Jump to content
xisto Community
Feelay

Warning: Mysql_result(): Supplied Argument Is Not A Valid Mysql Result Resource In ... This Is for My attack Script.

Recommended Posts

Hey. I am making a "Version 2.0" For my attack script, but I can't make it work.

 

This is the error I am gettin:

 

Warning: mysql_result(): supplied argument is not a valid MySQL result resource in

 

And here is the code:

 

 

$dbQueryHealth = mysql_query("SELECT temphealth FROM characters WHERE user =". $_POST['atkuser']."");  		$currentHealth = mysql_result($dbQueryHealth, 0); 		$dbQueryExp = mysql_query("SELECT exp FROM characters WHERE user = ".$_POST['atkuser']."");  		$currentExp = mysql_result($dbQueryExp, 0);

I have checked the PHP Manual, but I did not find anything there :S

Thanks For All you help

//Feelay

Share this post


Link to post
Share on other sites

It looks like your mysql_query is wrong. Correct me if I am wrong but I am pretty sure your use WHERE Column='$var' not WHERE Column=".$var." Also you seem to have a odd way of result. I usually do it quite differently but I am not sure what the major difference is.
Example

$atkuser=$_POST['atkuser'];$row = mysql_fetch_array(mysql_query("SELECT * FROM database WHERE User='$atkuser'") or die(mysql_error()));  $EXP=$row['EXP'];
After looking at your code a bit I realized that it seem very strange. I have never seen anyone $_Post a variable directly to a Mysql. First off it is EXTRAMLY insecure and secondly anyone that know PHP could hack it. My example above is also hack-able but you can solve that with a simple preg_replace or preg_match. I am also not quite sure why you have , 0) after your result.

Hope this helps at least a little,
Sparkx

Share this post


Link to post
Share on other sites

Warning: mysql_result(): supplied argument is not a valid MySQL result resource in [file] is caused by an sql query that isn't done correctly, usually. To fix it I suggest doing what will be the SQL query firstly in a variable then using mysql_query($sqlvariable), that should solve your problem.

Share this post


Link to post
Share on other sites

I did that ;) Thanks :P It is working now.. but as always, I am having a new problem :P
The value in the database is not updating :S
here the code for the update, should'nt it work =?

$SeUs = $_SESSION['user'];$PoUS = $_POST['atkuser'];mysql_query ("UPDATE characters SET temphealth =\"{$currentHealthYou}\" WHERE user =\"{$SeUs}\"");mysql_query ("UPDATE characters SET temphealth = \"{$currentHealthEnemy}\" WHERE user =\"{$PoUs}\"");

Edited by Feelay (see edit history)

Share this post


Link to post
Share on other sites

I did that :P Thanks ;) It is working now.. but as always, I am having a new problem :PThe value in the database is not updating :S
here the code for the update, should'nt it work =?

$SeUs = $_SESSION['user'];$PoUS = $_POST['atkuser'];mysql_query ("UPDATE characters SET temphealth =\"{$currentHealthYou}\" WHERE user =\"{$SeUs}\"");mysql_query ("UPDATE characters SET temphealth = \"{$currentHealthEnemy}\" WHERE user =\"{$PoUs}\"");
You can use the session variable directly in your code, instead of escaping your strings simply use a single quote ('), also, to prevent sql injections use the mysql_real_escape function with the data posted to your script.

And personally i always attach a die() function with the mysql_error() function to every query i make to check if every thing works fine.

Try the following:

<?php$PoUS = mysql_real_escape_string($_POST['atkuser']);mysql_query ("UPDATE characters SET temphealth='$currentHealthYou' WHERE user='" . $_SESSION['user'] ."'") or die(mysql_error() );mysql_query ("UPDATE characters SET temphealth = '$currentHealthEnemy' WHERE user ='$PoUs'") or die(mysql_error());?>

Best regards,

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.