|
PHP - Get Id From Jobs And Insert It To Bookings
Hi guys, I am trying to get data from the table "jobs" and insert its id and name into table "bookings" I can get the job "name" from "jobs", which is fine, using the following: <select class="form-control" id="tour_name" name="tour_name">
<option value="Select">== Select Tour or Charter ==</option>
<?php
$sql = "SELECT name FROM jobs";
$result = $con->query($sql);
while(list($name) = mysqli_fetch_row($result)){
?>
<option value="<?php echo $name ?>"><?php echo $name;?></option>
<?php
}
?>
</select>
However, when I click submit to insert into "bookings" everything goes in except "booking_id" which is "id" in "jobs". Hope this makes sense. I am using the following to insert: if(isset($_POST['new']) && $_POST['new']==1){
$sql = "SELECT id FROM jobs";
$result = $con->query($sql);
while(list($id) = mysqli_fetch_row($result)){
}
$tour_id = isset($_GET['id']) ? $_GET['id'] : '';
$tour_name = mysqli_real_escape_string($con, $_POST['tour_name']);
$customer_name = mysqli_real_escape_string($con, $_POST['customer_name']);
$customer_address = mysqli_real_escape_string($con, $_POST['customer_address']);
$customer_email = mysqli_real_escape_string($con, $_POST['customer_email']);
$customer_phone = mysqli_real_escape_string($con, $_POST['customer_phone']);
$total_pax = mysqli_real_escape_string($con, $_POST['total_pax']);
$status = mysqli_real_escape_string($con, $_POST['status']);
$order_at = mysqli_real_escape_string($con, date("Y-m-d H:i:s"));
$total_amount = mysqli_real_escape_string($con, $_POST['total_amount']);
$query="insert into bookings (`tour_id`, `tour_name`, `customer_name`, `customer_address`, `customer_email`, `customer_phone`, `total_pax`, `status`, `order_at`, `total_amount`)values ('$tour_id', '$tour_name', '$customer_name', '$customer_address', '$customer_email', '$customer_phone', '$total_pax', '$status', '$order_at', '$total_amount')";
mysqli_query($con,$query)
or die(mysqli_error($con));
if(mysqli_affected_rows($con)== 1 ){
$message = '<p class="text-success"><i class="fa fa-check"></i> - Record Inserted Successfully</p>';
}
}
Can anyone please lend a hand with this? 2 Days at it now and ready to hit the Guinness.
Cheers, Dan Similar TutorialsMerry Christmas All
Hope everyone here is very well today.
ok so I have a booking system where I store the id of the client, idstylist, date, start time and end time of a particular booking. Im trying to write a query that runs when placing a new booking. It basically checks that the stylist is not already busy with another client. I have a working query below
$query = sprintf("SELECT id FROM table WHERE (sys=%s AND bran=%s AND bookingDate=%s AND idstylist=%s) AND (%s BETWEEN sTime AND eTime)",Hey guys, I couldn't really think of a decent topic title for this but I hope by the end of it you'll know what I mean. Brief background: I work in an IT department in a school. I am in the process of writing a page to show room and resource booking for the current day and for the next day. There are six blocks that bookings can be made (before school, periods one-four, after school). I have written a query to display all the bookings for a given day. I have looped the six available periods to it has a header for them, and have done the same for containers for the bookings. What I am having problems with is getting it to show under the correct period for the start time and end time for the booking. For example, if a booking starts and ends period three, I want it to show just for period three. If it is a daily booking, it goes on all day. My query is this and I am happy with it - phpmyadmin display everything I want and the start time and end time are correct. Code: [Select] ( SELECT `bno` AS `bookingid`, UPPER(`whofor`) AS `name`, `timestart`, `timeend`, `where` AS `room`, '' AS `comments`, TRIM(TRAILING '||' FROM `What1`) AS `equipment`, IF(`date` = '1', '1', '1') AS `type` FROM `booked` WHERE UNIX_TIMESTAMP(CONCAT_WS('-', `year`, `month`, `day`)) = '{$time}' AND `active` = 'yes' AND `timestart` != 'all' ) UNION ( SELECT `bno` AS `bookingid`, UPPER(`whofor`) AS `name`, '1' AS `timestart`, '6' AS `timeend`, `where` AS `room`, '' AS `comments`, TRIM(TRAILING '||' FROM `What1`) AS `equipment`, IF(`date` = '1', '1', '1') AS `type` FROM `booked` WHERE UNIX_TIMESTAMP(CONCAT_WS('-', `year`, `month`, `day`)) = '{$time}' AND `active` = 'yes' AND `timestart` = 'all' ) UNION ( SELECT `bid` AS `bookingid`, UPPER(`name`), `period`, `period`, IF(`room` = '8', 'Lower Laptops', 'Middle Laptops') AS `room`, `comments` AS `comments`, '', IF(`timebooked` = '2', '2', '2') AS `type` FROM `bookedrooms` WHERE UNIX_TIMESTAMP(CONCAT_WS('-', `year`, `month`, `day`)) = '{$time}' AND `room` IN(8,9) AND `name` != 'not available' AND `active` = 'yes' ) ORDER BY `timestart`, `type` ASC $time = (isset($_GET['tomorrow'])) ? strtotime('tomorrow 00:00') : strtotime('today 00:00'); Just wondering if anybody here has ever done anything similar to this to give me a hand. Thanks in advance! Hey..
