|
PHP - Bindparam Not Working With Prepare($sql)
with php pdo, the bindParam is not working. The query outputs :words and instead of the $words value. How can i get this code working?
$sql = "SELECT count(*) FROM posts WHERE MATCH (comments) AGAINST (':words' IN BOOLEAN MODE)";
$stmt = $db->prepare($sql);
$stmt->bindParam(':words', $words);
$stmt->execute();
which code example is more safe? The code below now has $words instead of :words but is missing bindParam.
$stmt = $db->prepare(SELECT count(*) FROM posts WHERE MATCH (comments) AGAINST ('$words' IN BOOLEAN MODE)");
$stmt->execute();
$words is passed through both php $_get and $_post
Similar TutorialsHello,
I am pretty new to PDO but have heard that it is good to use prepared statements to help avoid mysql injections.
What I'm wondering is, when using prepare, does one need to bind parameters or would one be able to do something like the following without risking security?
$db = new PDO(..);
$r = $db->prepare("SELECT * FROM test WHERE col=$_POST['col']");
$r->execute();
Thanks
I'm trying to clean up all my functions with any queries which take dynamic parameters using PDO prepared statements. I originally thought I was using prepared statements and was told later I wasn't so it's been on my to-do list to go and clean them up. I have cleaned up a lot of them and tested them and they are working fine. This one is giving me a problem though..
/*fetch production data*/
if( isset( $field ) && isset( $type ) && isset( $value ) ) {
$sql = 'SELECT id, job_number, enterprise, description, line_item, as400_ship_date
FROM production_data
WHERE :field :type :value
ORDER BY enterprise, job_number, line_item LIMIT :offset, :records_per_page';
$stmt = $pdo->prepare($sql);
$stmt->execute( [ 'field' => $field, 'type' => $type, 'value' => $value, 'offset' => $offset, 'records_per_page' => $records_per_page ] );
} else {
$sql = 'SELECT id, job_number, enterprise, description, line_item, as400_ship_date
FROM production_data
ORDER BY enterprise, job_number, line_item LIMIT '. $offset . ', '. $records_per_page;
}
It takes values from some drop downs (I'm using tabulator to generate a table and this part is related to it's pagination functions)...here is the HTML for those elements.
<div class="table-controls">
<div class="form-row">
<div class="col">
<label for="filter-field" class="col-form-label-sm">Field: </label>
<select id="filter-field" class="form-control form-control-sm">
<option></option>
<option value="Job Number">Job Number</option>
<option value="Enterprise">Enterprise</option>
</select>
</div>
<div class="col">
<label for="filter-type" class="col-form-label-sm">Type: </label>
<select id="filter-type" class="form-control form-control-sm">
<option value="like" selected="selected">Like</option>
<option value="=">Equal to</option>
</select>
</div>
<div class="col">
<label for="filter-value" class="col-form-label-sm">Value: </label>
<input id="filter-value" class="form-control form-control-sm" style="float: left;" type="text" placeholder="Value to filter...">
</div>
<div class="col d-flex align-content-end flex-wrap">
<button id="filter-clear" class="btn btn-primary btn-sm rounded-0">Clear Filters & Sorting</button>
</div>
</div>
</div>
Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? ? ORDER BY enterprise, job_number, line_item LIMIT ?, ?' at line 3 in C:\wamp64\www\test\scripts\order_status.php on line 125
I'd love to use anonymous placeholders on my ecommerce site project. I am writing half with php and half with golang. On the three examples below, when run, gives the following exception, " Error: Call to a member function execute() on string. " I tried it with a decimal too. Thanks in advance.
