|
PHP - Mysql Question
Hi, wye does $link return a empty row in mysql?
Code: [Select] $link = $m[1]; $ssql = "INSERT INTO site (id, link) VALUES ('', '$link');"; mysql_query($ssql); thanks, Similar TutorialsHow can i do the sum of two numbers inside of a mysql quory, or if this is possible? Code: [Select] while($rand = mysql_fetch_array($cerereSQL)) { $pctsteaua = $rand['puncte']; echo "<pre>"; print_r ($rand); echo "</pre>"; } First i have this variable $pctsteaua who will return me a number. This number i need to use it here. Code: [Select] mysql_query ("UPDATE liga1 SET puncte='$pctsteua + 3', m='1', v='1' WHERE echipa='Steaua' "); The problem is, how i do the math inside this myslq quory to work properly and update my database not with a submited number, but with the sum between the $pctsteaua variable + 3. What will make the database take longer to load and pull data from it A database with lots of tables or a database with very few tables but a shit load of data in each table? Thanks for your reply hello , could anyone please point me on how can i read the data i input from an html page to appear on the mysql front server. ive print screen my problem this is the signup page ,where i input the user name and password here's the signup page html code """<html> <head> </head> <body> <h1>Personal Info</h1> <form name="form" method="post" action="SignUp.php"> <p>UserName:<input type="text" name="usrn" /></p> <p>Password:<input type="password" name="pass" /></p> <p><input type="submit" value="Sign Up"/> <input type="submit" value="Clear" /></p> </form> </body> </html> """"" and this is the mysqlserver ,where i want the username and password i entered to show here's the php code i wrote """"<?php $usr=$_POST["usrn"]; $pass=$_POST["pass"]; $db=mysql_connect("localhost","root",""); mysql_select_db("realestate",$db); $q="insert into Customer Values('$usr','$pass')"; mysql_query($q); mysql_close(); ?>""""" i would really appreciate any help from you guys. Thank you. Hey all. mysql_real_escape_string() seems to be working fine for me, but I'm wondering why the entries in the database don't reflect my SQL query. For example, here is the string php is sending to MYSQL: Code: [Select] insert into bands (bandname, hometown, website, creation, bio, addedon) values ('band', '\'gaewg\"f gswogsw<?php OR \'\'=\' rswaiohgri ', '', '1992', '\' OR \'\'=\'', '10182010') This has already been run through mysql_real_escape_string(), but when I go to phpmyadmin here is what I see: Code: [Select] `bands` (`id`, `bandname`, `creation`, `photo`, `bio`, `hometown`, `website`, `addedon`) VALUES (34, 'band', '1992', '', ''' OR ''''=''', '''gaewg"f gswogsw<?php OR ''''='' rswaiohgri ', '', '10182010'); My question is does it matter if it's not slashed in the database? Might be just a newbie here but isn't that how injection works? Anyhow, just let me know wise phpfreaks users. Thanks in advance. been wondering about this for a while do I need to put the escape on each WHERE? or do i really only need to put it on the $_POST i can probably understand why i need it on $_GET also after WHERE. So wondering about the session id. Code: [Select] <?php mysql_query("UPDATE systems SET homes= $homes + '".mysql_real_escape_string($_POST['homes'])."' WHERE address = '".mysql_real_escape_string($_GET['planet'])."' AND id = '".($_SESSION['user_id'])."'"); ?> Hey everyone. [= I don't have much time to read through all of the forums, because I'm on a time crunch and I'll be putting this certain project behind a couple others while I wait for some answers. This project is confusing me a bit, because I haven't worked much with arrays and the good ol' checkbox, so I need some help getting this to work. This project requires me to set-up a checkbox next to each order that was pulled off a database. You are allowed to select as many checkboxes as you'd like, and then click on the "process receipts" for all of the orders that were selected. I need to be able to have the form send me straight to a new page that pulls a loop of receipts one after another. I have the receipts built, and I can access a receipt one at a time based off the ID of a certain order, and I can