. Deprecated, among other things means you should not use them in new code.

I'd also suggest to forget about the more modern mysqli_ successor and skip right away to PDO - it's a modern, well designed API, usable with several database engines and last but not least, it makes working with prepared statements a breeze, and prepared statements are probably the least expensive yet most effective defense against sql injection.

Fixing the error: mysql_num_rows(): supplied argument is not a valid MySQL result resource

You are not executing the query.check this manual for more details on mysql_num_rows() ,change your code like this

$resrce =mysql_query($strSQL)
if (mysql_num_rows($resrce)==0)

Beware about mysql functions, they are insecure and deprecated. Choose mysqli or pdo

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource on line 21

From the PHP docs:

Retrieves the number of rows from a result set. This command is only valid for statements like SELECT or SHOW that return an actual result set. To retrieve the number of rows affected by a INSERT, UPDATE, REPLACE or DELETE query, use mysql_affected_rows().

PHP.net

Also, you should really be using PDO (or something like it).

Warning mysql_num_rows(): supplied argument is not a valid MySQL result

LIKE is a reserved word - escape it

$ip_sql = mysql_query("SELECT userIP FROM `like` WHERE postID='$id' AND userIP='$ip'");

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource

$row=mysql_fetch_array($results);

$sqlx="SELECT * FROM messages WHERE `sender` IN ($row)";

This will create the following query:

SELECT * FROM messages WHERE `sender` IN (Array)

This is obviously not a valid MySQL query. You have to process the array.

$sqlx = "SELECT * FROM `messages` WHERE `sender` IN ("; // start of query

foreach($row as $r)
    $sqlx .= "'".$r['username']."',"; // insert all returned usernames

$sqlx = substr($sqlx,0,-1).')'; // substract the last comma and close the query

Or, as RiaD pointed out in the comments:

$sqlx = "SELECT * FROM `messages` WHERE `sender` IN (".
        implode(',',array_map(function($x){return "'".$x['username']."'"; }, $row)).
        ")";

PS: Riad, it should be $x['username'] instead of $x and you forgot the semicolon ;)

---

Related Topics