Error of mysql_query Giving parameter error

Asked

Viewed 7 times

-1

//Connect to mysql server //Sanitize the POST values $login =($_POST['user']); $password =($_POST['password']); if($login!="" && $password!=""){ //Create query $qry="SELECT * FROM customerinfo WHERE Username='$login' AND Password='$password'"; $result=mysql_query("SELECT * from customerinfo where Username='$login' and Password='$password' And Status <> 'Deactivated'"); $row=mysql_fetch_array($result); $count=mysql_num_rows($result); if($count==1){ session_start(); ($_SESSION['CustomerID']=$row['CustomerID']); //////////delete all in cart $del=mysql_query("delete from customercart"); echo '<meta http-equiv="refresh" content="1; url=index.php">'; echo'<font style="color:green">Login successfully. <a href="index.php">click here</a> if not redirected.</font>';

} Else{ echo'Password or wrong user! Need help ? has no kk'; } } Else{ echo'Input username and password!'; }

?></body

The error of this line as parameter error...

$result=mysql_query("SELECT * from customerinfo Where Username='$login' and Password='$password' And Status <> 'Deactivated'");

  • 1

    There are several errors in your code, first the variables are not "Sanitize", can occur sqlinjection, second, the API (functions) with prefix mysql_ are obsolete and have been removed in php7 onwards, one should use the newer prefixed API mysqli_. Third, we cannot reproduce your code, to formulate a question that people can help you is necessary to formulate a [mcve] (READ the link). Thank you for understanding.

No answers

Browser other questions tagged

You are not signed in. Login or sign up in order to post.