"Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource"

Question

I am getting this error:

Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource

Here's my Connection.php :

$userDB_server = "";
$userDB_user = "";
$userDB_password = "";
$userDB_database = "";
$connection = mysql_connect("$userDB_server","$userDB_user","$userDB_password") or die ("Unable to establish a DB connection");
$userDB = mysql_select_db("$userDB_database", $connection) or die ("Unable to establish a DB connection");


$gameDB_server = "";
$gameDB_user = "";
$gameDB_password = "";
$gameDB_database = "";
$gameDB_connection = mysql_connect("$gameDB_server","$gameDB_user","$gameDB_password", true) or die ("Unable to establish a DB connection");
$gameDB = mysql_select_db("$gameDB_database", $gameDB_connection) or die ("Unable to establish a DB connection");

Here's my function :

require_once('Connection.php');
$findQuery = sprintf("SELECT * FROM `Keys` WHERE `ID` = '$gID'");
$findResult = mysql_query($findQuery, $connection) or die(mysql_error());
$resultRow = mysql_fetch_assoc($findResult) or die(mysql_error());

The error is on "$findResult = mysql_query($findQuery, $connection) or die(mysql_error());" But I don't see a problem anywhere.

What I've tried :

• I've tried with and without the "true" on the second connection, didn't seem to make a difference anywhere.
• Echoing the $connection and $gameDB_connection shows nothing,
• Using var_dump on $connection shows "resource(9) of type (mysql link)"
• Removing the $connection from the mysql_query has it connect to the other DB (gameDB_connection) and I get an error that the table doesn't exist (its not on that DB).
• Adding / changing / removing the backquote ( ` ) from the query seems to have no effect on the error
• The variable $gID echo's correctly, so it's not null (its 1001 in this case)
• If I run the SELECT part in the actual sql form (instead of via php), it lists them all correctly
• The Connection.php is used in other places (one page reads from both databases at the same time) successfully. No errors anywhere else

Anyone have any idea what's wrong?

Answer 1

Based on the comments, it sounds like the problem is caused by using require_once() inside a function.

One of two thing is happening. Either:

1. You've already included Connection.php somewhere else, so when you get to the function, it's not actually included.. because of the once part of require_once.

   or...

2. It is working the first time you call the function, but the second time you call it, the file has already been included and does not get included again.

The problem is that when the file is first included (assuming that's from within this function), the $connection variable is created in the function scope, and like any other function variable, is gone at the end of the function. When you call the function a second time, the include doesn't happen because you're using require_once.

You could probably fix this by calling require() instead of require_once(), but that will end up reconnecting to the database every time you call the function - which is a lot of unnecessary overhead. It's much cleaner to just move the include outside of the function, and either pass the connection into the function, or use it as a global variable.

That would look like this:

require_once('Connection.php');

function getResult() {
    global $connection;

    $findQuery = "SELECT * FROM `Keys` WHERE `ID` = '$gID'";
    $findResult = mysql_query($findQuery, $connection) or die(mysql_error());
    $resultRow = mysql_fetch_assoc($findResult) or die(mysql_error());
} 

All that being said, there's 2 major problems with this code.

1. You're using the mysql_* functions which are deprecated and will soon be removed from new versions of PHP. See this question for more details: Why shouldn't I use mysql_* functions in PHP?

   It's not actually that hard to switch to something like the mysqli_* functions instead - there's a non-object set of functions that are almost identical to what you're using now.

2. You're including a variable in your query without properly escaping it. At the very least you should be calling mysql_real_escape_string() (or mysqli_real_escape_string()), but a better solution is to look into prepared statements. You can find more information on prepared statements here: How can I prevent SQL injection in PHP?