error within function > php mysql_fetch_assoc

  • (2 Pages)
  • +
  • 1
  • 2

19 Replies - 2142 Views - Last Post: 09 October 2012 - 10:50 AM Rate Topic: -----

#16 unum_sanctum()  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 5
  • Joined: 08-October 12

Re: error within function > php mysql_fetch_assoc

Posted 09 October 2012 - 09:01 AM

You're missing one major point. What is the return status of the function?
if( user_exists("foobar")) 
{
   // will this ever execute? 
}
else
{ 
   // or this???
}



	function user_exists($username){
	    $username = sanitize($username);
	    $sql = "SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'";
	    $result = mysql_query($sql);
	    if(!$result) {
	        echo "There was a error in the following sql statement : <br>".$sql;
                //maybe a throw new Exception goes here
	    }
            /* start patch */
	    // Don't you want to return true or false here? 
            if( mysql_num_rows($result) > 0 ) {
              return true; 
            }else {
              return false;
            }
            /* end patch */
	}



*** EDIT ***
wow, I really am batting 1,000 today..

I didn't notice your query was "SELECT COUNT(*)" ... My patch may not work if you use COUNT(*).
Better to change your query to select an ID from the table.
Was This Post Helpful? 0
  • +
  • -

#17 Atli  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3637
  • View blog
  • Posts: 5,764
  • Joined: 08-June 10

Re: error within function > php mysql_fetch_assoc

Posted 09 October 2012 - 09:38 AM

View Postunum_sanctum(), on 09 October 2012 - 04:01 PM, said:

My patch may not work if you use COUNT(*).

It won't. A SELECT COUNT(*) will always return one row, which means you version would always return true.

View Postunum_sanctum(), on 09 October 2012 - 04:01 PM, said:

Better to change your query to select an ID from the table.

No, that's rarely a good idea. You don't fetch data from the database to count it in PHP when MySQL can easily, and more efficiently, count it for you.

You'd want to fetch the row and return based on the COUNT from MySQL:
function user_exists($username){
    // What does "sanitize" do? I don't know, but judging by the
    // name it would not be sufficient to prevent SQL Injection.
    $username = sanitize($username);

    // And so, you would have to also do this, unless this is
    // actually done inside "sanitize", in which case you should
    // consider renaming it to indidcate that.
    $username = mysql_real_escape_string($username);
    
    $sql = "SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'";
    $result = mysql_query($sql);
    if($result) {
        $row = mysql_fetch_row($result);
        return $row[0] === 1;
    } else {
        // Don't use echo or die to print errors. Use PHP's
        // trigger_error() function instead. That way, PHP can
        // either display them or log them according to the PHP
        // config. This is far better, as you can configure your
        // production servers so that the user will never see the
        // errors (which they never should), but they'll still be
        // logged.
        trigger_error("Query failed: " . mysql_error(), E_USER_WARNING);
        return null;
    }
}


Was This Post Helpful? 0
  • +
  • -

#18 unum_sanctum()  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 5
  • Joined: 08-October 12

Re: error within function > php mysql_fetch_assoc

Posted 09 October 2012 - 09:46 AM

View PostAtli, on 09 October 2012 - 09:38 AM, said:

// Don't use echo or die to print errors. Use PHP's
// trigger_error() function instead. That way, PHP can


What's great about this solution is you can use a custom error handler to catch your trigger_error() calls. Good call on the sanitize function as well.
Was This Post Helpful? 0
  • +
  • -

#19 CTphpnwb  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 2836
  • View blog
  • Posts: 9,741
  • Joined: 08-August 08

Re: error within function > php mysql_fetch_assoc

Posted 09 October 2012 - 09:47 AM

View PostJackOfAllTrades, on 09 October 2012 - 09:17 AM, said:

This was covered by RudiVisser above:

It can't be emphasized enough!
Was This Post Helpful? 0
  • +
  • -

#20 no2pencil  Icon User is offline

  • Head MFIC
  • member icon

Reputation: 5072
  • View blog
  • Posts: 26,456
  • Joined: 10-May 07

Re: error within function > php mysql_fetch_assoc

Posted 09 October 2012 - 10:50 AM

Duplicate topics merged. There is no reason to post the same question twice.
Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2