checking for the existence of a value

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Obadiah wrote:@everah= i implemented what you posted and got this
Warning: mysqli_query() expects parameter 1 to be mysqli, resource given in C:\Program Files\status_modified.php on line 35

Warning: mysqli_error() expects exactly 1 parameter, 0 given in C:\Program Files\status_modified.php on line 37
I think is becaused I used your connection link identifier of $cxn that was in the previous code. Your new connection identifier is $conn, so that would need to change.
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

Post by Obadiah »

thats the weird thing...i noticed it and changed it and i still get that error...
Obadiah wrote:

Code: Select all

$check_num = $_POST['merchant_num']; 
// Validate $check_num here 

// Validation complete 

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = $check_num"; 
if (!$result = mysqli_query($conn, $sql)) 
{ 
    die(mysqli_error()); 
} 

if (mysqli_num_rows($result) > 0) 
{ 
        echo 'The merchant number ' . $check_num . ' has already been entered into the database please check merchant and try again'; 
} 

if(mysql_query($sql, $conn))
{
	header("Location: $next_program");
}
else
{
	echo "something went wrong";
}
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

you are using mysql_connect() link for a mysqli function.

hint, mysqli vs mysql
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

Post by Obadiah »

ok...i changed it up to this

Code: Select all

$check_num = $_POST['merchant_num']; 
// Validate $check_num here 

// Validation complete 

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = $check_num"; 
if (!$result = mysql_query($sql, $conn))
{ 
    die(mysql_error()); 
} 

if (mysql_num_rows($result) > 0) 
{ 
        echo 'The merchant number ' . $check_num . ' has already been entered into the database please check merchant and try again'; 
} 

if(mysql_query($sql, $conn))
{
	header("Location: $next_program");
}
else
{
	echo "something went wrong";
}
althogh the warnings are gone i get
Unknown column '12345672wrhm' in 'where clause'
12345672wrhm is actually the value of a merchant_num being submitted similar to one in the db...im testing to see whether or not i can get this working

where is this error comming from?
[edited]
originally the error message read
Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in C:\Program Files\status_modified.php on line 33
which i figured the problem came from this line

Code: Select all

if (!$result = mysql_query($conn, $sql))
so i changed it to

Code: Select all

if (!$result = mysql_query($sql, $conn))
should i have done that?
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

so i changed it to

Code: Select all

if (!$result = mysql_query($sql, $conn))
should i have done that?
the manual wrote:resource mysql_query ( string query [, resource link_identifier] )
So, yes.
Unknown column '12345672wrhm' in 'where clause'
This is coming up because you have not quoted your value. Also, at mininum, pass your user input through mysql_real_escape_string() when you are expecting strings, and intval() when you are expecting numbers to avoid sql injection.

Code: Select all

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = ". intval($check_num);
In this case, since we are forcing our input into an integer, we do not need to quote the value. Typically you would like so

Code: Select all

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = '". mysql_real_escape_string($check_num)."'";
Now, what are you even trying to accomplish with your code? Why are you running your query twice? In plain English, try and explain what you have done.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Obadiah wrote:althogh the warnings are gone i get
Unknown column '12345672wrhm' in 'where clause'
12345672wrhm is actually the value of a merchant_num being submitted similar to one in the db...im testing to see whether or not i can get this working

where is this error comming from?
They are coming from trying to reference a string without quotes. Wrap the search var in single quotes.

Code: Select all

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = '$check_num'";
Sorry, I had made an assumption that since it was called 'num' that it was indeed a number. Since it is a string, it needs to be in single quotes.
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

Post by Obadiah »

sorry about my lack of explination guys ill try to do better now here goes

Code: Select all

<?php
error_reporting(E_ALL); 
ini_set('display_errors', 1);
 
$conn = mysql_connect("localhost","root","Whatevermann123") or die(mysql_error());
mysql_select_db("customerdirectory",$conn) or die(mysql_error());
$next_program = "added.php";

$sql = "INSERT INTO merchant values('$_POST[merchant_num]',
										'$_POST[date_recieved]',
										'$_POST[merchant_name]',
										'$_POST[purchase_type]',
										'$_POST[lease_score]',
										'$_POST[amex]',
										'$_POST[app_id]',
										'$_POST[discover]',
										'$_POST[user_name]',
										'$_POST[check_conversion]',
										'$_POST[gift_loyalty]',
										'$_POST[app_type]',
										'$_POST[terminal]',
										'$_POST[serial_num]',
										'$_POST[nms]',
										'$_POST[ckmerchant_num]',
										'$_POST[giftmerchant_num]',
										'$_POST[comments]')";
all im doin in this first part is first reporting my errors then inserting the fields on my form into the database with the INSERT query

Code: Select all

$check_num = $_POST['merchant_num'];
(much thanks to everah for the original write of this half :) )
here a im taking the value of the number or merchant_num that is being posted and giving it the variable name $check_num

Code: Select all

// Validate $check_num here 

// Validation complete 

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = '". mysql_real_escape_string($check_num)."'"; 
if (!$result = mysql_query($sql, $conn))
{ 
    die(mysql_error()); 
}
this is where i actually make the comparison of the number entered in text field merchant_num to the numbers stored in the database under the column merchant_num

Code: Select all

if (mysql_num_rows($result) > 0) 
{ 
        echo 'The merchant number ' . $check_num . ' has already exists. Please check merchant information and try again'; 
} 
else
{
	header("Location: $next_program");
}
this last part finds that row saying that if the that number exist or $result >0 then give me that message


but thats all i wanted to do....originally the script would say something went wrong if a similar number was entered in merchant_num...which it should because merchant_num is the primary key in the database...but i wanted to find a way so that when someone does that it tells them why something is wrong....instead of telling them something is wrong which was originally a message for me that i screwed up somewhere in my coding via this

Code: Select all

/*else if(mysql_query($sql, $conn))
{
	header("Location: $next_program");
}
else
{
	echo "something went wrong";
}*/

//commented out because i couldnt figure out a way to use it with my other if without php throwing a fit at me  
?>
theres my explanation guys...thanks to all of you for your help
Post Reply