Hey.
I'm trying to make an activation script for a website, but for some reason my sql query is giving me errors.
$sql = 'UPDATE user
SET active = 1
WHERE (password = "$_GET[\'hash\']") AND (timestamp = ".base64_decode($_GET[\'stamp\'].")';
$result = mysql_query ($sql) or die (mysql_error());
if( mysql_num_rows($result)==1 )
{
echo'Activated succesfully!';
}
else
{
echo 'There was an error.';
}
I'm pretty new to PHP and MySql, so I can't figure this one out. A link with both "hash" and a base64 encoded timestamp leads to this page. Did I screw up with the quotation marks?
Thanks for the help!
EDIT: Oh, and here's the output of mysql_error():
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home2/smcmindi/public_html/rd/activate.php on line 13
Line 13 is:
if( mysql_num_rows($result)==1 )