Page 2 of 2

Posted: Wed Nov 22, 2006 3:05 pm
by RobertGonzalez
Obadiah wrote:@everah= i implemented what you posted and got this
Warning: mysqli_query() expects parameter 1 to be mysqli, resource given in C:\Program Files\status_modified.php on line 35

Warning: mysqli_error() expects exactly 1 parameter, 0 given in C:\Program Files\status_modified.php on line 37
I think is becaused I used your connection link identifier of $cxn that was in the previous code. Your new connection identifier is $conn, so that would need to change.

Posted: Wed Nov 22, 2006 3:12 pm
by Obadiah
thats the weird thing...i noticed it and changed it and i still get that error...
Obadiah wrote:

Code: Select all

$check_num = $_POST['merchant_num']; 
// Validate $check_num here 

// Validation complete 

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = $check_num"; 
if (!$result = mysqli_query($conn, $sql)) 
{ 
    die(mysqli_error()); 
} 

if (mysqli_num_rows($result) > 0) 
{ 
        echo 'The merchant number ' . $check_num . ' has already been entered into the database please check merchant and try again'; 
} 

if(mysql_query($sql, $conn))
{
	header("Location: $next_program");
}
else
{
	echo "something went wrong";
}

Posted: Wed Nov 22, 2006 3:27 pm
by John Cartwright
you are using mysql_connect() link for a mysqli function.

hint, mysqli vs mysql

Posted: Wed Nov 22, 2006 3:41 pm
by Obadiah
ok...i changed it up to this

Code: Select all

$check_num = $_POST['merchant_num']; 
// Validate $check_num here 

// Validation complete 

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = $check_num"; 
if (!$result = mysql_query($sql, $conn))
{ 
    die(mysql_error()); 
} 

if (mysql_num_rows($result) > 0) 
{ 
        echo 'The merchant number ' . $check_num . ' has already been entered into the database please check merchant and try again'; 
} 

if(mysql_query($sql, $conn))
{
	header("Location: $next_program");
}
else
{
	echo "something went wrong";
}
althogh the warnings are gone i get
Unknown column '12345672wrhm' in 'where clause'
12345672wrhm is actually the value of a merchant_num being submitted similar to one in the db...im testing to see whether or not i can get this working

where is this error comming from?
[edited]
originally the error message read
Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in C:\Program Files\status_modified.php on line 33
which i figured the problem came from this line

Code: Select all

if (!$result = mysql_query($conn, $sql))
so i changed it to

Code: Select all

if (!$result = mysql_query($sql, $conn))
should i have done that?

Posted: Wed Nov 22, 2006 3:51 pm
by John Cartwright
so i changed it to

Code: Select all

if (!$result = mysql_query($sql, $conn))
should i have done that?
the manual wrote:resource mysql_query ( string query [, resource link_identifier] )
So, yes.
Unknown column '12345672wrhm' in 'where clause'
This is coming up because you have not quoted your value. Also, at mininum, pass your user input through mysql_real_escape_string() when you are expecting strings, and intval() when you are expecting numbers to avoid sql injection.

Code: Select all

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = ". intval($check_num);
In this case, since we are forcing our input into an integer, we do not need to quote the value. Typically you would like so

Code: Select all

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = '". mysql_real_escape_string($check_num)."'";
Now, what are you even trying to accomplish with your code? Why are you running your query twice? In plain English, try and explain what you have done.

Posted: Wed Nov 22, 2006 4:03 pm
by RobertGonzalez
Obadiah wrote:althogh the warnings are gone i get
Unknown column '12345672wrhm' in 'where clause'
12345672wrhm is actually the value of a merchant_num being submitted similar to one in the db...im testing to see whether or not i can get this working

where is this error comming from?
They are coming from trying to reference a string without quotes. Wrap the search var in single quotes.

Code: Select all

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = '$check_num'";
Sorry, I had made an assumption that since it was called 'num' that it was indeed a number. Since it is a string, it needs to be in single quotes.

Posted: Wed Nov 22, 2006 4:28 pm
by Obadiah
sorry about my lack of explination guys ill try to do better now here goes

Code: Select all

<?php
error_reporting(E_ALL); 
ini_set('display_errors', 1);
 
$conn = mysql_connect("localhost","root","Whatevermann123") or die(mysql_error());
mysql_select_db("customerdirectory",$conn) or die(mysql_error());
$next_program = "added.php";

$sql = "INSERT INTO merchant values('$_POST[merchant_num]',
										'$_POST[date_recieved]',
										'$_POST[merchant_name]',
										'$_POST[purchase_type]',
										'$_POST[lease_score]',
										'$_POST[amex]',
										'$_POST[app_id]',
										'$_POST[discover]',
										'$_POST[user_name]',
										'$_POST[check_conversion]',
										'$_POST[gift_loyalty]',
										'$_POST[app_type]',
										'$_POST[terminal]',
										'$_POST[serial_num]',
										'$_POST[nms]',
										'$_POST[ckmerchant_num]',
										'$_POST[giftmerchant_num]',
										'$_POST[comments]')";
all im doin in this first part is first reporting my errors then inserting the fields on my form into the database with the INSERT query

Code: Select all

$check_num = $_POST['merchant_num'];
(much thanks to everah for the original write of this half :) )
here a im taking the value of the number or merchant_num that is being posted and giving it the variable name $check_num

Code: Select all

// Validate $check_num here 

// Validation complete 

$sql = "SELECT `merchant_num` FROM `merchant` WHERE `merchant_num` = '". mysql_real_escape_string($check_num)."'"; 
if (!$result = mysql_query($sql, $conn))
{ 
    die(mysql_error()); 
}
this is where i actually make the comparison of the number entered in text field merchant_num to the numbers stored in the database under the column merchant_num

Code: Select all

if (mysql_num_rows($result) > 0) 
{ 
        echo 'The merchant number ' . $check_num . ' has already exists. Please check merchant information and try again'; 
} 
else
{
	header("Location: $next_program");
}
this last part finds that row saying that if the that number exist or $result >0 then give me that message


but thats all i wanted to do....originally the script would say something went wrong if a similar number was entered in merchant_num...which it should because merchant_num is the primary key in the database...but i wanted to find a way so that when someone does that it tells them why something is wrong....instead of telling them something is wrong which was originally a message for me that i screwed up somewhere in my coding via this

Code: Select all

/*else if(mysql_query($sql, $conn))
{
	header("Location: $next_program");
}
else
{
	echo "something went wrong";
}*/

//commented out because i couldnt figure out a way to use it with my other if without php throwing a fit at me  
?>
theres my explanation guys...thanks to all of you for your help