Page 1 of 2
New guy, used to asp - help appriciated...
Posted: Wed Oct 22, 2003 9:25 am
by phil speakman
I have one page with this
<form name="form1" method="post" action="images.php">
Input class name here: <input type="text" name="textfield">
<input name="search_btn" type="submit" value="Find It">
</form>
being sent to images.php
which includes this
$result = @mysql_query('SELECT * from alt_bridge_pupils WHERE pupil like %.$pupil.%');
and i am recieving the error
You have an error in your SQL syntax near '%.$pupil.%' at line 1
Can anybody help??
Posted: Wed Oct 22, 2003 9:32 am
by Nay
hehe, ASP style. I also use ASP myself, but anyhow, getting back. In PHP, you do it with { and }. So:
Code: Select all
$result = @mysql_query("SELECT * from alt_bridge_pupils WHERE pupil like {$_POST['pupil']}");
Good luck,
-Nay
Posted: Wed Oct 22, 2003 9:32 am
by twigletmac
You need quotes around the string in the query and probably don't need the fullstops, try something like:
Code: Select all
$sql = "SELECT * FROM alt_bridge_pupils WHERE pupil LIKE '%{$_POST['pupil']}%'";
$result = @mysql_query($sql) or die(mysql_error().'<p>'.$sql.'</p>');
Always a good idea to validate user input before putting it directly into a SQL statement though...
Mac
Posted: Wed Oct 22, 2003 9:35 am
by devork
try this one
Code: Select all
<?php
$result = mysql_query("SELECT * from alt_bridge_pupils WHERE pupil like '%$pupil%' ") or die(mysql_error());
?>
Posted: Wed Oct 22, 2003 9:51 am
by phil speakman
ok to the first person who responded who i wanted to belive more cos i fell in love with your photo, i exchanged the lines and got this
Parse error: parse error in /data/members/free/tripod/uk/p/h/i/philspeakman/htdocs/images.php on line 19
and the second who i wanted to believe as you had more posts,
it returned all entries in the table.
Posted: Wed Oct 22, 2003 9:56 am
by Nay
LOL haha, my random avatar and Mac's uncountable posts. Now that's a match!
Well, anwyway, why don't you post the whole script here so we can help you out?
-Nay
ps: On the other hand, I happen to be a Liverpool FC fan

, well, you got to love the team if your there, right?

Posted: Wed Oct 22, 2003 10:03 am
by phil speakman
Well now i know you ain't that fit i can tell you i'm a united fan, but i hope you will still help..
First i'm not 100% that the variable is getting passed from the send page
Code: Select all
<form name="form1" method="post" action="images.php">
Input class name here: <input type="text" name="textfield">
<input name="search_btn" type="submit" value="Find It">
</form>
recieve page(original)
Code: Select all
<?php
$db = @mysql_connect("localhost","philspeakman","goatboy");
if (!$db){
die('<p>Unable to connect</p>');
}
if (!@mysql_select_db("philspeakman_uk_db")){
die('<p>Unable to connect</p>');
}
?>
<p>Here is a list of the images and classes that produced them.</p>
<table>
<?php
$result = @mysql_query('SELECT * from alt_bridge_pupils WHERE pupil = %$pupil%');
if(!$result){
die('<p>Error performing task: '.mysql_error().'</p>');
}
echo($result);
while($row = mysql_fetch_array($result)){
echo('<tr><td>'.$row ї'pupil'].'</td>');
}
?>
</table>
any thought much appriciated again
Posted: Wed Oct 22, 2003 10:07 am
by devork
lol seems all of 3 had replied with minutes difference ....
Posted: Wed Oct 22, 2003 10:43 am
by twigletmac
Where does $pupil come from? I thought it was coming from the form but obviously didn't look closely enough at that.
Is pupil a name, an ID or what? What do you get if you separate the SQL statement from the mysql_query() call (as in my previous example) and echo it, e.g.
Code: Select all
$sql = "SELECT * from alt_bridge_pupils WHERE pupil = '%$pupil%'";
echo '<p>'.$sql.'</p>';
Mac
Posted: Wed Oct 22, 2003 10:50 am
by Nay
Man Utd?
Oh well. Anyway, getting back to PHP, as Mac said, where is the $pupil coming from? Your form seems to show only:
textfield
So is it supposed to be:
-Nay
edit: You might want to remove your username and password from mysql_connect(). I doubt most of us here would do any harm, but just some advice if you also post in other forums.
Posted: Wed Oct 22, 2003 10:54 am
by phil speakman
Yeah my bad well stoopid really
the new form reads
Code: Select all
<form name="form1" method="get" action="images.php">
Input class name here:
<input type="text" name="pupil">
</form>
and it does send the string to images.php
http://members.lycos.co.uk/philspeakman/send.asp
if you wanna check - yeah i know its asp, but i am new to this php stuff and needed to see the string in the adddress bar to know it was being sent/recieved
Posted: Wed Oct 22, 2003 10:55 am
by phil speakman
home time now but i'm eagerly awaiting reading you help
muchos
Phil
Posted: Wed Oct 22, 2003 11:03 am
by Nay
mMm, maybe this might help:
Code: Select all
<?php
$con = @mysql_connect("localhost","xxxxx","xxxxx") or die(mysql_error());
$db = mysql_select_db("philspeakman_uk_db") or die(mysql_error());
echo <<< TABLE
<p>Here is a list of the images and classes that produced them.</p>
<table>
TABLE;
// avoid escaping PHP, just messes up the code imho
$search = "%" . $_POST['pupil'] . "%";
$q = "SELECT * FROM alt_bridge_pupils WHERE pupil = '{$search}'";
$result = @mysql_query($q, $con) or die(mysql_error());
while($row=mysql_fetch_array($result)) {
echo <<< SEARCH
<tr><td>
{$row ['pupil']}
</td></tr>
SEARCH;
}
echo "</table>";
?>
-Nay
Posted: Wed Oct 22, 2003 12:26 pm
by ThaRebel
Code: Select all
<?php
$result = "SELECT * from alt_bridge_pupils WHERE pupil like '$pupil'"
?>
just as simple as that. Could be wrong cuz i am myself an asp jesus, and a PHP noob!

Posted: Wed Oct 22, 2003 4:03 pm
by Cruzado_Mainfrm
ThaRebel wrote:Code: Select all
<?php
$result = "SELECT * from alt_bridge_pupils WHERE pupil like '$pupil'"
?>
this is a wrong variable name, u should use $query instead, use $result for something like:
Code: Select all
<?php
$result = mysql_query($query,$db);
?>