Home/ Questions/Q 6059063
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T08:40:08+00:00

if ($row1>0) in my case it is. When i enter something in database it

  • 0

if ($row1>0) in my case it is.

When i enter something in database it all goes fine when i try to add the same thing again javascript reports “sucsessfuly Updated” when really nothing was added,”already in database” should be reported in its place but somehow i doesnt it seems that $row2 and $row3 are the problem…Am i missing something that could reset them back to 0 value.

if ($row1>0)
        {
         $id3=mysql_query("SELECT id FROM searchengine WHERE url='$url'");
         $runrow2=mysql_query("SELECT * FROM keywords WHERE id='$id3' AND keyword='$search'");
         $row2=mysql_num_rows($runrow2);
         $runrow3=mysql_query("SELECT * FROM tags WHERE id='$id3' AND tag='$tag'");
         $row3=mysql_num_rows($runrow3);

        if ($row2==0)
           {
           mysql_query("INSERT INTO keywords (id,keyword) VALUES ($id3,'$search')");
           }
        if ($row3==0)
           {
           mysql_query("INSERT INTO tags (id,tag) VALUES ($id3,'$tag')");
           }
           if ($row2>0 and $row3>0)
                {
                   ?>
                   <script type="text/javascript">
                   alert("Already in database.");
                   history.back();
                   </script>
                   <?php    
                }
           if ($row2==0 or $row3==0)
                {
                   ?>
                   <script type="text/javascript">
                   alert("Successfully updated.");
                   history.back();
                   </script>
                   <?php    
                }
        }
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    $id3 is being used in your code like a variable returned from mysql_query(). This is not the case. Instead, it is a mysql result resource from which you must fetch the real result row. Its’ value is simply TRUE or FALSE.

    $result = mysql_query("SELECT id FROM searchengine WHERE url='$url'");

// Retrieve the first row from your query result
$row = mysql_fetch_assoc($result);

// Obtain the `id` column from the associative array $row
// Now, $id3 contains the value you need.
$id3 = $row['id'];

// Your following two mysql_num_rows() statements should now work correctly.
$runrow2=mysql_query("SELECT * FROM keywords WHERE id='$id3' AND keyword='$search'");
$row2=mysql_num_rows($runrow2);
$runrow3=mysql_query("SELECT * FROM tags WHERE id='$id3' AND tag='$tag'");
$row3=mysql_num_rows($runrow3);

    See the documentation on mysql_query() and mysql_fetch_assoc()

    For additional info, please read up on SQL injection vulnerabilities, from which your code suffers. It is possible to hack & tamper with your database because you have not protected your query variables. At the very least you must call mysql_real_escape_string() on each of your PHP variables used as SQL query input. http://en.wikipedia.org/wiki/SQL_injection

    • 0