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
//this one calls exception
$stmt->execute();
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
//this one calls exception
$stmt->bindParam(1, $productID, PDO::PARAM_INT);
$stmt->execute();
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
//this one calls exception
$stmt->bindValue(1, $productID, PDO::PARAM_INT);
$stmt->execute();
Here is the rest of the code :
<?php
$filename = "";
$keyword1 = $_GET['keyword'];
$titleOfSelectedDropDown = $_GET['val1'];
$fileID = "";
$imageID = "a";
$displayID = "";
$keyword1 = "test";
$titleOfSelectedDropDown = "cc";
$host = 'localhost';
$user = 'root';
$pass = '';
$database = 'ecommerce';
$options = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_EMULATE_PREPARES => false
);
$gKeyword1 = "";
$gKeyword2 = "";
$gKeyword3 = "";
$key1ID = "";
$key2ID = "";
$key3ID = "";
$string1 = "<center><h1><u>Search Results</u><h1></center></p>";
$dbo = new PDO("mysql:host=$host;dbname=$database", $user, $pass, $options);
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
$test = "1";
$stmt->execute([ $test ]);
Edited March 17 by JoshEir mistake Hello, I have this code
<?php
$stmt = $db->prepare("INSERT INTO `members` (`playername`,`player_login_name`,`player_login_pass`,`my_email`,
`my_gender`,`signup_IP`,`signup_time`)
VALUES(?,?,?,?,?,?,?)");
$stmt->bind_param("ssssssi",$_POST['email'],$_POST['email'],md5($_POST['pass']),$_POST['email'],$_POST['gender'],$_POST['REMOTE_ADDR'],time());
$stmt->execute();
$stmt->close();
?>
and i will not insert into my database. I have check the syntax and there is no error, can anyore help me
thanks
Hey, I am coding this forum and the following PDO prepare query calls the topic details. The prepare query works perfectly well, however when I add it into a function within another class and then call it, the script does not seem to work. I get errors like the following: Fatal error: Call to a member function fetch() on a non-object in C:\wamp\www\new\sources\forum\new.php on line 117 The prepare query fails to excute, this is because I do not know how to add it into a function. This is what I tried: Code: [Select] class FUNC { function userDetails($table, $column, $cVaulue, $oBy, $ASDSC) { global $dbh; $sth = $dbh->prepare('SELECT * FROM `'.$table.'` WHERE `'.$column.'` = '.$cVaulue.' ORDER BY `'.$oBy.'` '.$ASDSC.''); $sth->bindParam(':id', $id, PDO::PARAM_INT); $sth->execute(); } } The FUNC class is called as the $load variable, and in my forum class I have decalred it in my global so the variable can be passed: Code: [Select] $id = $forum_data['id']; $load->userDetails('db_topics', 't_forum_id', ':id', 't_whenlast', 'DESC'); $coll=$sth->fetch(PDO::FETCH_ASSOC); $this->html->RightForum($coll); The code is very silly, but the fact is I did not know how to do this.. Please help me put this query into a function because I need to make use of it in many other parts of the forum and I don't want to constantly declare this query. I have this at the top of my index.php:
<?php
session_start();
// start of script every time.
// setup a path for all of your canned php scripts
$php_scripts = '/home/larry/web/test/php/'; // a folder above the web accessible tree
// load the pdo connection module
require $php_scripts . 'PDO_Connection_Select.php';
require $php_scripts . 'GetUserIpAddr.php';
//*******************************
// Begin the script here
$ip = GetUserIpAddr();
if (!$pdo = PDOConnect("foxclone")):
{
echo "Failed to connect to database" ;
exit;
}
else:
{
$stmt = $pdo->prepare("INSERT INTO 'download' ('IP_ADDRESS', 'FILENAME') VALUES (?, ?");
$stmt->bindParam(1, $ip);
$stmt->bindParam(2, $filename);
$stmt->execute();
}
endif;
//exit();
?>
I'm getting the following error at the $pdo->prepare line:
Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''download' ('IP_ADDRESS','FILENAME') VALUES (?, ?' at line 1 in /home/larry/web/test/public_html/index2.php:23
Stack trace: #0 /home/larry/web/test/public_html/index2.php(23):
PDO->prepare('INSERT INTO 'do...') #1 {main} thrown in /home/larry/web/test/public_html/index2.php on line 23
