Hey. I am making a "Version 2.0" For my attack script, but I can't make it work.

This is the error I am gettin:

Warning: mysql_result(): supplied argument is not a valid MySQL result resource in

And here is the code:




I have checked the PHP Manual, but I did not find anything there :S
Thanks For All you help
//Feelay

It looks like your mysql_query is wrong. Correct me if I am wrong but I am pretty sure your use WHERE Column='$var' not WHERE Column=".$var." Also you seem to have a odd way of result. I usually do it quite differently but I am not sure what the major difference is.
Example After looking at your code a bit I realized that it seem very strange. I have never seen anyone $_Post a variable directly to a Mysql. First off it is EXTRAMLY insecure and secondly anyone that know PHP could hack it. My example above is also hack-able but you can solve that with a simple preg_replace or preg_match. I am also not quite sure why you have , 0) after your result.

Hope this helps at least a little,
Sparkx

Warning: mysql_result(): supplied argument is not a valid MySQL result resource in [file] is caused by an sql query that isn't done correctly, usually. To fix it I suggest doing what will be the SQL query firstly in a variable then using mysql_query($sqlvariable), that should solve your problem.

I did that Thanks It is working now.. but as always, I am having a new problem
The value in the database is not updating :S
here the code for the update, should'nt it work =?



This post has been edited by Feelay: Feb 3 2008, 12:01 PM

You can use the session variable directly in your code, instead of escaping your strings simply use a single quote ('), also, to prevent sql injections use the mysql_real_escape function with the data posted to your script.

And personally i always attach a die() function with the mysql_error() function to every query i make to check if every thing works fine.

Try the following:



Best regards,