Hi i get the following error when running the below script, As far as i can tell it is the AND statement that is causing the error as without it i dont get any error but im not sure what is wrong with it.

error - mysql_fetch_array(): supplied argument is not a valid MySQL result resource

Script -
$search = $GET["subject_id"];
$keysearch = $
GET["keystage_id"];

$stat = mysql_query("SELECT *

FROM tbl_csb

WHERE tbl_csb.subject=".$search.";

AND tbl.csb.keystage=".$keysearch."");

echo "<table width='500' border='0' align='center' cellspacing='0'>";
while($row = mysql_fetch_array($stat))

    You should use [man]isset[/man] or [man]empty[/man] to check that the incoming variables exist before using them. Then, you should use [man]mysql_real_escape_string/man to escape them before using them in the SQL statement since they are string values. In your SQL statement itself, you should quote the string values:

    if (isset($_GET['subject_id'], $_GET['keystage_id'])) {
        $search = $_GET['subject_id'];
        $keysearch = $_GET['keystage_id'];
    
    $query = sprintf("SELECT * FROM tbl_csb
        WHERE tbl_csb.subject='&#37;s' AND tbl.csb.keystage='%s'",
        mysql_real_escape_string($search),
        mysql_real_escape_string($keysearch));
    $result = mysql_query($query);
    
    echo "<table width='500' border='0' align='center' cellspacing='0'>";
    while ($row = mysql_fetch_array($result)) {
        // ...
    }
    // ...
    }

      Hi it is still not working, what i am trying to do is get a user to select certain options from a page through combo boxes and when they click on submit i want the 2nd page (where the error occurs) to take the values selected within the combo boxes and search through tbl_csb for a possible match. now when i run the script without the AND statement it works fine but with it i get the error. I'm sorry if it seems i am going around in circles but i am rairly new to php and would appreciate any help!

        What is the error now? If it is still the same error, then check your database connection, check that you selected the correct database, and check that your SQL statement is correct (e.g., tbl.csb.keystage probably should be tbl_csb.keystage).

          Parse error: parse error, unexpected $ in /var/www/html/www.kirklees-booksplus.org.uk/public_html/search/CSBm1.php on line 85, funny thing is there is nothing on line 85!

            You are probably not matching braces correctly.

              Write a Reply...