Page 1 of 1

how to pass a string ignoring uppercase or smallcase...

Posted: Mon Sep 17, 2007 5:34 am
by zamurai
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


My html file contains:
[syntax="html"]
<html>
..
..
...
<a href="data.php?product=Nike">

..
..
.
.
</html>


data.php contains:[/syntax]

Code: Select all

<?php
....

...
....
...
$productn = $_GET['product'];
$result = mysql_query("SELECT * FROM data where product = '" .$productn. "' ");
..
.
.
<td align="left"><b><font size=3>' . $productn['productname'] . '</b></td>
....
?>

In my database:

Code: Select all

productname                    size                 price
Nike                                     xx                   xxx




There is nothing wrong with the databse.
I don't know why I can't retrieve the product, I think it doesn't recognize the case of the word "Nike" in the html file, i think after the Nike from GET is passed to $productn, it becomes "nike" instead of "Nike".Am I right? Is there anything wrong?


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Mon Sep 17, 2007 5:42 am
by volka
please try

Code: Select all

$productn = $_GET['product'];
$query = "SELECT * FROM data where product = '" .$productn. "' ";
echo '<div>Debug: ', htmlentities($query), "</div>\n";
$result = mysql_query($query) or die(mysql_error($query)); 
echo '<div>Debug: #', mysql_num_rows($result), "</div>\n";

Posted: Mon Sep 17, 2007 5:46 am
by CoderGoblin
Not sure on mysql syntax (postgres you use UPPER or LOWER) but normally you would save the information in the database either in uppercase or lowercase or modify your select to do it on the fly. For PHP you can use the strtoupper or strtolower commands. Your sql would therefore be

Code: Select all

SELECT * FROM data where UPPER(product) = '" .strtoupper($productn). "'"
You should also use mysql_real_escape_string when looking for things provided by a user via a $_GET or $_POST to prevent SQL Injection attacks (look at the link for an example).

Code: Select all

$productn = mysql_real_escape_string($_GET['product']);

Posted: Mon Sep 17, 2007 5:46 am
by zamurai
volka wrote:please try

Code: Select all

$productn = $_GET['product'];
$query = "SELECT * FROM data where product = '" .$productn. "' ";
echo '<div>Debug: ', htmlentities($query), "</div>\n";
$result = mysql_query($query) or die(mysql_error($query)); 
echo '<div>Debug: #', mysql_num_rows($result), "</div>\n";

Whao, thanx for the quick reply. but hmmm, mind to explain what does it mean?

Posted: Mon Sep 17, 2007 5:59 am
by volka
It adds debug output and basic error handling to your code.

Posted: Mon Sep 17, 2007 6:11 am
by zamurai
volka wrote:It adds debug output and basic error handling to your code.

only show:


Debug:
Debug: #1



nothing else. so what does it mean?

Posted: Mon Sep 17, 2007 6:17 am
by volka
zamurai wrote:so what does it mean?
That you've made a mistake ;)
volka wrote:$query = "SELECT * FROM data where product = '" .$productn. "' ";
echo '<div>Debug: ', htmlentities($query), "</div>\n";
It's impossible that the first echo only prints Debug:,
for two reasons:
- $query must at least contain the static string 'SELECT ...
- Debug: #1 suggest that mysql_query($query) succeeded, it wouldn't if $query was empty.
echo '<div>Debug: #', mysql_num_rows($result), "</div>\n";
prints the number of records that your query returned. There is one record in your result set.

Posted: Mon Sep 17, 2007 6:32 am
by zamurai
viola!!!!!!! it works now. Thanx guys. Thanx a million..