-3

i have created one reregistration system from which user can register there-self to use my system.

i have created one Verification process to avoid robot

Verification Process:-

i have created on column in database with 'active' name AS DEFINED '0' so what it does when the value is set to be '0' that means user has not activated his/her account so he can't login into my system. If value set to be '1' then account activated and he/she can use the system now.

To set the AS DEFINED value to 1 i have created on function through which i sending out an Email to user's entered email address while reregistration process with random email_code. once he hit that code in URL then AS DEFINED value will be Changed to 1.

Now i stuck with and error i have spend hours to figure out the solution for this

Error :

Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\pratik\minimal\core\functions\users.php on line 123

Code :

function activate($email, $email_code) {
    $email = mysql_real_escape_string($email);
    $email_code = mysql_real_escape_string($email_code);

    if(mysql_result(mysql_query("SELECT COUNT(`registration_id`) FROM `register` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0") or die(mysql_error()), 0) == 1) {
    mysql_query("UPDATE `register` SET `active` = 1 WHERE `email` = '$email'");
    return true;
    } else {
    return false;
    }
}

Please help !!

Phil
  • 141,914
  • 21
  • 225
  • 223
Pratik Verma
  • 15
  • 4
  • Hi Mike thanks for marking the question as duplicate i have lost my numbers. but as mention in my post i have spend almost 3 hours to get the solution but nothing worked out. Duplicate Question is also not working. Thanks anyways... – Pratik Verma Sep 12 '14 at 03:35
  • 2
    why `mysql_result(mysql_query(` this is confusing – meda Sep 12 '14 at 03:36
  • 2
    If you've been spending hours on it you should try and debug it a little by splitting out that long line: (mysql_result(mysql_query("SELECT COUNT(`registration_id`) FROM `register` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0") or die(mysql_error()), 0) == 1) A lot going on there. Can you do the query by itself, set the result (count) to a variable, var_dump it and die, see what you've got... Then compare the variable result in an if statement. – klidifia Sep 12 '14 at 03:36
  • 1
    **I'll break it down for you:** Your first query is failing. No ifs or buts, that is where the issue lies, so it returns a boolean which produces the error you are seeing because `mysql_result` WANTS (and needs) a mysql resource to fetch the results. Run the query seperately and debug that, once you fix that, you should have your issue sorted out. – Darren Sep 12 '14 at 03:38
  • The error means that the argument passed to `mysql_result` function was NOT a valid statement handle; and that means that mysql_query didn't produce a statement handle. Break that up into steps. Set the sql text. var_dump it. test the statement from mysql client. call mysql_query function on separate line, assign return to variable. check if the variable is false, and call mysql_error function to get error message. then call mysql_result. break up the code and find out where the problem is. and for the love of all that is good and beautiful, STOP using the deprecated mysql interface. – spencer7593 Sep 12 '14 at 03:41

1 Answers1

1

You are directly passing a boolean value into mysql_result.

Any argument that looks like <statement> or <statement> is a boolean. You have

mysql_query(...) or die(...)

If your query doesn't error, this will return true. Yet another reason or die() must die.

Here's a simple example to demonstrate what I mean ~ https://eval.in/192040

Also, something something mysql extension something something officially deprecated something something unmaintained

To solve this, I would simple switch to mysqli or PDO and use exception handling. To enable it in mysqli, simply run this before you create your connection

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

Then you can simply use

$stmt = $mysqli->prepare('SELECT 1 FROM `register` WHERE `email` = ? AND `email_code` = ? AND `active` = 0');
$stmt->bind_param('ss', $email, $email_code); // no need to run these through real_escape_string
$stmt->execute();
return $stmt->fetch();

and any errors will be thrown as exceptions (which you can try and catch if you like).

Phil
  • 141,914
  • 21
  • 225
  • 223