0
if (!empty($_POST)){

    $email_to=$_POST['email_to'];
    $email_to=mysql_real_escape_string($_POST['email_to']);
    
    $sql = "UPDATE `cosmos`.`members` SET `conf` = '2' WHERE `members`.`email` = '$email_to';";
    $result=mysql_query($sql) or trigger_error(mysql_error().$sql);
    
    $count=mysql_affected_rows($result);                  // line 20
    if($count==1){
    
    $rows=mysql_fetch_array($result);
    $unique=$rows['u_code'];
    $name=$rows['username'];
    // ---------------- SEND MAIL FORM ---------------- 
    $to=$email_to; 
    $subject="Your Account Password Request! - Cosmos"; 
    $header="from: Tayal's/Cosmos <cosmos@gmail.com>"; 
    $messages= "Hey $name ,\r\n";
    $messages.="You recently requested a new password";
    $messages.="<br /><a href='confirm.php?uid" . $unique . "'>Confirmation Link</a> \r\n";
    $sentmail = mail($to,$subject,$messages,$header); 
    echo $messages; 
    }   else {
    echo "Not found your email in our database";
    }


}

Warning: mysql_affected_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\a\l\forget.php on line 20

Dharman
  • 26,923
  • 21
  • 73
  • 125
Suraj
  • 934
  • 4
  • 24
  • 43
  • 1
    ``conf` = \'2\'` is a problem. That whole string is wrapped in double quotes, and you're escaping the single quotes - this isn't needed. I believe MySQL actually will receive the \ characters in the query. This would cause a SQL error. Remove the \ around the 2. Also, is `conf` truly a varchar field and not an int, even though you appear to be storing an int in it? – JAL Sep 18 '10 at 15:46
  • @Alex JL - updated that, but still getting the same error! and `conf` is an int not varchar – Suraj Sep 18 '10 at 15:58
  • If conf is an int field and not a varchar - the value should NOT be in quotes in your query. – JAL Sep 18 '10 at 18:10

3 Answers3

2

$result is false because your query is invalid (has a syntax error). Use:

$sql = "UPDATE members SET conf=2 WHERE email = '$email_to';"

(note the quotes surrounding $email_to)

Also mysql_num_rows() should be used for SELECT queries only. For UPDATE, INSERT and DELETE, use mysql_affected_rows() instead.

Finally, for future reference, if your query doesn't work, print the error and the SQL query used (something like what's on Col Shrapnel's answer). It will help you know what's wrong.

NullUserException
  • 81,190
  • 27
  • 202
  • 228
1
$result=mysql_query($sql);

to

$result=mysql_query($sql) or trigger_error(mysql_error().$sql);

and run it again

and then 

$email_to=$_POST['email_to'];

to 

$email_to=mysql_real_escape_string($_POST['email_to']);

oh yes, and there is also quotes

Your Common Sense
  • 154,967
  • 38
  • 205
  • 325
  • Notice: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'2\' WHERE `members`.`email` = 'xxx@xx.com'' at line 1UPDATE `cosmos`.`members` SET `conf` = \'2\' WHERE `members`.`email` = 'xxx@xx.com'; – Suraj Sep 18 '10 at 15:37
  • 1
    @tunetosuraj it seems you were added \ to ' around 2 somehow. it should be just conf = '2' – Your Common Sense Sep 18 '10 at 15:42
  • the above one is fixed but not `Warning: mysql_affected_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\a\l\forget.php` – Suraj Sep 18 '10 at 15:44
  • @tunetosuraj what variable do you pass to this function? can you post new code, from `$email_to=` to `mysql_affected_rows`? – Your Common Sense Sep 18 '10 at 15:49
  • @Col. Shrapnel - code is updated above – Suraj Sep 18 '10 at 16:00
  • @tunetosuraj do you get any error beside `mysql_affected_rows()` one? – Your Common Sense Sep 18 '10 at 16:05
  • @Col. Shrapnel - No, but I guess its so because it does not reach the `If (count==1)` part only – Suraj Sep 18 '10 at 16:11
  • 1
    @tunetosuraj but it does. btw, you can't fetch any data after UPDATE query. You have to rewrite your code seriously – Your Common Sense Sep 18 '10 at 16:17
  • @Col. Shrapnel - its two days that I am stuck on this code and seriously I also want to change the code but no other alternate code available,....would be glad if you could help! – Suraj Sep 18 '10 at 16:19
  • @tunetosuraj to help you, one should know what this code should actually do. – Your Common Sense Sep 18 '10 at 16:37
  • @Col. Shrapnel http://stackoverflow.com/questions/3742604/forget-password-page-using-php-mysql – Suraj Sep 18 '10 at 17:02
  • @tunetosuraj look, make it select, not update. It will both check email existence and give you info for email. and after select you can execute update as well. – Your Common Sense Sep 18 '10 at 18:20
0

The SQL you performed was not a SELECT, so no rows are returned!

fredley
  • 31,101
  • 42
  • 135
  • 231