Sessions and id not continuing

Can someone help me with this error message…I tried another layout but I think I am getting the same problem where it is not recognizing the next page of the sessions and including the id for a member to continue

Invalid query:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘Resource id #4’ at line 1 Whole query:Resource id #4

This is the page.


<?php 
session_start(); 
?> 
<?php 
ini_set ("display_errors", "1"); 
error_reporting(E_ALL); 
?>         
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<title>Welcome</title> 
</head> 

<body> 
<?php 
/* Program: login.php 
* Desc:    Displays the new member welcome page. Greets 
*            member by name and gives a choice to enter 
*            restricted section or go back to main page. 
*/ 
include('Connections/connect_to_mysql.php'); 

$id = ''; 
$firstname = ''; 
$lastname = ''; 
$country = ''; 
$email = ''; 

//Formulate Query 
//This is the best way to perform an SQL query 
$query = mysql_query("SELECT id,firstname FROM `Members` WHERE id='%s' AND firstname='%s'"); 

//Perform Query 
$result = mysql_query($query); 

//Check result 
//This shows the actual query sent to MySQL and the error. Useful for debugging. 

if(!$result){ 
    $message = 'Invalid query:' . mysql_error() . "\
"; 
    $message .= 'Whole query:' . $query; 
    die($message); 
} 
//Use result 
//Attempting to print $result won't allow access to information in the resource 
//One of the mysql result functions must be used 
//See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc. 
while($row=mysql_fetch_assoc($result)){ 
    echo Welcome, $row['firstname']; 
} 
//Free the resources associated with the result set 
mysql_free_result($result); 

?> 
<p>Your new Member accounts lets you enter the members only section 
of our web site. You'll find special discounts, a profile of matches, 
live advise from experts, and much more.</p> 
<p>Your new Member ID and password were emailed to you. Store them 
carefully for future use.</p> 
<div style="text-align: center"> 
<p style="margin-top: .5in; font-weight: bold"> 
Glad you could join us!</p> 
<form action="profile.php" method="post"> 
    <input type="submit" 
        value="Enter the Members Only Section"> 
        </form> 
<form action="index.php" method="post"> 
    <input type="submit" value="Go to Main Page"> 
    </form>         
        </div> 
</body> 
</html>

$id = ‘’; <– you don’t get the id from the session or anywhere else, so it’s always empty
$firstname = ‘’; <– the same for the firstname
$lastname = ‘’;
$country = ‘’;
$email = ‘’;

//Formulate Query
//This is the best way to perform an SQL query
$query = mysql_query(“SELECT id,firstname FROM Members WHERE id=‘%s’ AND firstname=‘%s’”); <– I guess what you want to do here, is substitute the values of $id and $firstname in the query, if so take a look at PHP: sprintf - Manual

//Perform Query
$result = mysql_query($query); <– this line is giving you the error right now, because at this point $query is not a string, but the result of a query (see line above)

Should I be putting it as
$id=$row[‘id’];
$firstname=$row[‘firstname’];

I deleted the $result=($query) line was able to get it to welcome the member but not show their Welcome, firstname. so it goes to the private sections but does not recognize their name or I guess id.

How do you know which member you’re dealing with? Do you have a login page? Do you store the id in a session?

I deleted the $result=($query) line was able to get it to welcome the member but not show their Welcome, firstname. so it goes to the private sections but does not recognize their name or I guess id.

Deleting the line that produces the error will make the script continue for sure. But it’s not the solution. The problem is that right now you’re executing a query that will never find any data (unless you have a member with id = ‘%s’ and firstname = ‘%s’

Don’t delete that line. Instead, take a look at the php manual page I linked to, and try to correct the “$query = mysql_query()” line.

this is my update and error message is

Invalid query:Query was empty Whole query:


 $query = mysql_query("SELECT id, firstname FROM `Members` WHERE $id={$_SESSION['id']}");
//Perform Query
$result=mysql_query($query);
//Check result
//This shows the actual query sent to MySQL and the error. Useful for debugging.
if(!$result){
	$message = 'Invalid query:' . mysql_error() . "\
";	$message .= 'Whole query:' . $query;	die($message);}
//Use result
//Attempting to print $result won't allow access to information in the resource
//One of the mysql result functions must be used
//See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
while($row=mysql_fetch_assoc($result)){
	echo "Welcome, $firstname";}
//Free the resources associated with the result set
mysql_free_result($result);


I went to the manual but it was to advanced for me to understand.:blush:


$query ="SELECT id, firstname FROM `Members` WHERE $id = {$_SESSION['id']}");
//Perform Query
$result = mysql_query($query);
//Check result
//This shows the actual query sent to MySQL and the error. Useful for debugging.
if (!$result) {
    $message = 'Invalid query:' . mysql_error() . "\
";    
    $message .= 'Whole query:' . $query;
    echo $message; 
}