So lately I've been hooking up large requests to resque jobs in my application, for the purpose of not keeping the user(s) waiting for a longer period of time before they can continue using the application. At the same time, I have a frontend library & eventlistener alerting the users when any specific job was actually completed by the workers. I have realized however that in some cases, this doesn't pan out.
I love the idea of resque jobs, but my gut feeling is that I somehow lose control of the request I'm processing. The reason I'm posting this is because there's one part of my application that processes an insane amount of data, in a loop(!). Obviously this can take a long time, and that's to be expected. But when an error occurs along the way, I have no good way of logging it nor alerting the user about it.
Picture a scenario where a Worker is doing a Job that would take 2 minutes, and is 80% done, at which point it fails for whatever reason. How would you recommend something like this to be handled?
Obviously I get internal logs from the jobs the workers perform, but more specifically how would you catch the errors right from the script? Currently this is my setup...
try {
...//code that takes > 1min
} catch(AppException $error) {
...//Internal code error, catch
} catch(SeqDbException $dbError) {
..//DbError or Query
} catch(SystemException $exception) {
..//More severe exceptions
}
Either I'm missing a catch, or I'm missing something else. The errors rarely occur as well, so it's not easy for me to debug it or re-create them. It's very dependent on the data that is being processed.
I am looking at a website which will have a number of items on it advertised,such as:
businesses
jobs
property
etc
what I want to know is when designing the database would you have these in one table or a table for each?
Edited by brown2005, 14 October 2014 - 08:43 AM. PHP + MySQL This has been doing my head in, it has to be possible how I think it is. The thing I am trying to achieve here is let's say a list of users logged in. Now if every one would click logout and use the system correctly the world would be a better place, but they wont, we all know this. So I was thinking how to counter this and I came up with an idea, lets say in our users table we have an "ACTION" field as a timestamp (or datestamp??). So everytime the user does anything on my site, edit there profile, browse something etc etc, it updates the "ACTION" field to the current time. I was thinking in the background I could have a cron job run every.. 5 minutes? Is it possible to have it check EVERY users ACTION field and if there ACTION field is less than the current time - 5 minutes, it updates there LOGGED_IN field to like 0, which would mean they're actually not logged in anymore and would not appear in the logged in list. Someone tell me yes or no! (The main problem being having to constantly update that ACTION field) hello im having trouble with this code im not sure if you can help me but ima paste the code here and i will see what people say, the problem is this: PHP Fatal error: require(): Failed opening required '../class/class_db_mysql.php' (include_path='.:') in /var/www/vhosts/dclxvi.co.uk/httpdocs/crons/cron_day.php on line 6 my code is this: <?php include_once ('../Global/config.php'); global $_CONFIG; if($_GET['code'] != $_CONFIG['code']) { die(""); } define("MONO_ON", 1); require "../class/class_db_{$_CONFIG['driver']}.php"; $db=new database; $db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); $db->connect(); $c=$db->connection_id; $db->query("UPDATE fedjail set fed_days=fed_days-1"); $q=$db->query("SELECT * FROM fedjail WHERE fed_days=0"); $ids=array(); while($r=$db->fetch_row($q)) { $ids[]=$r['fed_userid']; } if(count($ids) > 0) { $db->query("UPDATE users SET fedjail=0 WHERE userid IN(".implode(",", $ids).")"); } $db->query("DELETE FROM fedjail WHERE fed_days=0"); $db->query("UPDATE users SET daysingang=daysingang+1 WHERE gang > 0"); $db->query("UPDATE users