Page 1 of 1

Error displaying results from MySQL Db

Posted: Sun Oct 08, 2006 5:36 pm
by dclamp
I am having errors viewing the content of a database. here is the code i am using:

Code: Select all

<?php 
			//build our query 
			mysql_connect('localhost', 'homtek_dclamp', 'my_password'); 
			mysql_select_db('homtek_homtek'); 
			$query = mysql_query("SELECT * `news`"); 
			//loop through each record 
			while($array = mysql_fetch_array($query)){ 
				//print out the field values and values using print_r 
				echo '<pre>'; 
				print_r($array); 
				echo '</pre>'; 
				//using print_r is just to show every value, if you want to select 
				// --> a specific value, you can use this syntax: 
				// --> $array['field1'] 
			} 
			?>
here is there error:

Code: Select all

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /usr/home/homtek/public_html/admin/view_news.php on line 69

Posted: Sun Oct 08, 2006 6:48 pm
by volka
mysql_query returns either an MySQL result resource or -if there an error occured- false.
If mysql_fetch_array grumble about the return value it probably was false - the query failed.
http://de2.php.net/mysql_error[quote]mysql_error -- Returns the text of the error message from previous MySQL operation[/quote]
=>

Code: Select all

<?php
//build our query
$db = mysql_connect('localhost', 'homtek_dclamp', 'my_password') or die(mysql_error());
mysql_select_db('homtek_homtek', $db) or die(mysql_error());
$query = "SELECT * `news`";
$query = mysql_query($query, $db) or die(mysql_error());
//loop through each record
while($array = mysql_fetch_array($query)) {
	//print out the field values and values using print_r
	echo '<pre>';
	print_r($array);
	echo '</pre>';
	//using print_r is just to show every value, if you want to select
	// --> a specific value, you can use this syntax:
	// --> $array['field1']
}
?>

Posted: Sun Oct 08, 2006 6:58 pm
by dclamp
that code doesnt work either?

here is where the code is: http://www.homtek.net/admin/view_news.php
you will need to login, password & username = test

Posted: Sun Oct 08, 2006 7:01 pm
by volka
dclamp wrote:that code doesnt work either?
No, it should only print a more useful error message. And it did
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'news`' at line 1
SELECT * FROM `news`

Posted: Sun Oct 08, 2006 7:02 pm
by dclamp
ok, now it displays "?>"

Posted: Sun Oct 08, 2006 7:03 pm
by volka
You did something wrong then.

Posted: Sun Oct 08, 2006 7:08 pm
by dclamp
ok thanks!

i guess my code to add info to the db is not working then... here it is:

Code: Select all

if(isset($_POST['subject'], $_POST['content'], $_POST['poster'])){ 
				//form was submitted, do some error checking on the variables submitted and add in your query here 
				//for example: 
				mysql_connect('localhost', 'homtek_dclamp', 'password'); 
				mysql_select_db('homtek_homtek'); 
				mysql_query("INSERT INTO table VALUES('" . $_POST['content'] . "', '" . $_POST['poster'] . "', '" . $_POST['subject'] . "')"); 
				echo "News has been added to database.";
				echo "<a href='main.php'>Main Page</a>";
			}else{ 
			?> 
			<form action="add_news.php" method="POST">
			Subject:<br>
			<input type=text maxlength="25" name="subject"><br><br>
			News Content:<br>
			<textarea name="content"></textarea><br>
			<input type="hidden" name="poster" value="<?PHP echo $logged_in_admin; ?>">
			<input type="hidden" name="date" value="DATE_HERE">
			<input type="submit" value="Submit"> <input type="reset" value="Reset Form">
			</form>
			<? } ?>

Posted: Sun Oct 08, 2006 7:14 pm
by volka
try

Code: Select all

<?php
if(isset($_POST['subject'], $_POST['content'], $_POST['poster'])) {
	//form was submitted, do some error checking on the variables submitted and add in your query here
	//for example:
	$db = mysql_connect('localhost', 'homtek_dclamp', 'moiola') or die(mysql_error());
	mysql_select_db('homtek_homtek', $db) or die(mysql_error());
	
	$sContent = mysql_real_escape_string($_POST['content']);
	$sPoster = mysql_real_escape_string($_POST['poster']);
	$sSubject = mysql_real_escape_string($_POST['subject']);
	
	$query = "INSERT INTO
			table
		VALUES
			('$sContent', '$sPoster', '$sSubject')";

	mysql_query($query, $db) or die(mysql_error());
	echo "News has been added to database.";
	echo '<pre>', $query, '</pre>';
	echo "<a href='main.php'>Main Page</a>";
}
else {
?>
	<form action="add_news.php" method="POST">
	[...]
</form>
<? } ?>
see http://php.net/mysql_real_escape_string and http://en.wikipedia.org/wiki/SQL_injection

Posted: Sun Oct 08, 2006 7:22 pm
by dclamp
ok, works great.

when i view the info on the table (view_news.php) it shows it to my in a weird way. i want it to display in like a html table.

i want it kinda like Date Posted and Poster in one column and the news in another column