Page 1 of 2

New guy, used to asp - help appriciated...

Posted: Wed Oct 22, 2003 9:25 am
by phil speakman
I have one page with this
<form name="form1" method="post" action="images.php">
Input class name here: <input type="text" name="textfield">
<input name="search_btn" type="submit" value="Find It">
</form>

being sent to images.php

which includes this

$result = @mysql_query('SELECT * from alt_bridge_pupils WHERE pupil like %.$pupil.%');

and i am recieving the error
You have an error in your SQL syntax near '%.$pupil.%' at line 1

Can anybody help??

Posted: Wed Oct 22, 2003 9:32 am
by Nay
hehe, ASP style. I also use ASP myself, but anyhow, getting back. In PHP, you do it with { and }. So:

Code: Select all

$result = @mysql_query("SELECT * from alt_bridge_pupils WHERE pupil like {$_POST['pupil']}");
Good luck,

-Nay

Posted: Wed Oct 22, 2003 9:32 am
by twigletmac
You need quotes around the string in the query and probably don't need the fullstops, try something like:

Code: Select all

$sql = "SELECT * FROM alt_bridge_pupils WHERE pupil LIKE '%{$_POST['pupil']}%'";
$result = @mysql_query($sql) or die(mysql_error().'<p>'.$sql.'</p>');
Always a good idea to validate user input before putting it directly into a SQL statement though...

Mac

Posted: Wed Oct 22, 2003 9:35 am
by devork
try this one

Code: Select all

<?php

$result = mysql_query("SELECT * from alt_bridge_pupils WHERE pupil like '%$pupil%' ") or die(mysql_error()); 

?>

Posted: Wed Oct 22, 2003 9:51 am
by phil speakman
ok to the first person who responded who i wanted to belive more cos i fell in love with your photo, i exchanged the lines and got this

Parse error: parse error in /data/members/free/tripod/uk/p/h/i/philspeakman/htdocs/images.php on line 19

and the second who i wanted to believe as you had more posts,
it returned all entries in the table.

Posted: Wed Oct 22, 2003 9:56 am
by Nay
LOL haha, my random avatar and Mac's uncountable posts. Now that's a match! ;-)

Well, anwyway, why don't you post the whole script here so we can help you out?

-Nay

ps: On the other hand, I happen to be a Liverpool FC fan :D, well, you got to love the team if your there, right? :lol:

Posted: Wed Oct 22, 2003 10:03 am
by phil speakman
Well now i know you ain't that fit i can tell you i'm a united fan, but i hope you will still help..

First i'm not 100% that the variable is getting passed from the send page

Code: Select all

<form name="form1" method="post" action="images.php">
  Input class name here: <input type="text" name="textfield">
  <input name="search_btn" type="submit" value="Find It">
</form>
recieve page(original)

Code: Select all

<?php
 $db = @mysql_connect("localhost","philspeakman","goatboy");
 if (!$db)&#123;
 	die('<p>Unable to connect</p>'); 
 &#125;
 if (!@mysql_select_db("philspeakman_uk_db"))&#123;
 	die('<p>Unable to connect</p>');
 &#125;
 ?>
 <p>Here is a list of the images and classes that produced them.</p>
 <table>
 <?php
 
 $result = @mysql_query('SELECT * from alt_bridge_pupils WHERE pupil = %$pupil%');
 
 
 	if(!$result)&#123;
	
	die('<p>Error performing task: '.mysql_error().'</p>');
	&#125;
	echo($result);
	
	while($row = mysql_fetch_array($result))&#123;
		echo('<tr><td>'.$row &#1111;'pupil'].'</td>');
	&#125;
  ?>
  </table>
any thought much appriciated again

Posted: Wed Oct 22, 2003 10:07 am
by devork
lol seems all of 3 had replied with minutes difference ....

Posted: Wed Oct 22, 2003 10:43 am
by twigletmac
Where does $pupil come from? I thought it was coming from the form but obviously didn't look closely enough at that.

Is pupil a name, an ID or what? What do you get if you separate the SQL statement from the mysql_query() call (as in my previous example) and echo it, e.g.

Code: Select all

$sql = "SELECT * from alt_bridge_pupils WHERE pupil = '%$pupil%'";
echo '<p>'.$sql.'</p>';
Mac

Posted: Wed Oct 22, 2003 10:50 am
by Nay
Man Utd? :lol:

Oh well. Anyway, getting back to PHP, as Mac said, where is the $pupil coming from? Your form seems to show only:
textfield
So is it supposed to be:

Code: Select all

$pupil = $_POST['textfield'];
-Nay

edit: You might want to remove your username and password from mysql_connect(). I doubt most of us here would do any harm, but just some advice if you also post in other forums.

Posted: Wed Oct 22, 2003 10:54 am
by phil speakman
Yeah my bad well stoopid really
the new form reads

Code: Select all

<form name="form1" method="get" action="images.php">
  Input class name here: 
  <input type="text" name="pupil">
 
</form>
and it does send the string to images.php
http://members.lycos.co.uk/philspeakman/send.asp

if you wanna check - yeah i know its asp, but i am new to this php stuff and needed to see the string in the adddress bar to know it was being sent/recieved


Posted: Wed Oct 22, 2003 10:55 am
by phil speakman
home time now but i'm eagerly awaiting reading you help
muchos
Phil

Posted: Wed Oct 22, 2003 11:03 am
by Nay
mMm, maybe this might help:

Code: Select all

<?php
$con = @mysql_connect("localhost","xxxxx","xxxxx") or die(mysql_error());
$db = mysql_select_db("philspeakman_uk_db") or die(mysql_error());

echo <<< TABLE
<p>Here is a list of the images and classes that produced them.</p>
<table>
TABLE;

// avoid escaping PHP, just messes up the code imho

$search = "%" . $_POST['pupil'] . "%";
$q = "SELECT * FROM alt_bridge_pupils WHERE pupil = '{$search}'";
$result = @mysql_query($q, $con) or die(mysql_error());

while($row=mysql_fetch_array($result)) {
echo <<< SEARCH
<tr><td>
{$row ['pupil']}
</td></tr>
SEARCH;
}

echo "</table>";

?>
-Nay

Posted: Wed Oct 22, 2003 12:26 pm
by ThaRebel

Code: Select all

<?php
$result = "SELECT * from alt_bridge_pupils WHERE pupil like '$pupil'" 
?>
just as simple as that. Could be wrong cuz i am myself an asp jesus, and a PHP noob! :twisted:

Posted: Wed Oct 22, 2003 4:03 pm
by Cruzado_Mainfrm
ThaRebel wrote:

Code: Select all

<?php
$result = "SELECT * from alt_bridge_pupils WHERE pupil like '$pupil'" 
?>
this is a wrong variable name, u should use $query instead, use $result for something like:

Code: Select all

<?php
$result = mysql_query($query,$db);
?>