SET daysold=daysold+1, boxes_opened=0"); $db->query("UPDATE users SET mailban=mailban-1 WHERE mailban > 0"); $db->query("UPDATE users SET donatordays=donatordays-1 WHERE donatordays > 0"); $db->query("UPDATE users SET cdays=cdays-1 WHERE course > 0"); $db->query("UPDATE users SET bankmoney=bankmoney+(bankmoney/50) where bankmoney>0"); $db->query("UPDATE users SET cybermoney=cybermoney+(cybermoney/100*7) where cybermoney>0"); $q=$db->query("SELECT * FROM users WHERE cdays=0 AND course > 0"); while($r=$db->fetch_row($q)) { $cd=$db->query("SELECT * FROM courses WHERE crID={$r['course']}"); $coud=$db->fetch_row($cd); $userid=$r['userid']; $db->query("INSERT INTO coursesdone VALUES({$r['userid']},{$r['course']})"); $upd=""; $ev=""; if($coud['crSTR'] > 0) { $upd.=",us.strength=us.strength+{$coud['crSTR']}"; $ev.=", {$coud['crSTR']} strength"; } if($coud['crGUARD'] > 0) { $upd.=",us.guard=us.guard+{$coud['crGUARD']}"; $ev.=", {$coud['crGUARD']} guard"; } if($coud['crLABOUR'] > 0) { $upd.=",us.labour=us.labour+{$coud['crLABOUR']}"; $ev.=", {$coud['crLABOUR']} labour"; } if($coud['crAGIL'] > 0) { $upd.=",us.agility=us.agility+{$coud['crAGIL']}"; $ev.=", {$coud['crAGIL']} agility"; } if($coud['crIQ'] > 0) { $upd.=",us.IQ=us.IQ+{$coud['crIQ']}"; $ev.=", {$coud['crIQ']} IQ"; } $ev=substr($ev,1); if ($upd) { $db->query("UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET us.userid=us.userid $upd WHERE u.userid=$userid"); } $db->query("INSERT INTO events VALUES('',$userid,unix_timestamp(),0,'Congratulations, you completed the {$coud['crNAME']} and gained $ev!')"); } $db->query("UPDATE users SET course=0 WHERE cdays=0"); $db->query("TRUNCATE TABLE `votes`"); ?> Hello there.. my webhost doesn't have Cron Jobs feature.. is there any alternative php script in able to run my php script every minute ?? i have a website containing mafia game.. it's coded in php.. i tried to use Code: [Select] <META HTTP-EQUIV="Refresh" CONTENT="60; URL=http://test.com/run_minute.php">but this will work only if the user is in the existing page where this code placed.. i want it something like, the http://test.com/run_minute.php will refresh every minute.. even thou the user is not on the page.. Thank you. More power.. This topic has been moved to Linux. http://www.phpfreaks.com/forums/index.php?topic=306518.0 This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=333230.0 Basically I am setting up my own cricket management game, but there are 3 areas that I am slightly stuck on and would appreciate help: 1) When a use registers, I need to create 11 players for their team. For this, I am going to have one text files with first names and one text file with surnames. How can I open each file and select a name and then match them together? 2) I need to create the list of games to be executed at particular times through a cron job. How can I go through all the teams in a table and match them together in games, ensuring everyone plays everyone? If a new player registers, he will be put into a random league and so the games for that league will have to be redone 3) How can I set up a cron job to execute the above games? Each team should play once a day and so if there are 24 teams in a table, there will be 12 games that occur through this cron job. I assume cron jobs are the best thing for this. Any help would be appreciated. Thanks. Can anyone tell me why this is not INSERTing? My array data is coming out just fine.. I've tried everything I can think of and cannot get anything to insert.. Ahhhh! <?php $query = "SELECT RegionID, City FROM geo_cities WHERE RegionID='135'"; $results = mysqli_query($cxn, $query); $row_cnt = mysqli_num_rows($results); echo $row_cnt . " Total Records in Query.<br /><br />"; if (mysqli_num_rows($results)) { while ($row = mysqli_fetch_array($results)) { $insert_city_query = "INSERT INTO all_illinois SET state_id=$row[RegionID], city_name=$row[City] WHERE id = null" or mysqli_error(); $insert = mysqli_query($cxn, $insert_city_query); if (!