I verified the format of the statement at https://www.w3schools.com/php/php_mysql_prepared_statements.asp but am unsure if it needs to be in the PDO_Connection_Select.php, or it belongs where I have it since the db is already connected. Hi, I will be creating pdf in php using following library. http://sourceforge.net/projects/pdf-php/ After creating pdf ,I want to send PDF data in byte[] to web service. Any idea how to read pdf and prepare pdf data in byte[] array. With Kind Regards, Zohaib. hey... found this website when googling for a php help forum... hopefully this is the right place. I am about to start a major project for a new high profile company contract my company is presently bidding on. One of the requirements is a web interface to communicate between the 2 companies. I recently read (and have been reading more into it) that MDB2 is (one of) the best methods to communicate with a database (using prepared statements). It seems to be extremely popular, and not to difficult to use... however, for some reason, it just wont work for me. Code: [Select] <?php require_once '/include/MDB2.php'; function connect(){ $SQL = array( 'driver' => 'mysql', 'user' => '***', 'pass' => '***', 'host' => '127.0.0.1', 'dbname' => '***', ); $SQL['sql'] = $SQL['driver']."://".$SQL['user'].":".$SQL['pass']."@".$SQL['host']."/".$SQL['dbname']; $mdb2 = MDB2::connect($SQL['sql']); $mdb2->setOption('emulate_prepared',true); if(PEAR::isError($mdb2))die("Error while connecting : " . $mdb2->getMessage()); return $mdb2; } $mdb2 = connect(); $statement = $mdb2->prepare("INSERT INTO `test` (id,name) VALUES (?, ?)", array('integer','text'), MDB2_PREPARE_MANIP); $statement->execute(array(1,'someuser')); $statement->free(); ?> For some reason, this is not working? However if I just execute a normal query, it works no problem: Code: [Select] <?php $mdb2 = connect(); $statement = $mdb2->query("INSERT INTO `test` (id,name) VALUES (1,'someuser')"); ?> So, I am connecting properly, everything is good... but this prepared statement just hates me Any help please? Excerpts of code:
function addUser() {
$username = $_POST['username'];
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$bio = $_POST['bio'];
$email = $_POST['email'];
$c_status = 0;
//$avatar =
//$username_query = $pdo->prepare("SELECT * from profiles001 WHERE username=':username'");
//$username_query->bindValue(':username', $username);
//$username_query->execute();
$query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio) VALUES (:username, :password, :email, :cstat, :bio)");
$query->bindValue(':username', $username);
$query->bindValue(':password', $password);
$query->bindValue(':email', $email);
$query->bindValue(':cstat', $c_status);
$query->bindValue(':bio', $bio);
$query->execute();
setAvatar();
}
function setAvatar() {
// check if avatar is set, if not give default avatar
if (isset($file) && $fileError === UPLOAD_ERR_OK) {
$file = $_FILES['userfile'];
$fileName = $file['name'];
$fileTmpName = $file['tmp_name'];
$fileSize = $file['size'];
$fileError = $file['error'];
$fileType = $file['type'];
$fileExt = explode('.', $fileName);
$fileActualExt = strtolower(end($fileExt));
$allowedExtensions = array('jpg', 'jpeg', 'png');
}
// if user has not assigned avatar, assign the default.
if (empty($file)) {
$avatar = "assets/soap.jpg";
$query = $pdo->prepare("INSERT INTO profiles001 (avatar) VALUES (:avatar)");
$query->bindValue(':avatar', $avatar);
$query->execute();
}
}
addUser();
}
From the database file:
<?php
$host = "localhost";
$database = "soapbox";
$username = "drb";
$password = "m1n3craft";
// Create connection
$pdo = new PDO('mysql:host=localhost;dbname=soapbox;', $username, $password);
/*
Print error message and or code to the screen if there is an error.
*/
?>
NOTE: I also require dbcon.php at the top of the confirmation.php file which is NOT included in the excerpt at the top. Making pdo a global variable would probably fix it, but from what I heard globals are frowned upon. Hi All, I have the following code which works fine:
$mysqli = new mysqli("server", "user", "pass", "database");
if($mysqli->connect_error) {
exit('Could not connect');
}
$sql = "SELECT customer_contactname, customer_companyname, customer_phonenumber, customer_emailaddress, customer_address1, customer_address2, customer_city, customer_postcode
FROM ssm_customer WHERE customer_id = ?";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("s", $_GET['q']);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($ccontname, $ccompname, $cphoneno, $cemail, $cad1, $cad2, $ccity, $cpost);
$stmt->fetch();
$stmt->close();
however, when i use my dbconn.php as an include rather than the top section of this code, i get the following error: function prepare() on null The error references the following $stmt = $mysqli->prepare($sql); In my database connection file, i am using the following: $conn = mysqli_connect($db_servername, $db_username, $db_password, $db_name); This seems to be the issue and i believe i am mixing procedural and object based but not sure why there should be a difference here? when i used my database connection file, i do change $mysqli->prepare to $conn->prepare Kind Regards Edited February 4, 2019 by Adamhumbugi dont understand what is wrong plz help me.
