JQuery Validation Remote and Checking DataBase PHP MySQL Error

Question

I am using the JQuery Validation Plugin. I got the remote function working with the default php file.

I modified the php file to use my own version but mysql is returning

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in    /home/fastbluf/syatch/module/1.func.php on line 15

My PHP Code is the following. All my syntax looks correct.

<?php
// Last Edited: 4/23/12
$conn = mysql_connect('localhost','hidden','hidden') or die('Iam dying');
$rs = @mysql_select_db( "hidden", $conn) or die( "Err:Db" );

$do = $_REQUEST['do'];
$email= $_REQUEST['email'];
$user= $_REQUEST['user'];

function checkInfo($do,$email,$user){
    switch ($do) {
        case 1:
            $sql = "select * from User_Base where Email_Address = $email";
            $results = mysql_query($sql). mysql_error();
            $nResults = mysql_num_rows($results);
            if ($nResults > 0) {
                $valid="false";
            } else {
                $valid="true";
            }
        break;

        case 2:
        //not yet 
        break;      
    }
    return $valid;
}
echo checkInfo($do,$email,$user);
?>

Answer 1

Fix your query to

$sql = "select * from User_Base where Email_Address = '".$email."'";

Answer 2

The problem is that you're appending to your result, causing it to no longer be a valid result.

$results = mysql_query($sql). mysql_error();

Try changing this to be something like this:

$results = mysql_query($sql) or die(mysql_error());

Your query should also be changed to quote the email address, and the address should be escaped to prevent attacks (SQL Injection):

$email = mysql_real_escape_string($_REQUEST['email']);
$sql = "select * from User_Base where Email_Address = '$email'";