Page 1 of 2
I need another set of eyes on this code...
Posted: Wed Sep 21, 2011 10:46 pm
by orbdrums
Hey all,
I am trying to use a variable ($lname) passed from a php form in a SQL query with no luck. I have some hyphenated last names in my SQL database that I want to query. If someone could take a look at my code and give me some advice it would be greatly appreciated.
$query = "SELECT * FROM Contacts.AB_Macbook WHERE (`AB_Macbook`.`Last name` LIKE '$lname')";
Thanks in advance.
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 2:38 am
by Dodon
Are you getting an error? No results? What happens if you place the SQL code in phpmyadmin does it result in an error?
Try:
Code: Select all
$query = "SELECT * FROM Contacts.AB_Macbook WHERE (`AB_Macbook`.`Last name` LIKE '%$lname%')";
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 9:03 am
by orbdrums
That's the weirdest thing. When I run this php code I get different results than when I run it in phpmyadmin. I get the results that I expect in phpmyadmin but it returns a completely different data set when I run this in my php script.
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 10:12 am
by orbdrums
Okay I figured out what data set is being returned by my SQL string in my php script. SQL is treating the string as:
Code: Select all
$query = "SELECT * FROM Contacts.AB_Macbook WHERE `Last name` = \" \"";
Instead of:
Code: Select all
$query = "SELECT * FROM Contacts.AB_Macbook WHERE `Last name` LIKE \"$lname\"";
I believe I need to do something with the variable to strip any "junk" that it may contain. When I display the variable it shows the contents properly however within the SQL string it's not functioning as though the variable contains anything but spaces. Maybe this will help with the diagnosis. Thanks again.
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 10:25 am
by Celauran
Code: Select all
$query = "SELECT foo FROM table WHERE field LIKE '{$varname}'";
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 11:31 am
by orbdrums
This may help with suggestions. Here are two lines of code that return different results:
Code: Select all
echo $lname,'is there anything here?',"<br />";
echo htmlspecialchars($_POST['lname']),' - SQL request.',"<br />";
Here are the results:
is there anything here?
- - SQL request.
The first line of code shows that $lname is blank.
The second line of code shows that $lname is equal to "-".
Any thoughts?
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 11:36 am
by Celauran
What does var_dump($lname); show?
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 12:24 pm
by orbdrums
NULL
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 12:32 pm
by Celauran
The next question, then, is where is $lname defined?
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 12:35 pm
by orbdrums
In a file called sql-form that calls contacts.php. Here is the code I use to define and capture "lname".
Code: Select all
<form id="SQLForm" name="SQLForm" method="post" action="/contacts.php">
<table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
<tr>
<th>First Name </th>
<td><input name="fname" type="text" class="textfield" id="fname" /></td>
</tr>
<tr>
<th>Last Name </th>
<td><input name="lname" type="text" class="textfield" id="lname" /></td>
</tr>
<tr>
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 12:38 pm
by Celauran
This would define $_POST['lname'] but not $lname. $_POST['lname'] also seems to be getting mangled, though. What processing is being done after the form is submitted?
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 12:54 pm
by orbdrums
Thanks man. We're getting closer. Now I have a string(1) variable $lname = '-'. I want to query my database to pull all records with a last name containing a hyphen. How do I code the wildcard % in my query?
Code: Select all
$query = "SELECT * FROM Contacts.AB_Macbook WHERE `Last name` LIKE '{$lname}'";
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 12:56 pm
by Celauran
Ah, I didn't realize you were only putting - in the lname field.
Code: Select all
$query = "SELECT foo FROM bar WHERE field = '%{$lname}%'";
Re: I need another set of eyes on this code...
Posted: Thu Sep 22, 2011 1:05 pm
by orbdrums
Well you did it. Thanks so much for your help!!
Re: I need another set of eyes on this code...
Posted: Fri Sep 23, 2011 1:52 am
by orbdrums
Is there a way to include multiple variables in a single query statement? I'm real new with this php and SQL stuff. Thanks man.