here is code
$name = "img/".rand(1,9999999).".png";
$myFile = $name;
$fh = fopen($myFile, 'w') or die("can't open file");
$stringData = $html;
fwrite($fh, $stringData);
fclose($fh);
$file=$name;
$fst=file_get_contents($file);
$im=imagecreatefromstring($fst);
imagefilter($im, IMG_FILTER_GRAYSCALE);
imagefilter($im, IMG_FILTER_NEGATE);
//Convert to Grey Scale
for($i=0;$i<123;$i++){
for($j=0;$j<50;$j++){
$px=imagecolorat($im,$i,$j);
if($px<0x303030){
imagesetpixel($im,$i,$j,0);
}else{
imagesetpixel($im,$i,$j,0xffffff);
}
}
}
$database = unserialize(@file_get_contents("db.txt"));
if($database === false) $database = array();
// modify the database if needed
if($_SERVER['REQUEST_METHOD'] == 'POST'){
if($_POST['submit'] == 'Add')
$database[$_POST['ident']] = substr($_POST['letter'], 0, 1);
if($_POST['submit'] == 'Del')
unset($database[$_POST['ident']]);
if($fh = @fopen('db111.txt', 'w+')){
fwrite($fh, serialize($database));
fclose($fh);
}
}else{
$newimage = true;
}
$width = 130;
$height = 40;
$captcha_gridstart =1;
$captcha_gridspace =2;
$letters = findletters($im, $width, $height, $captcha_gridstart, $captcha_gridspace);
$count = count($letters);
$cellw = ($count > 0) ? intval(100 / $count) : 0;
//dispeckle the image and GET co-ordinates of the characters of captcha image and return them.
function findletters($image, $width, $height, $gridstart, $gridspace){
$offsets = array(); $o = 0;
$atstartx = true;
for($x = 0; $x < $width; $x++){
$blankx = true;
for($y = 0; $y < $height; $y++){
if(imagecolorat($image, $x, $y) == 0){
$blankx = false;
break;
}
}
if(!$blankx && $atstartx){
$offsets[$o]['startx'] = $x;
$atstartx = !$atstartx;
}else if($blankx && !$atstartx){
$offsets[$o]['endx'] = $x;
$atstartx = !$atstartx;
$o++;
}
}
$count = $o;
for($o = 0; $o < $count; $o++){
for($y = 0; $y < $height; $y++){
$blanky = true;
for($x = $offsets[$o]['startx']; $x < $offsets[$o]['endx']; $x++){
if(imagecolorat($image, $x, $y) == 0){
$blanky = false;
break;
}
}
if(!$blanky){
$offsets[$o]['starty'] = $y;
break;
}
}
for($y = $height-1; $y > $offsets[$o]['starty']; $y--){
$blanky = true;
for($x = $offsets[$o]['startx']; $x < $offsets[$o]['endx']; $x++){
if(imagecolorat($image, $x, $y) == 0){
$blanky = false;
break;
}
}
if(!$blanky){
$offsets[$o]['endy'] = $y;
break;
}
}
}
for($o = 0; $o < $count; $o++){
$offsets[$o]['ident'] = "";
for($x = $offsets[$o]['startx'] + $gridstart; $x < $offsets[$o]['endx']; $x += $gridspace){
for($y = $offsets[$o]['starty'] + $gridstart; $y < $offsets[$o]['endy']; $y += $gridspace){
$offsets[$o]['ident'] .= ((imagecolorat($image, $x, $y) == 0) ? "0" : "1");
#echo $offsets[$o]['ident'].'<br>';
}
}
}
return $offsets;
}
$a="";
foreach($letters as $letter){
$asciiletter = $database[$letter['ident']];
if(!empty($asciiletter)) {
$a.=$asciiletter;
}
}
http://paste.ee/p/OhiWv
The above is a link to a readable version of my code. The XMLHTTPREQUEST worked, and the array was pulled down. Was able to print out the undecoded/unparsed array. However, immediately afterwards, all code stops working.
