Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Page 1 of 2 1 2 LastLast
Results 1 to 10 of 20
  1. #1
    Member
    Join Date
    Apr 2003
    Posts
    56
    Member #
    1043
    I am working on a small little ORPG demo thingy, and I working on the page where you add items! And I keep getting this error:

    "Ball1065: Query was empty"

    This is really frustrating me! I can't find whats wrong, and if you need the code here it is (warning quite long)




    I took this code out because it had security poblems the new code below is better anyways
    and if you want to see the page in action check http://www.tnrstudios.com/bb/additems.php

    Any help is appreciated! thanks
    http://www.tnrstudios.com/ - Designing the web one site at a time

  2.  

  3. #2
    Member Black Vivi's Avatar
    Join Date
    Apr 2003
    Location
    UK
    Posts
    75
    Member #
    1072
    change this:

    mysql_query("UPDATE rpg_hero SET $items='$itemname' and SET $email='$email' and SET $hp='$hp' and SET $maxhp='$maxhp' and SET unpc='$unpc' and SET $unpc2='$unpc2' and SET $unpc3='$unpc3' and SET $unpc4='$unpc4' and SET $condition='$condition' and SET $money='$money' and SET $lvl='$lvl' and SET $strength='$strength' and SET $agiliy='$agility' and SET $attack='$attack' and SET $mind='$mind' and SET $skills='$skills' and SET $id='$id' WHERE $id='3'" );
    $result = mysql_db_query ("tnrstudios", $query);
    to this:

    $query = "UPDATE rpg_hero SET $items='$itemname' and SET $email='$email' and SET $hp='$hp' and SET $maxhp='$maxhp' and SET unpc='$unpc' and SET $unpc2='$unpc2' and SET $unpc3='$unpc3' and SET $unpc4='$unpc4' and SET $condition='$condition' and SET $money='$money' and SET $lvl='$lvl' and SET $strength='$strength' and SET $agiliy='$agility' and SET $attack='$attack' and SET $mind='$mind' and SET $skills='$skills' and SET $id='$id' WHERE $id='3'";
    $result = mysql_db_query ("tnrstudios", $query);
    Download Firebird now!

  4. #3
    Member
    Join Date
    Apr 2003
    Posts
    56
    Member #
    1043
    i did that but i GET this error now:


    potion1064: You have an error in your SQL syntax near '='potion' and SET ='' and SET ='' and SET ='' and SET unpc='' and SET ='' and SE' at line 1
    http://www.tnrstudios.com/ - Designing the web one site at a time

  5. #4
    Member nepharo's Avatar
    Join Date
    Jun 2003
    Posts
    73
    Member #
    1729
    Try this. Intead of:
    mysql_query("UPDATE rpg_hero SET $items='$itemname' and SET $email='$email' ...

    like this
    mysql_query("UPDATE rpg_hero SET items='$itemname' and SET email='$email' ...
    I cannot self terminate, you must lower me into the fire.

  6. #5
    Member Black Vivi's Avatar
    Join Date
    Apr 2003
    Location
    UK
    Posts
    75
    Member #
    1072
    yea, and u have a lot of things you don't need in there, so change this:
    $query = "UPDATE rpg_hero SET $items='$itemname' and SET $email='$email' and SET $hp='$hp' and SET $maxhp='$maxhp' and SET unpc='$unpc' and SET $unpc2='$unpc2' and SET $unpc3='$unpc3' and SET $unpc4='$unpc4' and SET $condition='$condition' and SET $money='$money' and SET $lvl='$lvl' and SET $strength='$strength' and SET $agiliy='$agility' and SET $attack='$attack' and SET $mind='$mind' and SET $skills='$skills' and SET $id='$id' WHERE $id='3'";
    to this:
    $query = "UPDATE rpg_hero SET items='$itemname', email='$email', hp='$hp', maxhp='$maxhp', unpc='$unpc', unpc2='$unpc2', unpc3='$unpc3', unpc4='$unpc4', condition='$condition', money='$money', lvl='$lvl', strength='$strength', agiliy='$agility', attack='$attack', mind='$mind', skills='$skills', id='$id' WHERE id='3'";
    thats from it without doing what nepharo told u 2 do
    Download Firebird now!

  7. #6
    Member nepharo's Avatar
    Join Date
    Jun 2003
    Posts
    73
    Member #
    1729
    studios,
    You kinda have a whole in your server. I don't want to post openly. Gimme an email that I can send you a private message to.
    I cannot self terminate, you must lower me into the fire.

  8. #7
    Member
    Join Date
    Apr 2003
    Posts
    56
    Member #
    1043
    my email is tnrstudios@tnrstudios.com and thanks for the help
    http://www.tnrstudios.com/ - Designing the web one site at a time

  9. #8
    WDF Staff Wired's Avatar
    Join Date
    Apr 2003
    Posts
    7,657
    Member #
    1234
    Liked
    138 times
    Is it a well known hole? Hope I don't have any in my DB
    The Rules
    Was another WDF member's post helpful? Click the like button below the post.