$insert) { echo "INSERT is NOT working!"; exit(); } echo $row['City'] . "<br />"; echo "<pre>"; echo print_r($row); echo "</pre>"; } //while ($rows = mysqli_fetch_array($results)) } //if (mysqli_num_rows($results)) else { echo "No results to get!"; } ?> Here is my all_illinois INSERT table structu CREATE TABLE IF NOT EXISTS `all_illinois` ( `state_id` varchar(255) NOT NULL, `city_name` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; Here is my source table geo_cities structu CREATE TABLE IF NOT EXISTS `1` ( `CityId` varchar(255) NOT NULL, `CountryID` varchar(255) NOT NULL, `RegionID` varchar(255) NOT NULL, `City` varchar(255) NOT NULL, `Latitude` varchar(255) NOT NULL, `Longitude` varchar(255) NOT NULL, `TimeZone` varchar(255) NOT NULL, `DmaId` varchar(255) NOT NULL, `Code` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; I'm missing something here. I have a form, and when the submit is pressed, the relevant post data inserts into table one, then I want the last insert id to insert along with other form data into a second table. The first table's still inserting fine, but I can't get that second one to do anything. It leapfrogs over the query and doesn't give an error. EDIT: I forgot to add an error: I get: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'usage, why VALUES ('14', '', '123', '','1234', '', '')' at line 1 query:INSERT INTO tbl_donar (donar_fname, donar_name, donar_address, donar_address2, donar_city, donar_state, donar_zip, donar_email, donar_phone, donar_fax, donar_company) VALUES ('test 14', 'asdfa', 'asdf', 'adf','asdf', '', '', '', '123', '', '') Code: [Select] if (empty($errors)) { require_once ('dbconnectionfile.php'); $query = "INSERT INTO tbl_donar (donar_fname, donar_name, donar_address, donar_address2, donar_city, donar_state, donar_zip, donar_email, donar_phone, donar_fax, donar_company) VALUES ('$description12', '$sn', '$description4', '$cne','$description5', '$description6', '$description7', '$description8', '$description9', '$description10', '$description11')"; $result = @mysql_query ($query); if ($result) { $who_donated=mysql_insert_id(); $query2 = "INSERT INTO tbl_donation (donor_id, donor_expyear, donor_cvv, donor_cardtype, donor_authorization, amount, usage, why) VALUES ('$who_donated', '$donate2', '$donate3', '$donate4','$donate5', '$donate6', '$donate7')"; $result2 = @mysql_query ($query2); if ($result2) {echo "Info was added to both tables! yay!";} echo "table one filled. Table two was not."; echo $who_donated; //header ("Location: http://www.twigzy.com/add_plant.php?var1=$plant_id"); exit(); } else { echo 'system error. No donation added'; Hello, I'm having a bit of a problem here, all help to this issues would be much appreciated I am trying to use text boxes to insert numbers into the database based on what is inputed. If I have a string, like this for example: $variable = 09385493; And I want to insert it into the database like this: mysql_query("INSERT INTO integers(number) VALUES ('$variable')"); When checking the integers table in my database, looking at the number field, the $variable that was inserted is outputted as 9385493 Notice the number zero was taken out of the front of the number. If the number is double 0's (009385493), both of those zero's would disappear, too. Thanks i need the insert code I am wondering about the following problem: I have two sessions, one for the user ($_SESSION['user_id']) and second one for the products inside cart ($_SESSION['cart']). I need to insert data into table racun. I did it this way and it works, but i want to know if this can be done better? Code: [Select] while ($row=mysql_fetch_array($query)){ $id = $_SESSION['korisnik_id']; $idp = $row['product_id']; $kol = $_SESSION['cart'][$row['product_id']]['quantity'] ."<br>"; $insert = "INSERT INTO racun (product_id, quantity, korisnik_id) VALUES ('$idp', '$kol', '$id') "; $result = mysql_query($insert); } hey developers,
i have problem to get last insert id. btw.. i try to put that code on my mvc creation.
