Page 1 of 1

Problem with database connection script

Posted: Fri Aug 03, 2007 3:28 pm
by smudge
Hello, I have a simple db script that makes it easier for me to work with mysql, but it doesn't seem to be working.
db.php:

Code: Select all

<?php
/**********
MySQL Connection Class
***********/
class mysql{
  private $conn;
  private $sql;
  private $result;
  private $db;
  private $dbname;
  public $result_arr;
  public $result_obj;
  
  public function __construct($dbname,$host='host',$pass='pass',$user='user'){
    //echo "Connecting...";
    $this->conn=mysql_connect($host,$user,$pass) or die(mysql_error());
    $this->dbname=$dbname;
    //echo "Selecting DB...";
    $this->db=mysql_select_db($dbname) or die(mysql_error());
  }
  
  public function query($q,$ret='obj'){
    //echo "Getting escaped string...";
    $this->sql=$q=mysql_real_escape_string($q) or die(mysql_error());
    //echo "Getting result...";
    $this->result=$r=mysql_query($q) or die(mysql_error());
    //echo "Formatting results...";
    for($i=0;$i<mysql_num_rows($r);$i++){
      $this->result_obj[$i]=mysql_fetch_object($r) or die(mysql_error());
      $this->result_arr[$i]=mysql_fetch_assoc($r) or die(mysql_error());
    }
    //echo "Finished query";
    return ($ret=='obj')? $this->result_obj : $this->result_arr;
  }

?>
and heres the page it's implemented in:

Code: Select all

<?php
include "auth.php";
include "db.php";
$doc=$_GET['reg'];
$title=$_GET['title'];
$comments=($_GET['comments']!='' && $_GET['comments']) $_GET['comments'] : '';

$db=new mysql('db') or die('Could not connect to server');

$in_db=$db->query('SELECT * FROM `updating_files` WHERE `path` = '.$doc) or die('Could not query server');

$msg="";

if (count($in_db) > 0){
  $msg="The file $doc is already registered in the database. Go <a href='' onclick='history.go(-1)'>back</a> for other files.";
} else {
  $db->query("INSERT INTO `updating_files` (`ID`,`title`,`path`,`comments`,`type`) VALUES ('','$title','$doc','$comments','standard')") or die('Could not query server');
  $msg="The file $doc has been registered. Go <a href='' onclick='history.go(-1)'>back</a> for other files.";
}

?>
<html>
<head><title>Blah...</title></head>
<body>
<?php echo $msg ?>
</body>
</html>
Whenever I view that second page, firefox comes back with nothing at all. I know this is probably something stupid I missed, but any help would be appreciated.

Posted: Fri Aug 03, 2007 3:43 pm
by guitarlvr
add a semicolon after var and before close. Thats causing a parse error.

Code: Select all

<html>
<head><title>Blah...</title></head>
<body>
<?php echo $msg; ?>
</body>
</html>

Posted: Fri Aug 03, 2007 4:16 pm
by smudge
I missed that, but it's still not working. It's still coming up w/ nothing.

Posted: Fri Aug 03, 2007 8:14 pm
by smudge
Ok, just realized I was missing a closing bracket for the class, but now I get an error for querying this:
"SELECT * FROM `updating_files` WHERE `path` = '$doc'"
When it runs, $doc is ../jun.txt
With mysql_real_escape_string(), it evaluates to

SELECT * FROM `updating_files` WHERE `path` = \'../jun.txt\'

the error is around \'../jun.txt\'

I'm fairly certain that the error is because it's escaping the quotes, but when I take them out, there's still an error around ../jun.txt