Member Avatar for mallows.yum

hi all! i have here a code.

<?php
/**
 * Main.php
 */
include("include/session.php");
?>
<html>
<head>
<title>Export to Excel</title>
</head>
<body>
<form action="saverec.php" method="post">
<?php
    define ('DB_NAME', 'vincegac_vince');
    define ('DB_USER', 'root');
    define ('DB_PASSWORD', '');
    define ('DB_HOST', 'localhost');
    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

    if (!$link) {
        die('Could not connect: ' . mysql_error());
    }

    $db_selected = mysql_select_db(DB_NAME, $link);

    if (!$db_selected) {
        die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
    }

    $strSQL = "SELECT * FROM employee WHERE proj_mgr = '$session->username'";
    $rs = mysql_query($strSQL);

?>
<table border="1">

<tr>
    <th>Employee Name</th><th>Home Address</th><th>Email Address</th><th>Office/project number</th><th>Mobile number</th><th>Home number</th>
    <th>Position</th><th>Practice</th>
</tr> 

<?php

    while($row = mysql_fetch_array($rs)) {

?>
<tr>

    <td><?php echo $row['lname'] . ", " . $row['fname']  ?></td><td><?php echo $row['homeadd'] ?></td>
    <td><?php echo $row['emailadd'] ?></td><td><?php echo $row['ofcnum'] ?></td><td><?php echo $row['mobilenum'] ?></td>
    <td><?php echo $row['homenum'] ?></td><td><?php echo $row['position'] ?></td><td><?php echo $row['practice'] ?></td>


</tr>    

    <?php    
    } 
    ?>
    </table>
    <?php mysql_close(); ?>

    <input type="submit" name="Submit" value="Save" >
</form>
</body>
</html>

and when i execute it, i get this error

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\wamp\www\testing\export.php on line 43
  • 4 Contributors
  • 7 Replies
  • 360 Views
  • 22 Hours Discussion Span
  • Latest Post Latest Post by arunmagar
Member Avatar for mrvijayakumar

Try this,

$UserName = $session->username;
$strSQL = "SELECT * FROM employee WHERE proj_mgr = $UserName";

Member Avatar for mallows.yum

its still the same

Member Avatar for Banderson

Your query is failing here:

 $strSQL = "SELECT * FROM employee WHERE proj_mgr = '$session->username'";

Try this:

 $strSQL = "SELECT * FROM employee WHERE proj_mgr = $session->username";

If it doesn't work then you will need to be sure that the $session->username variable is not empty.

Member Avatar for mallows.yum

thank you banderson. i think its in my sql statement. i'll check and try again.

Member Avatar for arunmagar

If $session->username contains text and may contain special character also
Please try with mysql_real_escape_string before passing $session->username to a query.

Member Avatar for Banderson

@arunmagar, you are correct to sanitize the data, but be aware that mysql_real_escape_string will be deprecated as of PHP 5.5.0 release and removed in later versions.

Click Here

Edited by Banderson
Member Avatar for arunmagar

Thanks Banderson for noticing this.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.