<script>
var xhr;
if (window.XMLHttpRequest) { // Mozilla, Safari, ...
xhr = new XMLHttpRequest();
} else if (window.ActiveXObject) { // IE 8 and older
xhr = new ActiveXObject("Microsoft.XMLHTTP");
}
xhr.open("POST", "PHPLibrary/selectMemberResults.php", true);
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
xhr.send();
xhr.onreadystatechange = display_data;
var $phparray
function display_data() {
if (xhr.readyState == 4) {
if (xhr.status == 200) {
//alert(xhr.responseText);
$phparray = xhr.responseText;
document.getElementById("suggestion").innerHTML = $phparray;
//
//
//......................................................?
// The above line of code is the last thing to print or
// to do anything that returns to the browser....
//.......................................................?
// All lines below do nothing............................?
//
} else {
//alert('There was a problem with the request.');
}
}
}
document.write("Length of phparray Array :" + $phparray.length + "<");
var output = JSON.parse($phparray, function (key,val) {
if ( typeof val === 'string' ) {
// regular expression to remove extra white space
if ( val.indexOf('\n') !== -1 ) {
var re = /\s\s+/g;
return val.replace(re, ' ');
} else {
return val;
}
}
return val;
} );
document.write("Length of Array :" + $output.length + "<");
for (var i=0; i < $output.length; i++)
{
document.getElementById("suggestion").innerHTML = $output[i].MEMBER_NAME;
}
</script>
I need bit of help, so I am looking into a plugin created for newsletter where default is it shows ad but it has option to remove ads by checking the check box. Default is to send ads in newsletter but if you don't want to send ads through newsletter then check the box. The problem is, it seems like checkbox selected is not being picked up. Some help would be appreciated. The custom field in wp:
'label' => 'Hide newsletter ads',
'name' => 'hide_ads',
'type' => 'checkbox',
'instructions' => 'Checking the checkbox will remove ads',
'required' => 0,
'conditional_logic' => 0,
'wrapper' => array(
'width' => '',
'class' => '',
'id' => '',
),
'choices' => array(
'Hide newsletter ads' => 'Hide newsletter ads',
),
'allow_custom' => 0,
'default_value' => array(
),
'layout' => 'block',
'toggle' => 0,
'return_format' => 'value',
'save_custom' => 0,
),
This is the php code for it:
<!doctype html>
<html lang="en-GB">
<head>
<meta name="viewport" content="width=device-width" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="x-apple-disable-message-reformatting">
<title><?php the_title(); ?></title>
<style>
<?php require ABSPATH . 'path/newsletter.css'; ?>
</style>
<!--[if mso]>
<style type="text/css">
.outlook-fallback-font {
font-family: 'Lucida Bright', 'Cambria', -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen-Sans, Ubuntu, Cantarell, "Helvetica Neue", sans-serif;
}
</style>
<![endif]-->
</head>
<?php
$hide_newsletter_ads = get_field('hide_ads');
echo $hide_newsletter_ads;
?>
<body itemscope itemtype="http://schema.org/EmailMessage">
<div class="wrap">
<?php
if (!$hide_newsletter_ads) {
include ABSPATH . 'path/ad-banner.php';
}
?>
<div class="header">
<a href="<?php bloginfo( 'url' ); ?>">
<img src="<?php echo get_home_url().'logo.png' ?>" alt="News"
/>
</a>
</div>
<?php
if ( have_posts() ) :
while ( have_posts() ) :
the_post();
?>
<?php if ( get_field( 'newsletter_summary' ) ) { ?>
<div class="newsletter-summary"><?php the_field( 'newsletter_summary' ); ?></div>
<?php } ?>
<?php if ( have_rows( 'newsletter_content' ) ) : ?>
<?php
// Loop through the ACF blocks
$count = 0;
while ( have_rows( 'newsletter_content' ) ) :
the_row();
if ( get_row_layout() === 'story' ) :
?>
<?php if ( 0 === $count ) { ?>
<span class="date outlook-fallback-font"><?php the_time( 'd M Y' ); ?></span>
<?php } ?>
<?php if ( get_sub_field( 'story_heading' ) ) : ?>
<h1><?php the_sub_field( 'story_heading' ); ?></h1>
<?php endif; ?>
<div class="content">
<?php the_sub_field( 'story_content' ); ?>
</div>
<?php
endif;