on register_model page i write like this:
public function numbering(){ $sth = $this->db->prepare('SELECT * FROM member_data'); $result = $this->db->lastInsertId(); return $result; } and for the controllers page, i write the code like this: $c = $this->model->numbering(); foreach ($c as $key => $value) { $data = $result('id'); } $abc['member_id'] = $data; but i didn't get the results,.. can you help me? i am trying to update a column in the database. I can update int columns but what about text? i want to update it so that the new text is added to it while keeping the old one. Here is what i have(which isnt working): mysql_query("UPDATE ".DB_PREFIX."posts SET post_content = '$old_content' + '".$_POST['test']."' WHERE post_id = '$double_post_id'") or die(mysql_error()); i have also tried: SET post_content = post_content + '".$_POST['test']."' but that didnt work either. What should i be doing? Just a quick question I have a form, couple of drop down boxes, input fields etc.. at the end is the submit button. now my question is should my insert into database sqls go before the submit button inside the form? out side the form? after the button inside the form? If by any chance you could give me some advice on the best way to layout my sql that would be great. They are big and go into three tables, at the moment I have them as three seperate queries but I think they must be able to go into one. can someone please help me with the layout and syntax. here is what the queries look like at the moment: if ($IBselect=$_POST ['IBselect']); { //CUSTOMER $enterCust="INSERT INTO customer(username, password, title, firstName, lastName, address, town, country, postCode, phone, email, dateCust) VALUES ('$_POST[username]', '$_POST[password]', '$_POST[title]', '$_POST[firstName]', '$_POST[lastName]', '$_POST[address]', '$_POST[town]', '$_POST[country]', '$_POST[postCode]', '$_POST[phone]', '$_POST[email]', 'DATE: Auto CURDATE()', CURDATE()"; $enterCust_query=mysql_query($enterCust)or die(mysql_error()); //CARD $enterCard="INSERT INTO card(cardNumber, name, expDate, cardID) VALUES ('$_POST[cardNumber]','$_POST[name]', ' $_POST[expDate]', '$_POST[cardID]')"; $enterCard_query=mysql_query($enterCard); //BOOKING $RCenterBook=mysql_query("INSERT INTO booking (custNumber, cardID, rideName, seatNo1, seatNo2, price, price2, dateBook, ID_time_tbl) VALUES ('$custNumber', '$_POST[cardID]', '$rideName', '$_SESSION[IBextract]', '$_SESSION[IBextract2]', '$IBendPrice1', '$IBendPrice2', 'DATE: Auto CURDATE()', CURDATE()', '$_SESSION[IB_slot_Time]'"); $IBenterBooking_query=mysql_query($IBenterBook); if (!mysql_query($enterCard, $enterCust, $IBenterBook)) { die("Error:" .mysql_error()); } echo "1 record added IB"; } Thanks =) Not being able to upload images in the directory with a path name in the database? 1) This is my code for insert into the database and directory:
<?php
$host="localhost";
$username="root";
$pass="";
$db="registration";
$conn=mysqli_connect($host,$username,$pass,$db);
if(!$conn){
die("Database connection error");
}
// insert query for register page
if(isset($_POST['ronel'])){
$images = $_FILES['file']['name'];
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["file"]["name"]);
// Select file type
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Valid file extensions
$extensions_arr = array("jpg","jpeg","png","gif","pdf");
// Check extension
if( in_array($imageFileType,$extensions_arr) )
{
$details=$_POST['details'];
$location=$_POST['location'];
$checkbox=$_POST['checkbox'];
$injured=$_POST['injured'];
$agegender=$_POST['agegender'];
$contact=$_POST['contact'];
$empid=$_POST['empid'];
$dept=$_POST['dept'];
$organization=$_POST['organization'];
$summary=$_POST['summary'];
$name=$_POST['name'];
$outcome=$_POST['outcome'];
$cause=$_POST['cause'];
$action=$_POST['action'];
$reportedname=$_POST['reportedname'];
$position=$_POST['position'];
$organisation=$_POST['organisation'];
$reportedcontact=$_POST['reportedcontact'];
$reporteddept=$_POST['reporteddept'];
$status="Pending";
$comment=$_POST['comment'];
$query="INSERT INTO `proposals` (`details`,`location`,`date`,`time`,`checkbox`,`injured`,`agegender`,`contact`,`empid`,`dept` ,`organization`,`summary`,`image`,`outcome`,`cause`,`action`,`reportedname`,`position`,`organisation`,`reportedcontact`,`reporteddept`,`status`,`comment`) VALUES ('$details','$location', current_timestamp(),current_timestamp(),'$checkbox','$injured','$agegender','$contact','$empid','$dept' ,'$organization','$summary','$name','$outcome','$cause','$action','$reportedname','$position','$organisation','$reportedcontact','$reporteddept','$status','$comment')";
