Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /herm

lewisj86

I am a newbie when it comes to .PHP, i am trying to write a simple email confirmation page but when i try and run it i get the following error message.

Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /hermes/bosoraweb068/b2713/ipg.snappitcom/register/confirm.php on line 63

My code is:

<?php

include ('../classes/config.php');

$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());


if (isset($_GET['email']) && preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/',
$_GET['email'])) {
$email = $_GET['email'];
}
if (isset($_GET['key']) && (strlen($_GET['key']) == 32))
{
$key = $_GET['key'];

}
if (isset($email) && isset($key)) {

$account = "UPDATE $table SET activation=NULL WHERE (email ='$email' AND activation='$key') LIMIT 1";
$result = mysql_query($link, $account);

if (mysql_affected_rows($link) == 1)
 {
 echo '<div>Your account is now active. <a href="login.php">Log in</a></div>';
} else {
 echo '<div>Oops !</div>';
 }
 mysql_close($link);
} else {
 echo '<div>Error Occured .</div>';

}
?>

Can anyone help me.

Thanks

Lewis

bradgrafelman

First problem I note is that you're using the [man]mysql[/man] extension which has been outdated and deprecated for some time now. Instead, you should be using something like [man]MySQLi[/man] or [man]PDO[/man]. See [man]mysqlinfo.api.choosing[/man] for more info.

Next major problem I see is that user-supplied input should never be placed directly into a SQL query, else your code will be vulnerable to SQL injection attacks and/or just plain SQL errors. Instead, you must first sanitize the data (e.g. with [man]mysqli_real_escape_string/man for string data) or by using prepared statements.

Finally, note that you should always be checking to see if your SQL query was executed successfully before you attempt to do anything with it (or a result set you expect it to generate).

lewisj86

Thanks for the reply i will update the site to accommodate these suggestions. Once done do you think that will rectify the problem?
Thanks
Lewis

Derokorian

Also note, the actual problem referenced in the error is due to supplying the arguments to mysql_query out of order.

lewisj86

I have it sorted now thanks you all for your help! 🙂