PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
// these vars (email and login), i got from a different submit form
$qry = mysql_query("SELECT * FROM users WHERE login = '$login' & email = '$email'");
while ($row = mysql_fetch_array($qry)) {
$question = $rowї'question'];
$answer = $rowї'answer'];
};
echo ("<Form action=f3.php method=post>");
echo ("<FONT COLOR=#FFFFFF>Please answer your question.</FONT>");
// this is teh place where i cant get the var to work
echo ("<P><FONT COLOR=#FFFFFF> $question</FONT>");
echo ("<BR>");
echo ("<BR><FONT COLOR=#FFFFFF> answer: </FONT>");
echo ("<BR><INPUT TYPE=text size=28 NAME=ans>");
echo ("<input type="hidden" name="question" value="$question" />");
echo ("<input type="hidden" name="login" value="$login" />");
echo ("<input type="hidden" name="email" value="$email" />");
echo ("<CENTER><INPUT TYPE=submit VALUE=Submit> <input type=reset NAME=Clear VALUE=Clear></CENTER>");
echo ("</form>");
Using mysql_fetch_assoc() instead of mysql_fetch_array() shouldn't make too much of a difference except you'll only be getting an associative array and not a numerically indiced one as well.
You're probably not getting a result from your query, try something like
$qry = mysql_query("SELECT * FROM users WHERE login = '$login' & email = '$email'");
Just a note: with a query like this, be *very* careful that $login and $email have been cleaned - they should contain no spaces, no special characters, and not be longer than their respective fields in the database.
damn i think thats the problem, when you put in your email address into the form and submit it has a mysql error becasue of the @, is there anyway i can bypass that, case i was going throught my table (users, in myphpadmin) and i tryed to select teh samethign i was oing outside and it came up with this error......
You have an error in your SQL syntax near '@yahoo.com LIMIT 0, 30' at line 1
llimllib wrote:Just a note: with a query like this, be *very* careful that $login and $email have been cleaned - they should contain no spaces, no special characters, and not be longer than their respective fields in the database.
but the problem here is teh the variable $email has a special character and if i take it out it wont find any e-mail that would match it in the database.... but if i do ahve ti in it wont match it anyway how do i get around this.
well, @ really isn't a special character; that is, you don't have to escape (\) it before putting it into a database. Sorry I wasn't more specific.
You don't need to escape them, i'm sure, because I just wrote a script to insert emails into a database (well, that's part of what it did). MySQL often gives dodgy errors that don't really stem from where the error is, so I would take errors from it with a grain of salt.
$sql = mysql_query("SELECT question, answer FROM users WHERE login = '$login' & email = '$email'");
i know you had (or someone), $sql without the mysql_query ... and had a $qry = mysql_query(sql) ... but i dont see the need to have an extra var for the hell of it...
but anyway when i output this into an echo (the $sql var) it comes up as a Resource id #2 ??? adn this problem looked similar too th one i had on my poll so i edited teh code but its still thinking the $login and $email are invalid... heres the code now...
$sql = "SELECT question, answer FROM users WHERE login = '$login' AND email = '$email'";
// opposed to this
$sql = "SELECT question, answer FROM users WHERE login = '$login' & email = '$email'";
I can't believe how easy that was and how blind I was.
know you had (or someone), $sql without the mysql_query ... and had a $qry = mysql_query(sql) ... but i dont see the need to have an extra var for the hell of it...
That was me and it wasn't for the hell of it, it was so you could print it out to the screen to check that it looked - with the php variables added - like it should. So if there was something wrong with $email and $login, like they weren't being passed or something, you'd know. Keeping the statement as a separate variable is especially useful when the SQL gets more complicated and you're adding loads of PHP vars to it. If you just whack it straight into mysql_query() you have no idea what it looks like and you're running blind.