if ( 'post_list' === get_row_layout() ) :
?>
<?php
$posts = get_sub_field( 'post_list' );
if ( $posts ) :
?>
</div>
<div class="story-list">
<h2><span class="wrap"><?php the_sub_field( 'post_list_heading' ); ?></span></h2>
<div class="wrap-table">
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<?php
// Output story cards
foreach ( $posts as $i => $post ) {
if ( 0 === $i % 2 ) {
echo '<tr>';
}
$class = ( 0 === $i % 2 ) ? 'odd' : 'even';
$image_src = wp_get_attachment_image_src( get_post_thumbnail_id( $post->ID ), array( 640, 345 ) );
$image_srcset = wp_get_attachment_image_srcset( get_post_thumbnail_id( $post->ID ) );
echo sprintf(
'<td class="story-cell %4$s" valign="top">
<a href="%1$s" class="story-card outlook-fallback-font">
<img src="%3$s" alt="" height="120" style="height: 150px; object-fit: cover;" />
<span>%2$s</span>
</a>
</td>',
esc_url( get_permalink( $post->ID ) . '?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter' ), // permalink
esc_html( get_the_title( $post->ID ) ), // title
// esc_attr( $image_src[0] ), // image - src
esc_attr( $image_src[0] ), // image - src
esc_attr( $class ) // class
);
if ( 0 !== $i % 2 || count( $posts ) === ( $i + 1 ) ) {
echo '</tr>';
}
}
?>
</table>
</div>
</div>
<div class="wrap">
<?php
endif;
endif;
if (!$hide_newsletter_ads) {
(0 === $count) {
include ABSPATH . 'path/mpu-1.php';
}
if (1 === $count) {
include ABSPATH . 'path/mpu-2.php';
}
}
$count++;
endwhile;
endif;
?>
<div class="footer">
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td align="left">
© <?php echo esc_html( date( 'Y' ) ); ?>
</td>
<td class="footer-link">
<a href="<?php echo get_permalink( get_page_by_path( 'privacy-policy' ) ); ?>">Privacy Policy</a> ·
<a href="%unsubscribe_url%">Unsubscribe</a>
</td>
</tr>
</table>
</div>
</div>
<?php
endwhile;
endif;
?>
I'm trying to turn this while loop into a for loop and am unable to get my result set to display properly in the for loop. The while works fine I just want to be able to have more control over which information is shown in my table as I loop and was wanting to use a for loop that way I can take advantage of the counter variable while i"m displaying my information. Any help would be appreciated. while ($row = mysql_fetch_assoc($data_result_set)) { echo "<td>".$row["product_id"]."</td>"; echo "<td>".$row["city"]."</td>"; echo "<td>".$row["quantity"]."</td>"; } *** I'm wanting it to look like something like this but can't figure out how to properly work in which row to display with the $i variable. $count=mysql_num_rows($data_result_set); for($i = 0; $i <= $count; $i++){ echo "<td>".mysql_fetch_assoc[$i]["product_id"]."</td>"; echo "<td>".mysql_fetch_assoc[$i]["city"]."</td>"; echo "<td>".mysql_fetch_assoc[$i]["quantity"]."</td>"; } I know the syntax for the for loop is totally off with the method mysql_fetch_assoc just dropped in there like a jerk but I'm just kinda pseudoing it out. Any help would be appreciated. Thanks in advance. When I echo the POST, it echoes the correct value. The MySQL portion seems to just ignore it all together. I've tried changing the dropdown option to just a text field, same thing occurred. I have text fields right above this particular one that update just fine with the SAME exactly scripting. if POST, update query, done. Works. This one for some reason will not. MySQL portion: if ($_POST['bUpdate']){ mysql_query("UPDATE `Patients` SET `b` = '$_POST[bUpdate]' WHERE `id` = '".$_GET['id']."'"); } echo $_POST['bUpdate']; Form Portion: Code: [Select] <tr onmouseover="color(this, '#baecff');" onmouseout="uncolor(this);"> <td width="310" colspan="2" align="center"><span class="fontoptions">Postcard Status </span><br /> <? if ($data['b'] == 1){ echo '<select name="bUpdate"><option value="1" selected>Yes</option><option value="0">No</option></select>'; } else { echo '<select name="bUpdate"><option value="1">Yes</option><option value="0" selected>No</option></select>'; } ?