$res=mysqli_query($conn,$query);
if($res){
$_SESSION['success']="Not Inserted successfully!";
header('Location:');
}else{
echo "<script>alert('Proposal not applied!');</script>";
}
// Upload file
move_uploaded_file($_FILES['file']['tmp_name'],$target_dir.$image);
}
}
date_default_timezone_set("Asia/Kolkata");
?>
2) Here is the input file:
<form class="form-horizontal" method="post" action="" enctype="multipart/form-data">
<input type="hidden" name="ronel" value="">
<div class="form-group">
<label style="position:absolute; left:63%; top:425px;" for="inputEmail" class="col-lg-3"><b>Upload Images Here :</b></label><br><br>
<div class="col-lg-9">
<input style="position:absolute; left:78%; top:420px;" type="file" name="file" enctype="multipart/form-data" class="form-control" name="incident_reference" onchange="document.getElementById('inc_ref').src = window.URL.createObjectURL(this.files[0]); document.getElementById('inc_ref').className +='_active'; document.getElementById('inc_ref_span').className += '_hidden'">
</div><iframe id="inc_ref" class="form-group" width="220px" height="130px" style="position:absolute; left:78%; top:32%;"></iframe></div>
</form>
3) error code: Notice: Undefined index: name in /opt/lampp/htdocs/create-nearmiss.php on line 57 ONGC TRIPUR Edited March 28, 2020 by Ronel change of var Okay, I'm hoping one of you can help me. I have a mysql database that I have configured through phpmyadmin. I have an android app that simply makes and sends a mysql query I can get it to successfully return values when using Select statements but when I use INSERT INTO, it returns " Error Query is invalid" BUT BUT BUT, when I use the same string and enter it through the sql tab in myphpadmin it works fine ! So here is the string ( the semicolons at the end of each field name are so I can use something common to split the string up when the data arrives back on the phone) Code: [Select] randomkey||||||INSERT INTO table4 (`geolat;` , `geolong;` , `mode;` , `destgeolat;` , `destgeolong;` , `cellphone;` , `email;` , `carrego;` , `colour;` , `rating;` , `comment;`) VALUES (0.0,0.0,'driver' ,-43.54779,172.62472, , '' ,'' , 'text' , 'ratingleftblank' , 'commentblank' ) the index4.php script is as follows Code: [Select] ?php /* * Written By: * James */ /************************************CONFIG****************************************/ //DATABSE DETAILS// $DB_ADDRESS="mysql1.openhost.net.nz"; $DB_USER="bling44"; $DB_PASS="sadlyinept"; $DB_NAME="bling44"; //SETTINGS// //This code is something you set in the APP so random people cant use it. $SQLKEY="randomkey"; /************************************CONFIG****************************************/ //these are just in case setting headers forcing it to always expire and the content type to JSON header('Cache-Control: no-cache, must-revalidate'); header('Content-type: application/json'); if(isset($_POST['tag'])){ //checks ifthe tag post is there $tag=$_POST['tag']; $data=explode("||||||",$tag); //split the SQL statement from the SQLKEY if($data[0]==$SQLKEY){ ///validate the SQL key $query=$data[1]; $link = mysql_connect($DB_ADDRESS,$DB_USER,$DB_PASS); //connect ot the MYSQL database mysql_select_db($DB_NAME,$link); //connect to the right DB if($link){ $result=mysql_query($query); //runs the posted query (NO PROTECTION FROM INJECTION HERE) if($result){ if (strlen(stristr($query,"SELECT"))>0) { //tests if its a select statemnet $outputdata=array(); while ($row = mysql_fetch_assoc($result)){ $outputdata[]=$row; //formats the result set to a valid array } echo json_encode(array("VALUE",$tag,array_merge($outputdata))); //sends out a JSON result with merged output data } else { echo json_encode(array("VALUE",$tag,array_merge(array(array("AFFECTED_ROWS ".mysql_affected_rows($link)))))); //if the query is anything but a SELECT it will return the array event count } } else echo json_encode(array("VALUE",$tag,array_merge(array(array("ERROR QUERY IS INVALID"))))); //errors if the query is bad mysql_close($link); //close the DB } else echo json_encode(array("VALUE",$tag,array_merge(array(array("ERROR Database Connection Failed"))))); //reports a DB connection failure } else { echo json_encode(array("VALUE",$tag,array_merge(array(array("ERROR BAD CODE SUPPLIED"))))); //reports if the code is bad } } ?> So to reiterate. I can search the DB but can't INSERT INTO, unless I go through the myphpadmin interface. Any ideas are very much appreciated |
|||||||