Page 1 of 1

Variables in Querys

Posted: Mon Sep 29, 2008 10:43 am
by Dirk Breeuwer
Hello, I am a begginer at PHP and well, web programing in general. I am building a voting website, controlled by PHP and MySQL. It cosists of a login page, a voting page, and a admin page. Everything is going fine, but I am stuck in the voting part. I want to update the database, and insert data into the user that voted.

This is the table strucutre:

ImageImage

This is the code I am using

Code: Select all

$username = '[i]This variable is the session username[/i]';
 
//conect to database
 
$db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die ("Error connecting to database.");
mysql_select_db("$dbDatabase", $db) or die ("Couldn't select the database.");
 
$query = 'UPDATE `vidaguat_montessori2`.`users` SET `voted` = \'1\', `time` = CURTIME(), `partido` = \'Partido1\' WHERE `users`.username = '$username' LIMIT 1;';
mysql_query($query) or die ('Error, query failed');
 
}
What I am trying to do is, to post 1 (So the database knows this user posted), to set the voting time, and to write which team (partido) the user voted for.

I get this error:


Parse error: syntax error, unexpected T_VARIABLE in /home/vidaguat/public_html/montessori2/vote1.php on line 19


Anyone knows what I am doing wrong?

Re: Variables in Querys

Posted: Mon Sep 29, 2008 11:23 am
by onion2k
Well, you have a problem on line 19, but you only posted 11 lines of code, so we can't be certain which line is line 19... that makes things tricky.

However, the problem is very likely to be on line 8 .. the query. You're using single quotes all the way through it without backslashing the ones inside. Just think about what PHP is doing when it gets to that line... when you open a string it'll close again at the next matching token. If you open it with a single quote then the next single quote will close it. Eg

Code: Select all

$query = 'UPDATE `vidaguat_montessori2`.`users` SET `voted` = '

Re: Variables in Querys

Posted: Mon Sep 29, 2008 2:21 pm
by Dirk Breeuwer
Thanks for the quick reply. That helped me with the error. Now my query is failing. Look at the new code:

Code: Select all

<?php
 
session_start();
 
if(session_is_registered('username')){
 
//database variables
$dbHost = "******";
$dbUser = "********";
$dbPass = "********";
$dbDatabase = "********";
$username = 'username';
 
//conect to database
 
$db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die ("Error connecting to database.");
mysql_select_db("$dbDatabase", $db) or die ("Couldn't select the database.");
 
$query = "UPDATE `vidaguat_montessori`.`users` SET `voted` = \'1\', `time` = CURTIME(), `partido` = \'Partido1\' WHERE `users`.`username` = '$username' LIMIT 1;";
mysql_query($query) or die ('Error, query failed');
 
}
 
else {
 
header( "Location: ./error1.html" );  }
 
 
?>
 
ImageImage

I get the die response (Error, query failed). I am not sure if I am setting the variable $username correctly. I want that variable to be the name that is within the session. And I want to post into that username inside the MySQL database.

Thanks in advance,

Dirk Breeuwer

Problem Solved

Posted: Mon Sep 29, 2008 3:53 pm
by Dirk Breeuwer
Ok, I solved it. Thanks. Here is the final code:

Code: Select all

 
<?php
 
session_start();
 
if(session_is_registered('username')){
 
//database variables
$dbHost = "localhost";
$dbUser = "****";
$dbPass = "*******";
$dbDatabase = "*****";
$username = $_SESSION['username'];
$true = "1";
$partido = "Partido1";
 
//conect to database
 
$db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die ("Error connecting to database.");
mysql_select_db("$dbDatabase", $db) or die ("Couldn't select the database.");
 
echo $username ;
 
$query = "UPDATE users SET voted='$true' , time=CURTIME(), partido='$partido' WHERE username='$username'";
mysql_query($query) or die ('Error, query failed');
 
}
 
else {
 
header( "Location: ./error1.html" );  }
 
 
?>
 

Re: Variables in Querys

Posted: Tue Sep 30, 2008 5:14 am
by VladSun
In my opinion, you should not use a string (char, varchar) column as a key because it is slow to search by. Add an int or bigint column "id", make it a primary key. Then use the id column instead of username column in your where clause.