> </td> </tr> Hi, I have the following file structure /.htaccess /index.php /displaypage.php All files are on root. I have following written in .htaccess file Options FollowSymLinks RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^([a-z0-9-]+)$ displaypage.php?page=$1 [NC,L] I have following written in displaypage.php echo $_GET["page"]; Now when I run http://localhost/ then it shows index.php page which is correct. If I run http://localhost/something then it shows a blank page. Previously it used to display that "page" variable on screen. mod_rewrite is enabled and I am using Windows with XAMPP. What am I doing wrong? Thanks I just did a huge import from an app I have been working on. No issues except for this. I uploaded & imported all files & databases from my wampserver (localhost, local server) to my main online server. Before I continue with the problem, I have to give you info on how the files work. I am using a "controller" to view the files. Meaning, from index.php, I call all the files. For example, instead of mysite.com/register.php, its mysite.com/index.php?page=register. The index defines the doctype & html tags etc. The other files that are called through index.php are just pure php code, it does not contain the head & body tags etc. So, the issue is , when the surfer submits a form, i need to set a cookie. this cookie is VERY important. I cannot get it to work. I am getting the header warnings after submit Of course, this is to be expected. But I tried it on my local server, & it worked. I am not very familiar with cookies, this is a side of PHP i never really even touched. I know almost everything but that. So the php code is before the html code on the page, so I figured it was worth a shot. Im guessing the problem here is, since the code being outputted as index.php code + the form page code. So the cookie is being set after the html tags. How can I fix this? I need it to work thru the controller. I cannot just make it a single file, all files on the site needs to be thru this controller, otherwise it will mess everything up. Ino I could just add the code from index.php plus the form page code & just run the php code before all of the html tags, but like I said it has to be called thru index.php. I appreciate your replies, & I hope you guys dont think im an idiot & can understand my question, im terrible with words! Hello forom, I'm hoping there is help for a problem I'm facing. I need to know if I can write an addon in PHP for a script that is written in CGI. I know nothing about CGI scripts but I have a license for a brilliant search engine script that needs extra functionality, so ideally I'd like to build a mod in PHP because its the only language I half understand. The CGI script is called Poweseek SQL - Search end directory script Poweseek SQL presently takes care of all the reciprocals etc between it and the sites it links to. What I would like it to do is enable the link owners to negotiate links among themselves in an automated fashion. Is this a PHP possibilty or do I have to a) Learn CGI or b) Find a suitable PHP script and modify that. I really would like to keep Poweseek SQL if I can. It's money wasted all the time it isn't in production! Thanks for taking the time to read this, all advice welcomed navpath.php <br><br><img src='./images/nav.png'> <a href='./index.php?act=idx'><? echo FORUM_NAME; ?></a> <? if ($act != idx) { if ($act == viewforum) { $forumId = $_GET['forumid']; $PathQuery = "SELECT * FROM "+FORUM_NAME_TABLE+" WHERE forum_id='"+$forumId+"'"; $PathResult = mysql_query($PathQuery, $db); $CatID = mysql_result($PathResult, 0, 'cat_id'); $ForumTitle = mysql_result($PathResult, 0, 'forum_name'); $CatQuery = "SELECT cat_name FROM "+FORUM_CAT_TABLE+" WHERE cat_id='"+$CatID+"'"; $CatResult = mysql_query($CatQuery, $db); $CatName = mysql_result($CatResult, 0, 'cat_name'); ?> · <a href='./index.php?act=viewcat&catid="<? echo $CatID; ?>"'> <? echo $CatName; ?> · <a href='./index.php?act=viewforum&forumid="<? echo $forumId; ?