For loop Question

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Eildydar
Forum Newbie
Posts: 1
Joined: Wed Feb 09, 2011 3:42 pm

For loop Question

Post by Eildydar »

Hey guess I have a question about For Loops. I'm very new to php so please forgive anything stupid I am doing :) The follow code shows what I am trying to do with my for loop. It works great except that the $sizu value is spread out over all the fields. So instead of saying 150 in the first record set it prints 1 and then in the second record it prints 2 etc. Any idea what is causing this? If you need to see the rest of the code let me know I'm just trying to save bandwidth at first.

Code: Select all

for ($i=0; $i < count($var); $i++)
{
$quer = ("SELECT sbbx0, sbsizu FROM dwoshp WHERE sbfile = '$_POST[order]' and sbbrnu = '$_POST[location]' AND sbvaru = '$varu[$i]'");
$res = mysql_query($quer);
while($r = mysql_fetch_array($res)) {
    $quant = $r['sbbx0'];
    $sizu = $r['sbsizu'];
}
$query_AddDots = "INSERT INTO tempresult(variety,grade,cont, quantity, size) VALUES ('$var[$i]', '$invgrade[$i]','TP','$quant', $sizu[$i])";
$AddDots = mysql_query($query_AddDots) or die(mysql_error());
} 
User avatar
mecha_godzilla
Forum Contributor
Posts: 375
Joined: Wed Apr 14, 2010 4:45 pm
Location: UK

Re: For loop Question

Post by mecha_godzilla »

Hi,

Could you explain where you're getting the 150 value from - is this a value in your script or retrieved from the database? Also, could you explain what you mean by "the $sizu value is spread out over all the fields" as I don't understand this.

One thing I've noticed with your script is that in the first part you're declaring $sizu as a variable

Code: Select all

while($r = mysql_fetch_array($res)) {
    $quant = $r['sbbx0'];
    $sizu = $r['sbsizu'];
}
and in the next section you're trying to use it like an array

Code: Select all

$query_AddDots = "INSERT INTO tempresult(variety,grade,cont, quantity, size) VALUES ('$var[$i]', '$invgrade[$i]','TP','$quant', $sizu[$i])";
which might result in $sizu inserting a NULL character into the field in your database. To check this, try ECHOing out your query string to the browser to see whether this is the case. The alternative is to add each of the values to an array and then iterate through them once the for() loop has completed.

HTH,

Mecha Godzilla
dukesdemise
Forum Newbie
Posts: 6
Joined: Tue Jun 01, 2010 11:16 am

Re: For loop Question

Post by dukesdemise »

From a security viewpoint, its probably not a good idea to plug in $_POST variables directly into a MySQL command. You should filter the $_POST values first to make sure everything is as it should be,
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: For loop Question

Post by Jonah Bron »

@dukesdemise +1, clean it with mysql_real_escape_string().

http://php.net/mysql-real-escape-string
Post Reply