easily build a loop that presents the receipts. I'm just having a problem pulling the information off the database based from the checkbox array. If you can give me some ideas on where to start with this, I'd greatly appreciate it. Note: Example is inside a hidden administrative page. Can't really give you something to play with, sorry! QQ Thanks! Alex D.A. Designing Well, basically I am making my log in script. This is my first website with php and MySQL... actually, its my first website I have done that isn't for a school project. Anywho, the problem I am having is I can't seem to verify the password of the account I am trying to log into. Here is the code snippet I am having trouble with: $usr = $_REQUEST['Username']; $pass = $_REQUEST['Password']; $pass = md5($pass); if(mysql_query('SELECT Password FROM Accounts WHERE Username = "' .$usr . '"') == $pass) { session_start(); $_SESSION['loggedin'] = yes; $_SESSION['User'] = $usr; $_POST['info'] = ("You have successfully logged in " . $usr . "."); } else { $_POST['info'] = "Username and password do not match.";} The problem is that it doesn't seem to matter if the username and password are correct, it always prints "Username and password do not match.". So, here is the table layout of 'Accounts': Did I type the mysql query wrong? Hi, I have an array that I've set up as a JSON feed API. The array pulls data from a MySQL query, one of the fields in the query ('description') contains text with escape characters. I'm just wondering how I change either the query to remove the escape characters (ie can you strip escape chars in MYSQL?) - or change the array to strip the escape chars?? Code: [Select] //Run query $result = mysql_query(' SELECT DATE_FORMAT(gl_date,"%d-%m-%Y")as "date", gl_venue as "venue", gl_city as "city", gl_postcode as "postcode", gl_text as "description", concat(DAYOFMONTH(gl_date), MONTHNAME(gl_date),".png") AS "imageName" FROM tg_gig_list where gl_date >= curdate() and gl_publish = 1 order by gl_date '); $array = array(); $array['gigs'] = array(); while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $array['gigs'][] = $row; } $output = json_encode($array); } Hey Everyone, I was hoping someone out there could help me figure something out. I am trying to create a ticket database, when I create a ticket, I give the option to upload a file, which works ok. But I am stumped at trying to display mulitply files to one ticket. If I have a ticket no 0001 and two files associted to 0001, i end up printing two 0001 tickets each with a single file. I want to print one 0001 with both files listed under it. I'm not sure if it's possible to do a while within a while so I hoping someone can help me figure that out. Thanks for your help PHP Code: <HTML><BODY><table align="center" width="600"><tr><td> <?php include 'connect.php'; // how many rows to show per page $rowsPerPage = 3; // by default we show first page $pageNum = 1; // if $_GET['page'] defined, use it as page number if(isset($_GET['page'])) { $pageNum = $_GET['page']; } // counting the offset $offset = ($pageNum - 1) * $rowsPerPage; $query = " SELECT tickets.ticketno, tickets.tickettitle, tickets.customer, tickets.status, tickets.dateresolved, tickets.datecreated, tickets.description, files.name, files.content FROM tickets LEFT JOIN files ON tickets.ticketno=files.ticketno ORDER BY ticketno LIMIT $offset, $rowsPerPage"; $result = mysql_query($query) or die('Error, query failed'); while($row = mysql_fetch_array($result)) { echo "<table align='center'><tr><td colspan='2'><img src='images\line_v9.gif'></td></tr>"; echo "<tr><td> <b>Ticket No -- " . $row['ticketno'] . "</b></td><td> Ticket Title -- " . $row['tickettitle'] . "</td></tr>"; echo "<tr><td> Customer -- " . $row['customer'] . "</td><td> Description -- " . $row['status'] . "</td></tr>"; echo "<tr><td> Date Resolved -- " . $row['dateresolved'] . "</td><td> Date Created -- ". $row['datecreated'] ."</td></tr>"; echo "<tr><td colspan='2'> Description -- " . $row['description'] . "</td></tr>"; echo "<tr><td colspan='2'> </td></tr><tr><td colspan='2'> <b>Reference Documents</b> </td></tr>"; echo "<tr><td> File -- " . $row['name'] . "</td><td> <a href='http://www.dbitpro.com/csp/files/" . $row['name'] . "'>Download Here</a></td></tr></table>"; } $query = " SELECT files.