New guy, used to asp - help appriciated...
Moderator: General Moderators
-
phil speakman
- Forum Newbie
- Posts: 12
- Joined: Wed Oct 22, 2003 9:25 am
- Location: Liverpool
New guy, used to asp - help appriciated...
I have one page with this
<form name="form1" method="post" action="images.php">
Input class name here: <input type="text" name="textfield">
<input name="search_btn" type="submit" value="Find It">
</form>
being sent to images.php
which includes this
$result = @mysql_query('SELECT * from alt_bridge_pupils WHERE pupil like %.$pupil.%');
and i am recieving the error
You have an error in your SQL syntax near '%.$pupil.%' at line 1
Can anybody help??
<form name="form1" method="post" action="images.php">
Input class name here: <input type="text" name="textfield">
<input name="search_btn" type="submit" value="Find It">
</form>
being sent to images.php
which includes this
$result = @mysql_query('SELECT * from alt_bridge_pupils WHERE pupil like %.$pupil.%');
and i am recieving the error
You have an error in your SQL syntax near '%.$pupil.%' at line 1
Can anybody help??
hehe, ASP style. I also use ASP myself, but anyhow, getting back. In PHP, you do it with { and }. So:
Good luck,
-Nay
Code: Select all
$result = @mysql_query("SELECT * from alt_bridge_pupils WHERE pupil like {$_POST['pupil']}");-Nay
Last edited by Nay on Wed Oct 22, 2003 9:34 am, edited 1 time in total.
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
You need quotes around the string in the query and probably don't need the fullstops, try something like:
Always a good idea to validate user input before putting it directly into a SQL statement though...
Mac
Code: Select all
$sql = "SELECT * FROM alt_bridge_pupils WHERE pupil LIKE '%{$_POST['pupil']}%'";
$result = @mysql_query($sql) or die(mysql_error().'<p>'.$sql.'</p>');Mac
- devork
- Forum Contributor
- Posts: 213
- Joined: Fri Aug 08, 2003 6:44 am
- Location: p(h) developer's network
try this one
Code: Select all
<?php
$result = mysql_query("SELECT * from alt_bridge_pupils WHERE pupil like '%$pupil%' ") or die(mysql_error());
?>-
phil speakman
- Forum Newbie
- Posts: 12
- Joined: Wed Oct 22, 2003 9:25 am
- Location: Liverpool
ok to the first person who responded who i wanted to belive more cos i fell in love with your photo, i exchanged the lines and got this
Parse error: parse error in /data/members/free/tripod/uk/p/h/i/philspeakman/htdocs/images.php on line 19
and the second who i wanted to believe as you had more posts,
it returned all entries in the table.
Parse error: parse error in /data/members/free/tripod/uk/p/h/i/philspeakman/htdocs/images.php on line 19
and the second who i wanted to believe as you had more posts,
it returned all entries in the table.
-
phil speakman
- Forum Newbie
- Posts: 12
- Joined: Wed Oct 22, 2003 9:25 am
- Location: Liverpool
Well now i know you ain't that fit i can tell you i'm a united fan, but i hope you will still help..
First i'm not 100% that the variable is getting passed from the send page
recieve page(original)
any thought much appriciated again
First i'm not 100% that the variable is getting passed from the send page
Code: Select all
<form name="form1" method="post" action="images.php">
Input class name here: <input type="text" name="textfield">
<input name="search_btn" type="submit" value="Find It">
</form>Code: Select all
<?php
$db = @mysql_connect("localhost","philspeakman","goatboy");
if (!$db){
die('<p>Unable to connect</p>');
}
if (!@mysql_select_db("philspeakman_uk_db")){
die('<p>Unable to connect</p>');
}
?>
<p>Here is a list of the images and classes that produced them.</p>
<table>
<?php
$result = @mysql_query('SELECT * from alt_bridge_pupils WHERE pupil = %$pupil%');
if(!$result){
die('<p>Error performing task: '.mysql_error().'</p>');
}
echo($result);
while($row = mysql_fetch_array($result)){
echo('<tr><td>'.$row ї'pupil'].'</td>');
}
?>
</table>- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
Where does $pupil come from? I thought it was coming from the form but obviously didn't look closely enough at that.
Is pupil a name, an ID or what? What do you get if you separate the SQL statement from the mysql_query() call (as in my previous example) and echo it, e.g.
Mac
Is pupil a name, an ID or what? What do you get if you separate the SQL statement from the mysql_query() call (as in my previous example) and echo it, e.g.
Code: Select all
$sql = "SELECT * from alt_bridge_pupils WHERE pupil = '%$pupil%'";
echo '<p>'.$sql.'</p>';Man Utd? 
Oh well. Anyway, getting back to PHP, as Mac said, where is the $pupil coming from? Your form seems to show only:
-Nay
edit: You might want to remove your username and password from mysql_connect(). I doubt most of us here would do any harm, but just some advice if you also post in other forums.
Oh well. Anyway, getting back to PHP, as Mac said, where is the $pupil coming from? Your form seems to show only:
So is it supposed to be:textfield
Code: Select all
$pupil = $_POST['textfield'];edit: You might want to remove your username and password from mysql_connect(). I doubt most of us here would do any harm, but just some advice if you also post in other forums.
-
phil speakman
- Forum Newbie
- Posts: 12
- Joined: Wed Oct 22, 2003 9:25 am
- Location: Liverpool
Yeah my bad well stoopid really
the new form reads
and it does send the string to images.php
http://members.lycos.co.uk/philspeakman/send.asp
if you wanna check - yeah i know its asp, but i am new to this php stuff and needed to see the string in the adddress bar to know it was being sent/recieved
the new form reads
Code: Select all
<form name="form1" method="get" action="images.php">
Input class name here:
<input type="text" name="pupil">
</form>http://members.lycos.co.uk/philspeakman/send.asp
if you wanna check - yeah i know its asp, but i am new to this php stuff and needed to see the string in the adddress bar to know it was being sent/recieved
-
phil speakman
- Forum Newbie
- Posts: 12
- Joined: Wed Oct 22, 2003 9:25 am
- Location: Liverpool
mMm, maybe this might help:
-Nay
Code: Select all
<?php
$con = @mysql_connect("localhost","xxxxx","xxxxx") or die(mysql_error());
$db = mysql_select_db("philspeakman_uk_db") or die(mysql_error());
echo <<< TABLE
<p>Here is a list of the images and classes that produced them.</p>
<table>
TABLE;
// avoid escaping PHP, just messes up the code imho
$search = "%" . $_POST['pupil'] . "%";
$q = "SELECT * FROM alt_bridge_pupils WHERE pupil = '{$search}'";
$result = @mysql_query($q, $con) or die(mysql_error());
while($row=mysql_fetch_array($result)) {
echo <<< SEARCH
<tr><td>
{$row ['pupil']}
</td></tr>
SEARCH;
}
echo "</table>";
?>Code: Select all
<?php
$result = "SELECT * from alt_bridge_pupils WHERE pupil like '$pupil'"
?>-
Cruzado_Mainfrm
- Forum Contributor
- Posts: 346
- Joined: Sun Jun 15, 2003 11:22 pm
- Location: Miami, FL
this is a wrong variable name, u should use $query instead, use $result for something like:ThaRebel wrote:Code: Select all
<?php $result = "SELECT * from alt_bridge_pupils WHERE pupil like '$pupil'" ?>
Code: Select all
<?php
$result = mysql_query($query,$db);
?>