>"'><? echo $ForumTitle; ?> <? } This is meant to select the information from the address bar with $_GET and then read relavent information from the db. Basically what i'm doing is making a forum system from scratch using 1 file that users will access. Heres the index page: <?php include("headers.php"); ?> <table width="760" border="0" align="center" cellpadding="3" cellspacing="0" bgcolor="#979797" height="100%" bordercolor="#000000" bordercolordark="#000000" bordercolorlight="#000000"> <tr> <td width="100%" height="100%" bgcolor="979797" bordercolor="#000000" bordercolorlight="#000000" bordercolordark="#000000" valign="top"> <!-- Header/Logo Section --> <div id="logostrip"> <center><a href="./index.php?act=idx"><img src="./images/logo.png" alt="Forum Index" Border="0"></a></center> </div> <!-- End Head/Logo --> <!-- Navigation --> <?php include("navigation.php"); ?> <!-- End Navigation --> <div align='center' style='margin-bottom:3px;'></div> <!-- User Nav --> <?php include("usernav.php"); ?> <!-- Navigation Path --> <?php include("navpath.php"); ?> </td> </tr> </table> </body> </html> <?php mysql_close($db); ?> Headers.php <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <?php session_start(); //Connect to Database and Check cookies for logged in user require_once('_connect.php'); if (!isset($_GET['act'])) { if (!isset($_POST['act'])) { $act = 'idx'; } if (isset($_POST['act'])) { $act = $_POST['act']; } } if (isset($_GET['act'])) { $page = $_GET['act']; } if (isset($_SESSION['SESS_MEMBER_ID'])) { $memid = $_SESSION['SESS_MEMBER_ID']; } if (isset($memid)) { $db = mysql_connect(MSQL_HOST, MYSQL_USER, MYSQL_PASS); mysql_select_db(MYSQL_DB_NAME); $query_meminfo = "SELECT * FROM " + MYSQL_DB_NAME + "." + MYSQL_PROFILE_TABLE + " WHERE `user_id`="+ $memid; $query_result = mysql_query($db, $query_meminfo); $MemName = mysql_result($query_result, 0, 'display_name'); $MemGroup = mysql_result($query_result, 0, 'Group'); } ?> <html> <head> <title>Rayth ..::Forum::..</title> <?php include("style.php"); ?> <base href="http://rayth.eyes2design.com/" /> </head> <body text="#000000" link="#000000" vlink="#000000" alink="#000000" leftmargin="3" topmargin="3" marginwidth="3" marginheight="0" bgcolor="979797"> _connect.php <?php //_connect.php contains all information for all databases //MySQL Login Information define('MYSQL_HOST', 'localhost'); define('MYSQL_USER', 'xxxxxxxxxx'); define('MYSQL_PASS', 'xxxxxxxxxx'); define('MYSQL_DB_NAME', 'rayth'); //Member Stuff (Forum/Member Section Tables) define('MEMBER_LOGIN_TABLE', 'user_login'); //Contains Username, Password and ID Number ONLY define('MEMBER_PROFILE_TABLE', 'user_profile'); //Contains ID, Username, Forum Posts, Avatar, Email Address , Rank, BlogID, signature define('MEMBER_GROUPS', 'user_groups'); //group list //Forum Settings define('FORUM_CAT_TABLE', 'forum_cat'); //All Forum Categories (ID, Title) define('FORUM_NAME_TABLE', 'forum_names'); //All Forums EXCEPT SUB FORUMS (ID, Title, Description, CatID, Permission [PostLevel, ReplyLevel, ViewLevel - 2 = Admin, 1 = Logged In, 0 = Guest]) define('FORUM_THREADS', 'forum_threads'); //Contains all Forum Thread (Title, ID, CreatorID) define('FORUM_POSTS', 'forum_posts'); //Contains ALL forum posts. PostID, ThreadID, PosterID, Message, Time/Date, define('FORUM_NAME', 'Rayth Forum'); ?> What it is doing so far is everything in index.php/headers.php and then when it gets to navpath.php it only displays the forum name with the initial image. Why won't it get the whole navigation path if I use adress.com/index.php?act=viewforum&forumid=1 $newsletter_settings_query = "SELECT * FROM newsletter_settings"; $newsletter_settings = mysql_query($newsletter_settings_query) or die("There was a problem with the SQL query: " . mysql_error()); $header_image = $newsletter_settings['sHeaderImage']; $header_name = $newsletter_settings['sHeaderName']; $header_text = $newsletter_settings['sHeaderText']; None of those variables are displaying data. |
|||||||