*, tickets.* FROM files,tickets WHERE tickets.ticketno=files.ticketno"; $result = mysql_query($query) or die('Error, query failed'); while($row = mysql_fetch_array($result)) { echo "<table><tr><td> File -- " . $row['name'] . "</td><td> Ticketno" . $row['ticketno'] . "</td></tr></table>"; } // how many rows we have in database $query = "SELECT COUNT(ticketno) AS numrows FROM tickets"; $result = mysql_query($query) or die('Error, query failed'); $row = mysql_fetch_array($result, MYSQL_ASSOC); $numrows = $row['numrows']; // how many pages we have when using paging? $maxPage = ceil($numrows/$rowsPerPage); // print the link to access each page $self = $_SERVER['PHP_SELF']; // creating previous and next link // plus the link to go straight to // the first and last page if ($pageNum > 1) { $page = $pageNum - 1; $prev = " <a href=\"$self?page=$page\">[Prev]</a> "; $first = " <a href=\"$self?page=1\">[First Page]</a> "; } else { $prev = ' '; // we're on page one, don't print previous link $first = ' '; // nor the first page link } if ($pageNum < $maxPage) { $page = $pageNum + 1; $next = " <a href=\"$self?page=$page\">[Next]</a> "; $last = " <a href=\"$self?page=$maxPage\">[Last Page]</a> "; } else { $next = ' '; // we're on the last page, don't print next link $last = ' '; // nor the last page link } // print the navigation link echo $first . $prev . " Showing page $pageNum of $maxPage pages " . $next . $last; // and close the database connection mysql_close($con) ?> </td></tr></table> </BODY></HTML> This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=354997.0 On my main page of my forum, it shows the total amount of Posts and Topics on board, and it selects these from a query IBF_STATS,. and I was just wondering, do you think it would be more improvement wize to edit each time somone post's you use fwrite, and make it add +1 into the .txt on the server, then just extract the .txt contents to show on the main page, so you do not have to use a mysql query, do you think it would beneficial or no? Is reading from a .txt a strain on a server or alot easier then comparing 1 simple (kinda long) mysql query? Greetings, I'm building a very basic form and one of the checks I want to preform is far more difficult for me than I would have imagined. I am not very proficient (at all) with php, any help would be extremely appreciated. All I am trying to do is add a test/check with an error that the end user would see if they are trying to 'check out' a unit number that has already been checked out and has not been flagged as not 'returned'. Here is the snippet in question: Code: [Select] $checkunitid = $_POST['uniid']; //checkexists($checkunitid); $q="select unit_id from check_in_out where `returned` = 'N' and unit_id = '" . $uniid . "'" function checkexists() { $result = mysql_query($q) or die(mysql_error()); if($row = mysql_fetch_array($result)) { return 1; } return 0; } if (checkexists()) { echo "<font size=7 color=red>record exists</font>"; exit(); } I have a script that displays a certain result set, the row I am concerned about is called 'endonum'. Some rows will have the same number in this field. Is there a way to only show 1 result with the same number in this field. The array will be like '1, 2, 3, 3, 4, 4, 4, 4, 5, 5, 5' and so on, but I just want to display 1 of them, not all. Kinda confusing but maybe someone gets it. Here is the code. <?php $selectendo = mysql_query("SELECT * FROM endorse WHERE agency = '$agency' AND finalized = 'No'")or die(mysql_error()); while($showendo = mysql_fetch_array($selectendo)) { $endonumber = $showendo['endonum']; ?> <li><a href="viewendo.php?endonum=<?php echo $endonumber;?>">Endorsement Number:<?php echo $endonumber . " Date: " . $showendo['date'];?></a></li> <?php } ?> Hey y'all, I'm trying to write a PHP script for a login function. There are three elements, two text fields (username and password) and a button which calls the script. Segment from index.php file: <form action = "login.php" method = "POST"> Admin Login: <br> Username: <input type = "text" name = "usernameField"/><br> <!