$data = mysql_query ("SELECT * FROM clanforum ORDER BY time WHERE clan = '$clan'");
im trying to sort the data that i get from the database but im gettin this error:
mysql_fetch_array(): supplied argument is not a valid MySQL result resource
anybody knows y?
2006-06-16 16:23:59 · 3 answers · asked by aryaxt 3 in Computers & Internet ➔ Programming & Design
SELECT * FROM clanforum WHERE clan = '$clan' ORDER BY time
i used this and it fixed the problem but it still doesnt sort the data.
(im using time stamp for time)
2006-06-16 16:38:38 · update #1
Hi , BY DEFINITION:
SELECT
[ALL | DISTINCT | DISTINCTROW ]
[HIGH_PRIORITY]
[STRAIGHT_JOIN]
[SQL_SMALL_RESULT] [SQL_BIG_RESULT] [SQL_BUFFER_RESULT]
[SQL_CACHE | SQL_NO_CACHE] [SQL_CALC_FOUND_ROWS]
select_expr, ...
[FROM table_references
[WHERE where_condition]
[GROUP BY {col_name | expr | position}
[ASC | DESC], ... [WITH ROLLUP]]
[HAVING where_condition]
[ORDER BY {col_name | expr | position}
[ASC | DESC], ...]
[LIMIT {[offset,] row_count | row_count OFFSET offset}]
[PROCEDURE procedure_name(argument_list)]
[INTO OUTFILE 'file_name' export_options
| INTO DUMPFILE 'file_name'
| INTO @var_name [, @var_name]]
[FOR UPDATE | LOCK IN SHARE MODE]]
I want to explain to you what that means...
Your syntax should be within that range, the [ ...] means OPTIONAL...
So basically it should be this: I recommend you to use this syntax to ensure sql injection free. This way it truely hides the datatype to what it should be used for.
Create a function clean the input from sql injections:
public function mClean($str) {
return "'".mysql_real_escape_string(trim($str))."'";
}
$query = sprintf('SELECT * FROM clanforum WHERE clan = %s', mClean( $clan ));
$data = mysql_query ($query);
If you have an integer instead of string for input you could use intval();
$query = sprintf('SELECT id FROM table WHERE id = %d', inval($id) );
Please note that this way is the safest way to do a query within PHP. PHP is so verstile meaning that very easy to break in. You have to ensure quality code before posting it online.
Good luck, and if ya need any help let me know!
Take care
2006-06-16 16:36:17 · answer #1 · answered by ? 6 · 0⤊ 0⤋
I expect the reason is because you are doing a few things wrong.
First, your SQL syntax is incorrect. The ORDER BY clause comes after the WHERE clause. You actually want, "SELECT * FROM clanforum WHERE clan = $clan ORDER BY time".
Second, you are not checking the return value of your mysql_query call. If you did, I suspect you'd find it is failing due to the first problem. That means it gives you back a result resource that is not appropriate to pass to mysql_fetch_array() (because the query failed; you can't go fetching results).
Hope this helps!
2006-06-16 16:28:04 · answer #2 · answered by dpawson 4 · 0⤊ 0⤋
try changing the select statement to:
select * from clanforum where clan='$clan' order by time
the order by (like the group by) always come after the where clause.
2006-06-16 16:27:31 · answer #3 · answered by LostMonkey 2 · 0⤊ 0⤋