    Admin at houseofhelp.com

  10. #9
    Member
    Join Date
    Apr 2003
    Posts
    56
    Member #
    1043
    its directory listing.
    http://www.tnrstudios.com/ - Designing the web one site at a time

  11. #10
    Member
    Join Date
    Apr 2003
    Posts
    56
    Member #
    1043
    gah!

    I changed my code to this:


    <?php



    if ($submit == "click"){


    echo"<b><h2>Thank You!<h5><br><br>$itemname";

    $name = $name;
    $email = $email;
    $hp = $hp;
    $maxhp = $maxhp;
    $mp = $mp;
    $maxmp = $maxmp;
    $unpc = $unpc;
    $unpc2 = $unpc2;
    $unpc3 = $unpc3;
    $unpc4 = $unpc4;
    $condition = $condition;
    $money = $money;
    $lvl = $lvl;
    $strength = $strength;
    $agility = $agility;
    $attack = $attack;
    $mind = $mind;
    $skills = $skills;
    $id = $id;


    $connection = mysql_connect ("$host", "$username", "$pwd");
    if ($connection == false) {
    echo mysql_errno().": ".mysql_error()."<BR>";
    exit;
    }

    $query = "UPDATE rpg_hero SET items='$itemname', email='$email', hp='$hp', maxhp='$maxhp', unpc='$unpc', unpc2='$unpc2', unpc3='$unpc3', unpc4='$unpc4', condition='$condition', money='$money', lvl='$lvl', strength='$strength', agility='$agility', attack='$attack', mind='$mind', skills='$skills', id='$id' WHERE id='3'";
    $result = mysql_db_query ("tnrstudios", $query);
    if ($result) {

    $numOfRows = mysql_num_rows ($result);
    for ($i = 0; $i < $numOfRows; $i++){
    $name = mysql_result ($result, $i, "name");
    $email = mysql_result ($result, $i, "email");
    $hp = mysql_result ($result, $i, "hp");
    $maxhp = mysql_result ($result, $i, "maxhp");
    $mp = mysql_result ($result, $i, "mp");
    $maxmp = mysql_result ($result, $i, "maxmp");
    $unpc = mysql_result ($result, $i, "unpc");
    $unpc2 = mysql_result ($result, $i, "unpc2");
    $unpc3 = mysql_result ($result, $i, "unpc3");
    $unpc4 = mysql_result ($result, $i, "unpc4");
    $condition = mysql_result ($result, $i, "condition");
    $money = mysql_result ($result, $i, "money");
    $lvl = mysql_result ($result, $i, "lvl");
    $strength = mysql_result ($result, $i, "strength");
    $agility = mysql_result ($result, $i, "agility");
    $attack = mysql_result ($result, $i, "attack");
    $mind = mysql_result ($result, $i, "mind");
    $items = mysql_result ($result, $i, "items");
    $skills = mysql_result ($result, $i, "skills");
    $id = mysql_result ($result, $i, "id");



    echo "way to go! query finished! ";


    }

    } else {
    echo mysql_errno().": ".mysql_error()."";
    }

    mysql_close ();


    }
    else{




    $connection = mysql_connect ("$host", "$username", "$pwd");
    if ($connection == false) {
    echo mysql_errno().": ".mysql_error()."<BR>";
    exit;
    }

    $query = "select * from rpg_items ORDER BY name asc";
    $result = mysql_db_query ("tnrstudios", $query);

    if ($result) {

    $numOfRows = mysql_num_rows ($result);
    for ($i = 0; $i < $numOfRows; $i++){
    $name = mysql_result ($result, $i, "name");
    $price = mysql_result ($result, $i, "price");
    $url = mysql_result ($result, $i, "url");
    $description = mysql_result ($result, $i, "description");
    $id = mysql_result ($result, $i, "id");
    $effect = mysql_result ($result, $i, "effect");
    $q_effect = mysql_result ($result, $i, "q_effect");



    echo " <form method=\"post\" action=\"additems.php\">
    <font size=2></i></b>$name:
    <input type=\"text\" name=\"itemname\" VALUE=$name></input><br><br>

    <input type=\"submit\" name=\"submit\" value=\"click\"></input>

    </form>

    ";

    }

    } else {
    echo mysql_errno().": ".mysql_error()."";
    }

    mysql_close ();




    }

    ?>

    and I now get this error:




    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/tnrstudi/www/www/bb/additems.php on line 42

    BTW - Thanks for everyones help so far, and whomever helps me with this problem I give $5 (turtle) too

    edit: Thanks James for pointing out that I had given out some secure info
    http://www.tnrstudios.com/ - Designing the web one site at a time


Page 1 of 2 1 2 LastLast

Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -6. The time now is 12:36 PM.
Powered by vBulletin® Version 4.2.3
Copyright © 2019 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com