-- Password field--> Password: <input type = "password" name = "passwordField"/><br> <!-- Username field --> <input type = "button" value = "Login" name = "submitButton"/> <!-- Login button --> </form> Segment from login.php file: <?php $connect = mysql_connect("localhost", "root", "root"); if(!$connect){//If user can't connect to database die('Could not connect: ' . mysql_error()); //Throw an error } mysql_select_db("colin_db", $connect); //Get given username and password from username field and password field $givenUsername = $_POST["usernameField"]; $givenPassword = $_POST["passwordField"]; $myQuery = "SELECT * FROM ADMINS WHERE USERNAME = '$givenUsername' AND PASSWORD = '$givenPassword'"; $queryResult = mysql_query($myQuery); $numRows = mysql_num_rows($queryResult); if($numRows == 1){ //If the details are correct... //Reload the page and login echo "<script type = 'text/javascript'> window.location.reload() </script>"; } elseif($numRows == 0){ //Else if the details are not found //Display error accordingly echo "Details not correct!"; } mysql_close($connect); ?> The problem is, when I click the login button, it doesn't do anything. What am I missing? (The information in the database is correct) Thanks, Jake Hi all, In order to teach myself php I am developing a simple cms system to display my graphic design work. Basically I am working on developing a simple portfolio website powered by a custom made CMS. So far, I can create new posts which are being stored in a MySQL db. My index page runs a sql query to get the latest posts and sorts them by category. Currently the results look like this: Quote Title1 Category A Text Title2 Category A Text Title3 Category B Text Title4 Category B Text The code to generate this looks like this: $content = mysql_query("SELECT * FROM posts ORDER BY category, date DESC"); while($row = mysql_fetch_array($content)) { echo '<h2 class="post_title">'.$row['title'].'</a></h2>'; echo '<p class="cat">category: '.$row['category'].'</p>'; echo '<p class="post_body">'.$row['body'].'</p>'; echo '<p class="image">image: '.$row['image'].'</p>'; echo '<p class="lowerlefttext_metainfo">by <span class="lowerlefttext_author">'.$row['author'].'</span> on '.$row['date'].'</p>'; } What I would like however is this: Category A Title 1 Text Title 2 Text Category B Title 3 Text Title4 Text I am not sure how to do this elegantly without having to code an sql query per category, which I don't think is efficient? Thank you! I got a script that receive info from paypal "ipn" when someone is making a payment from my shop. I wanted to edit the script a bit as i am adding a bonus system to it. After i added Quote // Bonus system vars if ($item_name == '301') { $point == "1"; } elseif ($item_name == '302') { $point == "2"; } elseif ($item_name == '303') { $point == "3"; } elseif { $point == "0"; } And Quote $bonus1 = "update Bonus set points=points+'$points' where username='$username'"; mysql_query("$bonus1"); $bonus2 = "update Bonus set points_total=points_total+'$points' where username='$username'"; mysql_query("$bonus2"); $bonus3 = "update Bonus set $item_name=$item_name+1 where username='$username'"; mysql_query("$bonus3"); The script wont work. But it does when i remove those things. I think my problem is at the if,elseif i just dont know why. Do i need to put it in some kind of while loop? Here is the full php code Code: [Select] mysql_connect('xxxxx', 'xxxx', 'xxxxxx'); $notify_email = "xxxx@xxxx"; // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } // post back to PayPal system to validate $header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30); // assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; $buyer_firstname = $_POST['first_name']; $buyer_lastname = $_POST['last_name']; $timestamp = $_POST['payment_date']; $address_street = $_POST['address_street']; $address_city = $_POST['address_city']; $address_state = $_POST['address_state']; $address_zip = $_POST['address_zip']; $username = $_POST['custom']; // Bonus system vars if ($item_name == '301') { $point == "1"; } elseif ($item_name == '302') { $point == "2"; } elseif ($item_name == '303') { $point == "3"; } elseif { $point == "0"; } mysql_select_db('redlite'); if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { if ($payment_status == 'Completed') { $sql = "insert into tblMail values ('','$txn_id','$payer_email',' $item_name','$timestamp','','','','$payment_amount $payment_currency','$buyer_firstname $buyer_lastname','$address_street $address_city , $address_state $address_zip','','','$username')"; mysql_query("$sql"); $bonus1 = "update Bonus set points=points+'$points' where username='$username'"; mysql_query("$bonus1"); $bonus2 = "update Bonus set points_total=points_total+'$points' where username='$username'"; mysql_query("$bonus2"); $bonus3 = "update Bonus set $item_name=$item_name+1 where username='$username'"; mysql_query("$bonus3"); $ttlpay_sql = "update totalpay set total=total+'$payment_amount' where id='1'"; mysql_query("$ttlpay_sql"); mail($notify_email, "CLVerified", "$res\n $req"); } else { mail($notify_email, "CLVerified - But not completed". "$res\n $req"); } } else if (strcmp ($res, "INVALID") == 0) { mail($notify_email, "CLINVALID IPN", "$res\n $req"); } } fclose ($fp); } ?> This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=306863.0 I'm trying to search the 'ad' column where 'ad' = 1 or 3 I'm having problems doing this. Here is what I currently have, but it is not bringing back 'ad' where ='1' (for obvious reasons) Quote $query = "SELECT * FROM users WHERE ad='3' AND state='$state1'"; Here is what I thought would work, but it displays every listing in my database when I do it this way. Quote $query = "SELECT * FROM users WHERE ad='3' OR ad='1' AND state='$state1'"; Thank you in advance for your answers, google is not being so kind to me right now. I am working on a quiz app image 1 shows the index.php page image 2 shows the first question image 3 shows the second question image 4 shows the third question image 5 shows the result after completing the quiz image 6 shows the database 'quizzer' and its tables image 7 shows the 'questions' table image 8 shows the 'choices' table THIS LINK CONTAIN ALL THE CODE (and images) I HAVE DONE SO FAR https://www.mediafir...o7f5q0fe6y/quiz 1.Now my question is how to select the question RANDOMLY from 'questions' table along with 'choices' (by adding code to the existing file or create a new one). 2.If user refresh/reload the page before starting ('Start Quiz') or click 'Take Again' after finishing the quiz, the question should appear randomly. 3.Basically I want to change the order of question appearing in the browser each time I refresh. 4.My work so far is mentioned above.........Please help me with this "RANDOM" problem !! P.S - Will it be possible, by creating a random function in PHP which will check for repeat questions in a session and check for the 'id' of the question and if it is new display it on the page. If so what should I do and if no then how to do? This is something I've been trying to figure out for some time. I've read blogs and other forums and am still not clear.
Seems that when I pass a variable that has Apostrophe's in the variable, from a form page to the submit page and insert it into the MySql DB table, it inserts OK without any / before the apostrophe.
On the other hand on the same submit page, there is a select query from another table and there are variables with apostrophe's. These queried variables keep the variables from the form page and the queried DB from inserting into a new table.
So I use mysql_real_escape_string () for the variables queried from the table to be inserted into the new table, don't use mysql_real_escape_string () on the variables passed frm the form page, and everything inserts into the new table just fine. Displays with no forward slashes.
My confusion comes from when to use mysql_real_escape_string (), stripslashes () and htmlspecialchars().
Also in the reading I was doing, it looks like mysql_real_escape_string () is being replaced with mysqli_real_escape_string (), but when I tried to use it on a variable queried from the DB something like
$username = mysqli_real_escape_string ( $s['username'] )( $s being 'foreach ( $result as $s )' from the select query. Thanks in advance for shedding any light on this. |
|||||||